idp_oidc: export claim even if source attribute is absent (fixes #27540)
This commit is contained in:
parent
ce1b796473
commit
6964b0cc82
|
@ -174,15 +174,22 @@ def create_user_info(request, client, user, scope_set, id_token=False):
|
|||
'service': client,
|
||||
'__wanted_attributes': client.get_wanted_attributes(),
|
||||
})
|
||||
for claim in client.oidcclaim_set.filter(name__isnull=False):
|
||||
claims = client.oidcclaim_set.filter(name__isnull=False)
|
||||
for claim in claims:
|
||||
if not set(claim.get_scopes()).intersection(scope_set):
|
||||
continue
|
||||
if not claim.value in attributes:
|
||||
if claim.value not in attributes:
|
||||
continue
|
||||
user_info[claim.name] = normalize_claim_values(attributes[claim.value])
|
||||
attribute_value = attributes[claim.value]
|
||||
if attribute_value is None:
|
||||
continue
|
||||
user_info[claim.name] = normalize_claim_values(attribute_value)
|
||||
# check if attribute is verified
|
||||
if claim.value + ':verified' in attributes:
|
||||
user_info[claim.name + '_verified'] = True
|
||||
for claim in claims:
|
||||
if claim.name not in user_info:
|
||||
user_info[claim.name] = None
|
||||
hooks.call_hooks('idp_oidc_modify_user_info', client, user, scope_set, user_info)
|
||||
return user_info
|
||||
|
||||
|
|
|
@ -285,7 +285,7 @@ def test_authorization_code_sso(login_first, oidc_settings, oidc_client, simple_
|
|||
simple_user.username = None
|
||||
simple_user.save()
|
||||
response = app.get(user_info_url, headers=bearer_authentication_headers(access_token))
|
||||
assert 'preferred_username' not in response.json
|
||||
assert response.json['preferred_username'] is None
|
||||
|
||||
# Now logout
|
||||
if oidc_client.post_logout_redirect_uris:
|
||||
|
|
Loading…
Reference in New Issue