Skip to content

Commit b14d4c1

Browse files
ignatiusrezaignatiusreza
authored
bugfix: info from decoded id_token is not exposed (jjbohn#61)
1 parent 6398ad1 commit b14d4c1

File tree

2 files changed

+12
-3
lines changed

2 files changed

+12
-3
lines changed

lib/omniauth/strategies/openid_connect.rb

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -201,7 +201,15 @@ def discover!
201201
end
202202

203203
def user_info
204-
@user_info ||= access_token.userinfo!
204+
return @user_info if @user_info
205+
206+
if access_token.id_token
207+
decoded = decode_id_token(access_token.id_token).raw_attributes
208+
209+
@user_info = ::OpenIDConnect::ResponseObject::UserInfo.new access_token.userinfo!.raw_attributes.merge(decoded)
210+
else
211+
@user_info = access_token.userinfo!
212+
end
205213
end
206214

207215
def access_token

test/lib/omniauth/strategies/openid_connect_test.rb

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -187,7 +187,7 @@ def test_callback_phase(session = {}, params = {})
187187
id_token.stubs(:verify!).with(issuer: strategy.options.issuer, client_id: @identifier, nonce: nonce).returns(true)
188188
id_token.expects(:verify!)
189189

190-
strategy.expects(:decode_id_token).with(access_token.id_token).returns(id_token)
190+
strategy.expects(:decode_id_token).twice.with(access_token.id_token).returns(id_token)
191191
strategy.call!('rack.session' => { 'omniauth.state' => state, 'omniauth.nonce' => nonce })
192192
strategy.callback_phase
193193
end
@@ -248,6 +248,7 @@ def test_callback_phase_with_discovery
248248
::OpenIDConnect::Discovery::Provider::Config.stubs(:discover!).with('https://example.com/').returns(config)
249249

250250
id_token = stub('OpenIDConnect::ResponseObject::IdToken')
251+
id_token.stubs(:raw_attributes).returns('sub' => 'sub', 'name' => 'name', 'email' => 'email')
251252
id_token.stubs(:verify!).with(issuer: 'https://example.com/', client_id: @identifier, nonce: nonce).returns(true)
252253
::OpenIDConnect::ResponseObject::IdToken.stubs(:decode).returns(id_token)
253254

@@ -587,7 +588,7 @@ def test_id_token_auth_hash
587588

588589
id_token = stub('OpenIDConnect::ResponseObject::IdToken')
589590
id_token.stubs(:verify!).returns(true)
590-
id_token.stubs(:raw_attributes, :to_h).returns(
591+
id_token.stubs(:raw_attributes, :to_h).returns(
591592
{
592593
"iss": "http://server.example.com",
593594
"sub": "248289761001",

0 commit comments

Comments
 (0)