kumi/django-oidc-provider
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Improve Docs.

Browse source
This commit is contained in:
Ignacio Fiorentino 2016-09-19 17:38:17 -03:00
parent 20c63fe133
commit 976f254524
1 changed files with 9 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
docs/sections/claims.rst
View file

@ -5,9 +5,9 @@ Standard Claims
This subset of OpenID Connect defines a set of standard Claims. They are returned in the UserInfo Response.
The package comes with a setting called ``OIDC_USERINFO``, basically it refers to a class that MUST have a class-method named ``get_by_user``, this will be called with a Django ``User`` instance and returns an object with all the claims of the user as attributes.
The package comes with a setting called ``OIDC_USERINFO``, basically it refers to a function that will be called with ``claims`` (dict) and ``user`` (user instance). It returns the ``claims`` dict with all the claims populated.
List of all the attributes grouped by scopes:
List of all the ``claims`` keys grouped by scopes:
+--------------------+----------------+-----------------------+------------------------+
| profile | email | phone | address |
@ -41,15 +41,18 @@ List of all the attributes grouped by scopes:
| updated_at | | | |
+--------------------+----------------+-----------------------+------------------------+
How to populate userinfo response
=================================
Somewhere in your Django ``settings.py``::
OIDC_USERINFO = 'myproject.oidc_provider_settings.userinfo'
Then create the function for the ``OIDC_USERINFO`` setting::
Then inside your ``oidc_provider_settings.py`` file create the function for the ``OIDC_USERINFO`` setting::
def userinfo(claims, user):
# Populate claims dict.
claims['name'] = '{0} {1}'.format(user.first_name, user.last_name)
claims['given_name'] = user.first_name
claims['family_name'] = user.last_name
@ -58,5 +61,7 @@ Then create the function for the ``OIDC_USERINFO`` setting::
return claims
Now test an Authorization Request using these scopes ``openid profile email`` and see how user attributes are returned.
.. note::
Please **DO NOT** add extra keys or delete the existing ones in the ``claims`` dict. If you want to add extra claims to some scopes you can use the ``OIDC_EXTRA_SCOPE_CLAIMS`` setting.