cco/py-scopes
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

auth: directly use user data from id_token (no user_info request)

Browse source
This commit is contained in:
Helmut Merz 2025-04-29 17:36:02 +02:00
parent 99f717a816
commit 5eb9531997
1 changed files with 6 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
scopes/web/auth/oidc.py
View file

@ -142,13 +142,12 @@ class Authenticator(DummyFolder):
tokenUrl = self.params['op_uris']['token_endpoint']
tokenResponse = requests.post(tokenUrl, data=args)
tdata = tokenResponse.json()
print('*** token response', tdata)
claims = self.getIdTokenData(tdata['id_token'])
print('*** token id claims', claims)
headers = dict(Authorization='Bearer ' + tdata['access_token'])
userInfoUrl = self.params['op_uris']['userinfo_endpoint']
userInfo = requests.get(userInfoUrl, headers=headers)
userData = userInfo.json()
#print('*** token response', tdata)
userData = self.getIdTokenData(tdata['id_token'])
#print('*** token id claims', userData)
#headers = dict(Authorization='Bearer ' + tdata['access_token'])
#userInfoUrl = self.params['op_uris']['userinfo_endpoint']
#userData = requests.get(userInfoUrl, headers=headers).json()
#print('*** user data', userData)
groupInfo = userData.get('urn:zitadel:iam:org:project:roles', {})
#print('*** group info', groupInfo)