Improve Docs.
This commit is contained in:
parent
20c63fe133
commit
976f254524
1 changed files with 9 additions and 4 deletions
|
@ -5,9 +5,9 @@ Standard Claims
|
|||
|
||||
This subset of OpenID Connect defines a set of standard Claims. They are returned in the UserInfo Response.
|
||||
|
||||
The package comes with a setting called ``OIDC_USERINFO``, basically it refers to a class that MUST have a class-method named ``get_by_user``, this will be called with a Django ``User`` instance and returns an object with all the claims of the user as attributes.
|
||||
The package comes with a setting called ``OIDC_USERINFO``, basically it refers to a function that will be called with ``claims`` (dict) and ``user`` (user instance). It returns the ``claims`` dict with all the claims populated.
|
||||
|
||||
List of all the attributes grouped by scopes:
|
||||
List of all the ``claims`` keys grouped by scopes:
|
||||
|
||||
+--------------------+----------------+-----------------------+------------------------+
|
||||
| profile | email | phone | address |
|
||||
|
@ -41,15 +41,18 @@ List of all the attributes grouped by scopes:
|
|||
| updated_at | | | |
|
||||
+--------------------+----------------+-----------------------+------------------------+
|
||||
|
||||
How to populate userinfo response
|
||||
=================================
|
||||
|
||||
Somewhere in your Django ``settings.py``::
|
||||
|
||||
OIDC_USERINFO = 'myproject.oidc_provider_settings.userinfo'
|
||||
|
||||
|
||||
Then create the function for the ``OIDC_USERINFO`` setting::
|
||||
Then inside your ``oidc_provider_settings.py`` file create the function for the ``OIDC_USERINFO`` setting::
|
||||
|
||||
def userinfo(claims, user):
|
||||
|
||||
# Populate claims dict.
|
||||
claims['name'] = '{0} {1}'.format(user.first_name, user.last_name)
|
||||
claims['given_name'] = user.first_name
|
||||
claims['family_name'] = user.last_name
|
||||
|
@ -58,5 +61,7 @@ Then create the function for the ``OIDC_USERINFO`` setting::
|
|||
|
||||
return claims
|
||||
|
||||
Now test an Authorization Request using these scopes ``openid profile email`` and see how user attributes are returned.
|
||||
|
||||
.. note::
|
||||
Please **DO NOT** add extra keys or delete the existing ones in the ``claims`` dict. If you want to add extra claims to some scopes you can use the ``OIDC_EXTRA_SCOPE_CLAIMS`` setting.
|
||||
|
|
Loading…
Reference in a new issue