Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for the authorization "claims" parameter #11

Open
zedtux opened this issue Jul 20, 2023 · 6 comments · May be fixed by #13
Open

Add support for the authorization "claims" parameter #11

zedtux opened this issue Jul 20, 2023 · 6 comments · May be fixed by #13

Comments

@zedtux
Copy link
Contributor

zedtux commented Jul 20, 2023
edited
Loading

So far the supported claims is hardcoded in this gem's code limiting what consumer can do with the OIDC provider.

Implementing the "claims" parameter would allow one to configure the claims from the id_token and/or the user_info endpoint as per the OpenID documentation.
@zedtux zedtux changed the title Allow adding more claims to a client Add support for the authorization "claims" parameter Jul 21, 2023
@willtcarey
Copy link
Member

We have support for hardcoded claims as well as other claims. Here is an example of how we configure those in config/initializers/openid_connect_provider.rb

  config.add_scope OIDCProvider::Scopes::Profile do |account|
    name "#{account.first_name} #{account.last_name}"
    given_name account.first_name
    family_name account.last_name
  end

  config.add_scope OIDCProvider::Scopes::Email do |account|
    email account.email
    email_verified false
  end

@willtcarey
Copy link
Member

Is that what you're referring to, or something else?

@zedtux
Copy link
Contributor Author

zedtux commented Jul 24, 2023
edited
Loading

I am talking about the "claims" request parameter described in the OpenID documentation so that one can ask the OIDC provider to include this and that claim in the id_token because he will not call the /user_info endpoint (well this is my use case).

I am preparing a PR, I should submit it today.

zedtux added a commit to zedtux/oidc_provider that referenced this issue Jul 26, 2023
@zedtux
Implements basic claims request parameter (Closes brandnewbox#11)
93f948c
zedtux added a commit to zedtux/oidc_provider that referenced this issue Jul 26, 2023
@zedtux
Implements basic claims request parameter (Closes brandnewbox#11)
c9015d1
zedtux added a commit to zedtux/oidc_provider that referenced this issue Jul 26, 2023
@zedtux
Implements basic claims request parameter (Closes brandnewbox#11)
7c76d42
@zedtux zedtux linked a pull request Jul 26, 2023 that will close this issue
Open
@zedtux
Copy link
Contributor Author

zedtux commented Jul 26, 2023

It took more time than expected but it is now ready for code review! :)

zedtux added a commit to zedtux/oidc_provider that referenced this issue Jul 28, 2023
@zedtux
Implements basic claims request parameter (Closes brandnewbox#11)
8627007
zedtux added a commit to zedtux/oidc_provider that referenced this issue Jul 29, 2023
@zedtux
Implements basic claims request parameter (Closes brandnewbox#11)
814b2f6
@zedtux
Copy link
Contributor Author

zedtux commented Jul 29, 2023

@willtcarey PR conflicts are fixed. Do not hesitate if you have questions or comments on this feature implementation!

zedtux added a commit to zedtux/oidc_provider that referenced this issue Sep 4, 2023
@zedtux
Implements basic claims request parameter (Closes brandnewbox#11)
3251a1f
@zedtux
Copy link
Contributor Author

zedtux commented Sep 19, 2023

Any chance you a get a look at this PR please @willtcarey?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Implements basic claims request parameter (Closes #11) zedtux/oidc_provider
2 participants
@zedtux @willtcarey