Merge pull request #12 from ByteInternet/add-req-to-resolve

Add request to resolve user function

README.md

@@ -43,8 +43,8 @@ OIDC_AUTH = {
     'OIDC_AUDIENCES': ('myapp',),
 
     # (Optional) Function that resolves id_token into user.
-    # This function receives an id_token dict and expects to return
-    # a User object. The default implementation tries to find the user
+    # This function receives a request and an id_token dict and expects to
+    # return a User object. The default implementation tries to find the user
     # based on username (natural key) taken from the 'sub'-claim of the
     # id_token.
     'OIDC_RESOLVE_USER_FUNCTION': 'oidc_auth.authentication.get_user_by_id',

oidc_auth/authentication.py

@@ -16,7 +16,7 @@
 from django.utils.translation import ugettext as _
 
 
-def get_user_by_id(id_token):
+def get_user_by_id(request, id_token):
     User = get_user_model()
     try:
         user = User.objects.get_by_natural_key(id_token.get('sub'))
@@ -46,7 +46,7 @@ def authenticate(self, request):
             msg = _('Invalid Authorization header. Unable to verify bearer token')
             raise AuthenticationFailed(msg)
 
-        user = api_settings.OIDC_RESOLVE_USER_FUNCTION(userinfo)
+        user = api_settings.OIDC_RESOLVE_USER_FUNCTION(request, userinfo)
 
         return user, userinfo
 
@@ -88,7 +88,7 @@ def authenticate(self, request):
         payload = self.decode_jwt(jwt_value)
         self.validate_claims(payload)
 
-        user = api_settings.OIDC_RESOLVE_USER_FUNCTION(payload)
+        user = api_settings.OIDC_RESOLVE_USER_FUNCTION(request, payload)
 
         return user, payload
 

oidc_auth/settings.py

@@ -14,7 +14,7 @@
     # Time before JWKS will be refreshed
     'OIDC_JWKS_EXPIRATION_TIME': 24*60*60,
 
-    # Function to resolve user from token or userinfo
+    # Function to resolve user from request and token or userinfo
     'OIDC_RESOLVE_USER_FUNCTION': 'oidc_auth.authentication.get_user_by_id',
 
     # Time before bearer token validity is verified again