kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add OIDC_USERINFO setting to DOC.

Browse source
This commit is contained in:
juanifioren 2015-08-11 17:12:15 -03:00
parent 18b492d1db
commit 597b5c8ebd
1 changed files with 66 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

66
DOC.md
View file

@ -29,8 +29,10 @@ Before getting started there are some important things that you should know:
- [OIDC_SKIP_CONSENT_ENABLE](#oidc_skip_consent_enable)
- [OIDC_SKIP_CONSENT_EXPIRE](#oidc_skip_consent_expire)
- [OIDC_TOKEN_EXPIRE](#oidc_token_expire)
- [OIDC_USERINFO](#oidc_userinfo)
- [Users And Clients](#users-and-clients)
- [Templates](#templates)
- [Standard Claims](#standard-claims)
- [Server Endpoints](#server-endpoints)
- [Running Tests](#running-tests)
@ -212,6 +214,9 @@ OPTIONAL. Token object expiration after been created.
`int`. Expressed in seconds. Default is `60*60`.
##### OIDC_USERINFO
OPTIONAL. A string with the location of your class. Read [standard claims](#standard-claims) section.
## Users And Clients
User and client creation it's up to you. This is because is out of the scope in the core implementation of OIDC.
@ -269,6 +274,67 @@ You can copy the sample html here and edit them with your own styles.
<p>{{ description }}</p>
```
## Standard Claims
This subset of OpenID Connect defines a set of standard Claims. They are returned in the UserInfo Response.
The package comes with a setting called `OIDC_USERINFO`, basically it refers to a class that MUST have a class-method named `get_by_user`, this will be called with a Django `User` instance and returns an object with all the claims of the user as attributes.
List of all the attributes grouped by scopes:
| profile | email | phone | address |
| ------------------ | -------------- | --------------------- | ---------------------- |
| name | email | phone_number | address_formatted |
| given_name | email_verified | phone_number_verified | address_street_address |
| family_name | | | address_locality |
| middle_name | | | address_region |
| nickname | | | address_postal_code |
| preferred_username | | | address_country |
| profile | | | |
| picture | | | |
| website | | | |
| gender | | | |
| birthdate | | | |
| zoneinfo | | | |
| locale | | | |
| updated_at | | | |
Example using a django model:
```python
from django.conf import settings
from django.db import models
class UserInfo(models.Model):
GENDER_CHOICES = [
('F', 'Female'),
('M', 'Male'),
]
user = models.OneToOneField(settings.AUTH_USER_MODEL, primary_key=True)
given_name = models.CharField(max_length=255, blank=True, null=True)
family_name = models.CharField(max_length=255, blank=True, null=True)
gender = models.CharField(max_length=100, choices=GENDER_CHOICES, null=True)
birthdate = models.DateField(null=True)
updated_at = models.DateTimeField(auto_now=True, null=True)
email_verified = models.NullBooleanField(default=False)
phone_number = models.CharField(max_length=255, blank=True, null=True)
phone_number_verified = models.NullBooleanField(default=False)
address_locality = models.CharField(max_length=255, blank=True, null=True)
address_country = models.CharField(max_length=255, blank=True, null=True)
@classmethod
def get_by_user(cls, user):
return cls.objects.get(user=user)
```
## Server Endpoints
**/authorize endpoint**