Oidc simplesamlphp fix (#427)

* add UserInfo to oidc
cs3org · Dec 13, 2019 · 5ca73c9 · 5ca73c9
1 parent 84b5f3b
commit 5ca73c9
Showing 1 changed file with 15 additions and 0 deletions.
diff --git a/pkg/auth/manager/oidc/oidc.go b/pkg/auth/manager/oidc/oidc.go
@@ -140,13 +140,28 @@ func (am *mgr) Authenticate(ctx context.Context, clientID, token string) (*user.
 		}
 		verifier := provider.Verifier(c)
 		idToken, err := verifier.Verify(customCtx, token)
+
 		if err != nil {
 			return nil, fmt.Errorf("could not verify jwt: %v", err)
 		}
 		if err := idToken.Claims(&claims); err != nil {
 			return nil, fmt.Errorf("failed to parse claims: %v", err)
 		}
 
+		if claims.PreferredUsername == "" {
+			// resolve user info here? cache it?
+			oauth2Token := &oauth2.Token{
+				AccessToken: token,
+			}
+			userInfo, err := provider.UserInfo(customCtx, oauth2.StaticTokenSource(oauth2Token))
+			if err != nil {
+				return nil, fmt.Errorf("Failed to get userinfo: %v", err)
+			}
+			if err := userInfo.Claims(&claims); err != nil {
+				return nil, fmt.Errorf("failed to unmarshal userinfo claims: %v", err)
+			}
+			log.Debug().Interface("claims", claims).Interface("userInfo", userInfo).Msg("unmarshalled userinfo")
+		}
 	} else {
 
 		// we need to lookup the id token with the access token we got