Refactoring for create_id_token function.

oidc_provider/lib/utils/token.py

@@ -5,34 +5,39 @@ import uuid
 from django.utils import timezone
 import jwt
 
+from oidc_provider.lib.utils.common import get_issuer
 from oidc_provider.models import *
 from oidc_provider import settings
 
 
-def create_id_token(iss, sub, aud, auth_time):
+def create_id_token(user, aud):
     """
-    Receives a user object, iss (issuer) and aud (audience).
-    Then creates the id_token dic.
+    Receives a user object and aud (audience).
+    Then creates the id_token dictionary.
     See: http://openid.net/specs/openid-connect-core-1_0.html#IDToken
 
     Return a dic.
     """
+    sub = settings.get('OIDC_IDTOKEN_SUB_GENERATOR')(
+        user=user)
+
     expires_in = settings.get('OIDC_IDTOKEN_EXPIRE')
 
     now = timezone.now()
-
     # Convert datetimes into timestamps.
     iat_time = time.mktime(now.timetuple())
     exp_time = time.mktime((now + timedelta(seconds=expires_in)).timetuple())
-    user_auth_time = time.mktime(auth_time.timetuple())
+
+    user_auth_time = user.last_login or user.date_joined
+    auth_time = time.mktime(user_auth_time.timetuple())
 
     dic = {
-        'iss': iss,
+        'iss': get_issuer(),
         'sub': sub,
         'aud': aud,
         'exp': exp_time,
         'iat': iat_time,
-        'auth_time': user_auth_time,
+        'auth_time': auth_time,
     }
 
     return dic