auth icon indicating copy to clipboard operation
auth copied to clipboard

Published 20 hours ago verified publisher icon go-pkgz

Support OpenID tokens for getting using information

Open alek-sys opened this issue 2 years ago • 2 comments

Some providers (e.g. Cognito) provide only minimal subset of user attributes in /userinfo endpoint, but much more in the ID tokens. That can be helpful to pass user metadata from the provider to the app. This PR adds support of OpenID tokens as a source of user info, as an extension to the OAuth2 flow.

OpenID flow is only supported for custom providers at the moment and require JWKS URL configuration. Switching existing providers (e.g. google) to OpenID is TBD, but probably not required. Using OpenID Connect (.well-known/openid-configuration URLs) is out of scope for this PR.

Apple flow basically is OpenID, with some customisations on how client secret is passed across. So potentially these two flows can be merged together later on.

alek-sys avatar Jun 22 '22 07:06 alek-sys

Pull Request Test Coverage Report for Build 2568262682

  • 29 of 29 (100.0%) changed or added relevant lines in 1 file are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage increased (+0.4%) to 96.099%
Totals Coverage Status
Change from base Build 2443879937: 0.4%
Covered Lines: 271
Relevant Lines: 282
💛 - Coveralls

coveralls avatar Jun 22 '22 08:06 coveralls

This feature is very useful. Is there anything needed for merging this PR?

tendant avatar Oct 10 '22 05:10 tendant