<p></p>
<p><b>@milan-cvetkovic</b> commented on this pull request.</p>

<hr>

<p>In <a href="https://github.com/openstreetmap/openstreetmap-website/pull/4226#discussion_r1317111955">config/initializers/doorkeeper_openid_connect.rb</a>:</p>
<pre style='color:#555'>> +  #   normal_claim :_foo_ do |resource_owner|
+  #     resource_owner.foo
+  #   end
+
+  #   normal_claim :_bar_ do |resource_owner|
+  #     resource_owner.bar
+  #   end
+  # end
+
+  claims do
+    claim :preferred_username, :scope => :openid do |resource_owner, _scopes, _access_token|
+      # Pass the resource_owner's preferred_username if the application has
+      # `profile` scope access. Otherwise, provide a more generic alternative.
+      resource_owner.display_name
+    end
+  end
</pre>
<p dir="auto"><code class="notranslate">email</code> claim would normally go to <code class="notranslate">email</code> scope.</p>
<p dir="auto">I was reluctant to offer email claim and scope due to it not being public information on OSM. If we add it, it appears that an application would be able to collect emails of OSM users, although with user's permission.</p>
<p dir="auto">As for <code class="notranslate">profile</code>, I am guessing you had <code class="notranslate">profile</code> scope in mind, rather than claim. I wasn't really sure what claims to put into it.</p>
<p dir="auto"><code class="notranslate">preferred_username</code> is sort of basic information, so I put it together with userid,</p>
<p dir="auto">We could put other public information available in <code class="notranslate">/api/0.6/user/1.json</code> endpoint as part of <code class="notranslate">profile</code> scope. I didn't do it in this run, to simplify the PR. Also, I am not too sure how privileged accounts work (or should work) with Oauth</p>

<p style="font-size:small;-webkit-text-size-adjust:none;color:#666;">—<br />Reply to this email directly, <a href="https://github.com/openstreetmap/openstreetmap-website/pull/4226#discussion_r1317111955">view it on GitHub</a>, or <a href="https://github.com/notifications/unsubscribe-auth/AAK2OLPLPHLK65UJCPIY7T3XZBJ3NANCNFSM6AAAAAA4KPKL4I">unsubscribe</a>.<br />You are receiving this because you are subscribed to this thread.<img src="https://github.com/notifications/beacon/AAK2OLPYJUOKBGPXHXCJCR3XZBJ3NA5CNFSM6AAAAAA4KPKL4KWGG33NNVSW45C7OR4XAZNRKB2WY3CSMVYXKZLTORJGK5TJMV32UY3PNVWWK3TUL5UWJTTAEVTT2.gif" height="1" width="1" alt="" /><span style="color: transparent; font-size: 0; display: none; visibility: hidden; overflow: hidden; opacity: 0; width: 0; height: 0; max-width: 0; max-height: 0; mso-hide: all">Message ID: <span><openstreetmap/openstreetmap-website/pull/4226/review/1613063997</span><span>@</span><span>github</span><span>.</span><span>com></span></span></p>
<script type="application/ld+json">[
{
"@context": "http://schema.org",
"@type": "EmailMessage",
"potentialAction": {
"@type": "ViewAction",
"target": "https://github.com/openstreetmap/openstreetmap-website/pull/4226#discussion_r1317111955",
"url": "https://github.com/openstreetmap/openstreetmap-website/pull/4226#discussion_r1317111955",
"name": "View Pull Request"
},
"description": "View this Pull Request on GitHub",
"publisher": {
"@type": "Organization",
"name": "GitHub",
"url": "https://github.com"
}
}
]</script>