idp_oidc: add a roles scope in create_user_info (fixes #22337)
This commit is contained in:
parent
ac14107c8f
commit
6fd389ddf1
|
@ -161,5 +161,15 @@ def create_user_info(client, user, scope_set, id_token=False):
|
|||
if 'email' in scope_set:
|
||||
user_info['email'] = user.email
|
||||
user_info['email_verified'] = True
|
||||
if 'roles' in scope_set:
|
||||
roles = user_info['roles'] = []
|
||||
for role in user.roles_and_parents().select_related('ou'):
|
||||
roles.append({
|
||||
'uuid': role.uuid,
|
||||
'name': role.name,
|
||||
'slug': role.slug,
|
||||
'ou__name': role.ou.name,
|
||||
'ou__slug': role.ou.slug
|
||||
})
|
||||
hooks.call_hooks('idp_oidc_modify_user_info', client, user, scope_set, user_info)
|
||||
return user_info
|
||||
|
|
Loading…
Reference in New Issue