0002-idp_oidc-export-claim-even-if-source-attribute-is-ab.patch
src/authentic2_idp_oidc/utils.py | ||
---|---|---|
174 | 174 |
'service': client, |
175 | 175 |
'__wanted_attributes': client.get_wanted_attributes(), |
176 | 176 |
}) |
177 |
for claim in client.oidcclaim_set.filter(name__isnull=False): |
|
177 |
claims = client.oidcclaim_set.filter(name__isnull=False) |
|
178 |
for claim in claims: |
|
178 | 179 |
if not set(claim.get_scopes()).intersection(scope_set): |
179 | 180 |
continue |
180 |
if not claim.value in attributes:
|
|
181 |
if claim.value not in attributes:
|
|
181 | 182 |
continue |
182 |
user_info[claim.name] = normalize_claim_values(attributes[claim.value]) |
|
183 |
attribute_value = attributes[claim.value] |
|
184 |
if attribute_value is None: |
|
185 |
continue |
|
186 |
user_info[claim.name] = normalize_claim_values(attribute_value) |
|
183 | 187 |
# check if attribute is verified |
184 | 188 |
if claim.value + ':verified' in attributes: |
185 | 189 |
user_info[claim.value + '_verified'] = True |
190 |
for claim in claims: |
|
191 |
if claim.name not in user_info: |
|
192 |
user_info[claim.name] = None |
|
186 | 193 |
hooks.call_hooks('idp_oidc_modify_user_info', client, user, scope_set, user_info) |
187 | 194 |
return user_info |
188 | 195 |
tests/test_idp_oidc.py | ||
---|---|---|
285 | 285 |
simple_user.username = None |
286 | 286 |
simple_user.save() |
287 | 287 |
response = app.get(user_info_url, headers=bearer_authentication_headers(access_token)) |
288 |
assert 'preferred_username' not in response.json
|
|
288 |
assert response.json['preferred_username'] is None
|
|
289 | 289 | |
290 | 290 |
# Now logout |
291 | 291 |
if oidc_client.post_logout_redirect_uris: |
292 |
- |