From e677dc491b2f2e5c21b3b58aa7626c5f1b8961c9 Mon Sep 17 00:00:00 2001 From: Alex Resnick Date: Sat, 7 Dec 2024 09:24:59 -0600 Subject: [PATCH] Add additional OIDC Field Mappings --- source/app/blueprints/pages/login/login_routes.py | 10 ++++++---- source/app/configuration.py | 1 + 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/source/app/blueprints/pages/login/login_routes.py b/source/app/blueprints/pages/login/login_routes.py index 237180e27..0abc1a8a1 100644 --- a/source/app/blueprints/pages/login/login_routes.py +++ b/source/app/blueprints/pages/login/login_routes.py @@ -212,10 +212,12 @@ def oidc_authorise(): # not all providers set email by default, use preferred_username where it's missing # Use the mapping from the configuration or default to email or preferred_username if not set email_field = app.config.get("OIDC_MAPPING_EMAIL") - username_field = app.config.get("OIDC_MAPPING_USERNAME") + login_field = app.config.get("OIDC_MAPPING_USERNAME") + name_field = app.config.get("OIDC_MAPPING_DISPLAYNAME") - user_login = access_token_resp['id_token'].get(email_field) or access_token_resp['id_token'].get(username_field) - user_name = access_token_resp['id_token'].get(email_field) or access_token_resp['id_token'].get(username_field) + user_email = access_token_resp['id_token'].get(email_field) or access_token_resp['id_token'].get(login_field) + user_login = access_token_resp['id_token'].get(login_field) or access_token_resp['id_token'].get(email_field) + user_name = access_token_resp['id_token'].get(name_field) or access_token_resp['id_token'].get(login_field) user = get_user(user_login, 'user') @@ -240,7 +242,7 @@ def oidc_authorise(): user = create_user( user_name=user_name, user_login=user_login, - user_email=user_login, + user_email=user_email, user_password=bc.generate_password_hash(password.encode('utf8')).decode('utf8'), user_active=True, user_is_service_account=False diff --git a/source/app/configuration.py b/source/app/configuration.py index 974f55a3c..521abfb13 100644 --- a/source/app/configuration.py +++ b/source/app/configuration.py @@ -469,6 +469,7 @@ class Config: OIDC_TOKEN_ENDPOINT = config.load('OIDC', 'TOKEN_ENDPOINT', fallback=None) OIDC_END_SESSION_ENDPOINT = config.load('OIDC', 'END_SESSION_ENDPOINT', fallback=None) OIDC_SCOPES = config.load('OIDC', 'SCOPES', fallback="openid email profile") + OIDC_MAPPING_NAME = config.load('OIDC', 'MAPPING_DISPLAYNAME', fallback='name') OIDC_MAPPING_USERNAME = config.load('OIDC', 'MAPPING_USERNAME', fallback='preferred_username') OIDC_MAPPING_EMAIL = config.load('OIDC', 'MAPPING_EMAIL', fallback='email')