Merge pull request #11717 from opf/fix/45064/oidc-login-mapping

Allow mapping other attributes using the preferred_username claim
pull/11724/head
Markus Kahl 2 years ago committed by GitHub
commit 18f0b89602
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 8
      modules/openid_connect/lib/open_project/openid_connect/engine.rb
  2. 21
      modules/openid_connect/spec/requests/openid_connect_spec.rb

@ -54,6 +54,14 @@ module OpenProject::OpenIDConnect
::OpenProject::OpenIDConnect::SessionMapper.handle_logout(logout_token)
end
# Allow username mapping from 'preferred_username' claim
h[:openproject_attribute_map] = Proc.new do |auth|
{}.tap do |additional|
preferred_username = auth.dig('extra', 'raw_info', 'preferred_username')
additional[:login] = preferred_username if preferred_username.present?
end
end
h
end
end

@ -130,6 +130,27 @@ describe 'OpenID Connect',
expect(response.cookies['_open_project_session_access_token']).to eq 'foo bar baz'
end
end
context 'with a preferred_username claim' do
let(:user_info) do
{
sub: '87117114115116',
name: 'Hans Wurst',
email: 'h.wurst@finn.de',
given_name: 'Hans',
family_name: 'Wurst',
preferred_username: 'h.wurst'
}
end
it 'maps to the login' do
click_on_signin
redirect_from_provider
user = User.find_by(login: 'h.wurst')
expect(user).to be_present
end
end
end
context 'provider configuration through the settings' do

Loading…
Cancel
Save