Updated claims on OpenId/OAuth

* updated claim nickname to be user identifier
* added sub claim to endpoint /api/v1/userinfo/me
* fixed broken test

Change-Id: I9c34e5c2271ba5bcf7e480ea31530d1717fb0e09
This commit is contained in:
Sebastian Marcet 2017-04-12 00:37:06 -03:00
parent 8bfc282634
commit b459998364
4 changed files with 21 additions and 16 deletions

View File

@ -39,6 +39,7 @@ final class EloquentResourceServerRepository
*/
public function getByHost($host)
{
if(!is_array($host)) $host = [$host];
return $this->entity->whereIn('host', $host)->first();
}

View File

@ -127,13 +127,14 @@ class UserService extends OAuth2ProtectedService implements IUserService
$pic_url = $current_user->getPic();
$pic_url = str_contains($pic_url, 'http') ? $pic_url : $assets_url . $pic_url;
$data[StandardClaims::Name] = $current_user->getFullName();
$data[StandardClaims::GivenName] = $current_user->getFirstName();
$data[StandardClaims::FamilyName] = $current_user->getLastName();
$data[StandardClaims::NickName] = $current_user->getNickName();
$data[StandardClaims::Picture] = $pic_url;
$data[StandardClaims::Birthdate] = $current_user->getDateOfBirth();
$data[StandardClaims::Gender] = $current_user->getGender();
$data[StandardClaims::Name] = $current_user->getFullName();
$data[StandardClaims::GivenName] = $current_user->getFirstName();
$data[StandardClaims::FamilyName] = $current_user->getLastName();
$data[StandardClaims::NickName] = $current_user->getIdentifier();
$data[StandardClaims::SubjectIdentifier] = $current_user->getAuthIdentifier();
$data[StandardClaims::Picture] = $pic_url;
$data[StandardClaims::Birthdate] = $current_user->getDateOfBirth();
$data[StandardClaims::Gender] = $current_user->getGender();
}
if (in_array(self::UserProfileScope_Email, $scopes)) {
// Email Claim

View File

@ -76,15 +76,15 @@ class OpenIdSREGExtension_1_0 extends OpenIdExtension
$this->auth_service = $auth_service;
self::$available_properties[OpenIdSREGExtension::Nickname] = OpenIdSREGExtension::Nickname;
self::$available_properties[OpenIdSREGExtension::Email] = OpenIdSREGExtension::Email;
self::$available_properties[OpenIdSREGExtension::FullName] = OpenIdSREGExtension::FullName;
self::$available_properties[OpenIdSREGExtension::Country] = OpenIdSREGExtension::Country;
self::$available_properties[OpenIdSREGExtension::Language] = OpenIdSREGExtension::Language;
self::$available_properties[OpenIdSREGExtension::Gender] = OpenIdSREGExtension::Gender;
self::$available_properties[OpenIdSREGExtension::Nickname] = OpenIdSREGExtension::Nickname;
self::$available_properties[OpenIdSREGExtension::Email] = OpenIdSREGExtension::Email;
self::$available_properties[OpenIdSREGExtension::FullName] = OpenIdSREGExtension::FullName;
self::$available_properties[OpenIdSREGExtension::Country] = OpenIdSREGExtension::Country;
self::$available_properties[OpenIdSREGExtension::Language] = OpenIdSREGExtension::Language;
self::$available_properties[OpenIdSREGExtension::Gender] = OpenIdSREGExtension::Gender;
self::$available_properties[OpenIdSREGExtension::DateOfBirthday] = OpenIdSREGExtension::DateOfBirthday;
self::$available_properties[OpenIdSREGExtension::Postcode] = OpenIdSREGExtension::Postcode;
self::$available_properties[OpenIdSREGExtension::Timezone] = OpenIdSREGExtension::Timezone;
self::$available_properties[OpenIdSREGExtension::Postcode] = OpenIdSREGExtension::Postcode;
self::$available_properties[OpenIdSREGExtension::Timezone] = OpenIdSREGExtension::Timezone;
}
/**
@ -152,6 +152,9 @@ class OpenIdSREGExtension_1_0 extends OpenIdExtension
if ($attr == self::Nickname || $attr == self::FullName) {
$response->addParam(self::param($attr), $user->getFullName());
}
if ($attr == self::Nickname) {
$response->addParam(self::param($attr), $user->getIdentifier());
}
if ($attr == self::Language) {
$response->addParam(self::param($attr), $user->getLanguage());
}

View File

@ -635,7 +635,7 @@ class OpenIdProtocolTest extends OpenStackIDBaseTest
//set login info
Session::set("openid.authorization.response", IAuthService::AuthorizationResponse_AllowForever);
$sreg_required_params = array('email', 'fullname');
$sreg_required_params = array('email', 'fullname', 'nickname');
$params = array(
OpenIdProtocol::param(OpenIdProtocol::OpenIDProtocol_NS) => OpenIdProtocol::OpenID2MessageType,