From 976f254524759cda02956a74d9888f99b74823e2 Mon Sep 17 00:00:00 2001 From: Ignacio Fiorentino Date: Mon, 19 Sep 2016 17:38:17 -0300 Subject: [PATCH] Improve Docs. --- docs/sections/claims.rst | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/docs/sections/claims.rst b/docs/sections/claims.rst index 78160f7..d4eb38f 100644 --- a/docs/sections/claims.rst +++ b/docs/sections/claims.rst @@ -5,9 +5,9 @@ Standard Claims This subset of OpenID Connect defines a set of standard Claims. They are returned in the UserInfo Response. -The package comes with a setting called ``OIDC_USERINFO``, basically it refers to a class that MUST have a class-method named ``get_by_user``, this will be called with a Django ``User`` instance and returns an object with all the claims of the user as attributes. +The package comes with a setting called ``OIDC_USERINFO``, basically it refers to a function that will be called with ``claims`` (dict) and ``user`` (user instance). It returns the ``claims`` dict with all the claims populated. -List of all the attributes grouped by scopes: +List of all the ``claims`` keys grouped by scopes: +--------------------+----------------+-----------------------+------------------------+ | profile | email | phone | address | @@ -41,15 +41,18 @@ List of all the attributes grouped by scopes: | updated_at | | | | +--------------------+----------------+-----------------------+------------------------+ +How to populate userinfo response +================================= + Somewhere in your Django ``settings.py``:: OIDC_USERINFO = 'myproject.oidc_provider_settings.userinfo' -Then create the function for the ``OIDC_USERINFO`` setting:: +Then inside your ``oidc_provider_settings.py`` file create the function for the ``OIDC_USERINFO`` setting:: def userinfo(claims, user): - + # Populate claims dict. claims['name'] = '{0} {1}'.format(user.first_name, user.last_name) claims['given_name'] = user.first_name claims['family_name'] = user.last_name @@ -58,5 +61,7 @@ Then create the function for the ``OIDC_USERINFO`` setting:: return claims +Now test an Authorization Request using these scopes ``openid profile email`` and see how user attributes are returned. + .. note:: Please **DO NOT** add extra keys or delete the existing ones in the ``claims`` dict. If you want to add extra claims to some scopes you can use the ``OIDC_EXTRA_SCOPE_CLAIMS`` setting.