[openstreetmap/openstreetmap-website] Add openid connect support using doorkeeper-openid_connect gem (PR #4226)
Milan Cvetkovic
notifications at github.com
Thu Sep 7 16:51:27 UTC 2023
@milan-cvetkovic commented on this pull request.
> @@ -27,12 +27,36 @@
end
claims do
- claim :preferred_username, :scope => :openid do |resource_owner, _scopes, _access_token|
+ claim :preferred_username, :response => [:id_token, :user_info] do |resource_owner, _scopes, _access_token|
I guess it is not strictly required either way. https://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims associates `preferred_username` with `profile` scope. However my tests with some providers show that it is returned when only `openid` scope is requested.
Contrary to the spec, they show up in id_token in addition to showing up in response to userinfo endpoint.
I was under the impression that you geared towards having `profile` scope with at least `profile` claim.
--
Reply to this email directly or view it on GitHub:
https://github.com/openstreetmap/openstreetmap-website/pull/4226#discussion_r1318885342
You are receiving this because you are subscribed to this thread.
Message ID: <openstreetmap/openstreetmap-website/pull/4226/review/1615871399 at github.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstreetmap.org/pipermail/rails-dev/attachments/20230907/e42aaac4/attachment.htm>
More information about the rails-dev
mailing list