From 257f1a26eb79c42299447b58a2a20b4db32b4f04 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=AD=C3=B0ir=20Valberg=20Gu=C3=B0mundsson?= Date: Sun, 2 Feb 2025 14:41:11 +0100 Subject: [PATCH] Add a custom OAuth2 validator to provide some more info in the OIDC dance. --- src/membership/oidc.py | 19 +++++++++++++++++++ src/project/settings.py | 1 + src/utils/types.py | 10 ++++++++++ 3 files changed, 30 insertions(+) create mode 100644 src/membership/oidc.py create mode 100644 src/utils/types.py diff --git a/src/membership/oidc.py b/src/membership/oidc.py new file mode 100644 index 0000000..f31dc01 --- /dev/null +++ b/src/membership/oidc.py @@ -0,0 +1,19 @@ +"""Code related to OIDC.""" + +from typing import Any + +from oauth2_provider.oauth2_validators import OAuth2Validator +from utils.types import AuthenticatedHttpRequest + + +class CustomOAuth2Validator(OAuth2Validator): + """A custom OAuth2 validator.""" + + def get_additional_claims(self, request: AuthenticatedHttpRequest) -> dict[str, Any]: + """Get additional claims.""" + return { + "sub": request.user.email, + "email": request.user.email, + "first_name": request.user.first_name, + "last_name": request.user.last_name, + } diff --git a/src/project/settings.py b/src/project/settings.py index 7c2321c..de0a181 100644 --- a/src/project/settings.py +++ b/src/project/settings.py @@ -173,6 +173,7 @@ OAUTH2_PROVIDER = { "openid": "OpenID Connect scope", "profile": "Profile Information", }, + "OAUTH2_VALIDATOR_CLASS": "membership.oidc.CustomOAuth2Validator", "PKCE_REQUIRED": False, # Disabling for now -vidir 2025-02-01 } diff --git a/src/utils/types.py b/src/utils/types.py new file mode 100644 index 0000000..efd8093 --- /dev/null +++ b/src/utils/types.py @@ -0,0 +1,10 @@ +"""Collection of types for the project.""" + +from django.contrib.auth.models import User +from django.http import HttpRequest + + +class AuthenticatedHttpRequest(HttpRequest): + """HttpRequest with an authenticated user.""" + + user: User