Add user email into id_token. Fix missing OIDC_TOKEN_EXPIRE setting.
This commit is contained in:
parent
4dc0faed0c
commit
5836774f6b
|
@ -173,8 +173,7 @@ class AuthorizeEndpoint(object):
|
|||
|
||||
query_fragment['token_type'] = 'bearer'
|
||||
|
||||
# TODO: Create setting 'OIDC_TOKEN_EXPIRE'.
|
||||
query_fragment['expires_in'] = 60 * 10
|
||||
query_fragment['expires_in'] = settings.get('OIDC_TOKEN_EXPIRE')
|
||||
|
||||
query_fragment['state'] = self.params.state if self.params.state else ''
|
||||
|
||||
|
|
|
@ -19,8 +19,7 @@ from oidc_provider import settings
|
|||
|
||||
def create_id_token(user, aud, nonce, at_hash=None, request=None):
|
||||
"""
|
||||
Receives a user object and aud (audience).
|
||||
Then creates the id_token dictionary.
|
||||
Creates the id_token dictionary.
|
||||
See: http://openid.net/specs/openid-connect-core-1_0.html#IDToken
|
||||
|
||||
Return a dic.
|
||||
|
@ -51,6 +50,9 @@ def create_id_token(user, aud, nonce, at_hash=None, request=None):
|
|||
if at_hash:
|
||||
dic['at_hash'] = at_hash
|
||||
|
||||
if getattr(user, 'email', None):
|
||||
dic['email'] = user.email
|
||||
|
||||
processing_hook = settings.get('OIDC_IDTOKEN_PROCESSING_HOOK')
|
||||
|
||||
if isinstance(processing_hook, (list, tuple)):
|
||||
|
|
Loading…
Reference in a new issue