New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

A simple implementation of userinfo endpoint #1201

Open
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
4 participants
@jackielii
Copy link

jackielii commented Mar 8, 2018

A stop gap to solve #376. Borrowed mostly from #1133.

The way it works is we create a signed jwt token as access_token (same claims as id token), on requesting /userinfo, it verifies the token and check it's not expired etc, and return the claims in json

IMHO, the full solution should involve the storage to implement similar logic for refresh_token. i.e. serialise access token and save in storage and retrieve upon requesting user info.

Because access token is opaque to the user, we can later roll in the proper solution without breaking API.

@jackielii jackielii force-pushed the jackielii:feature/userinfo-endpoint branch from df4d57a to b2b85fe Mar 10, 2018

@adebisi-fa

This comment has been minimized.

Copy link

adebisi-fa commented Jul 25, 2018

Hello @jackielii,

You've saved a soul!

I just patched my dex deployment with this pull request and IT WORKED AWESOME!!!
Can't thank you enough.

Bravo!

@jackielii

This comment has been minimized.

Copy link

jackielii commented Jul 25, 2018

Glad it helped. Please also note that the verify might fail if key is rotated. Our fork has advanced a lot, will update this one with the fix

@adebisi-fa

This comment has been minimized.

Copy link

adebisi-fa commented Jul 25, 2018

Please also note that the verify might fail if key is rotated.

Noted, please.

If you won't mind, can I "go get" from your fork?
The repo url will be of great help.

Thanks, please.

@jackielii

This comment has been minimized.

Copy link

jackielii commented Jul 25, 2018

Our fork had a lot custom changes, I think I'll make the master branch of github.com/jackielii/dex up to date with this patch. will do it later

Jackie Li

@jackielii jackielii force-pushed the jackielii:feature/userinfo-endpoint branch from 8bca500 to e3489b9 Jul 25, 2018

@jackielii

This comment has been minimized.

Copy link

jackielii commented Jul 25, 2018

@adebisi-fa updated the PR.

I suggest you just clone the repo: https://github.com/jackielii/dex.git to $GOPATH/src/github.com/coreos/dex and checkout the feature/userinfo-endpoint branch. If I make my repo go-gettable, I'll have to re-write all the import path. I suggest you do it yourself.

@jackielii jackielii changed the title naive impl of userinfo endpoint A simple implementation of userinfo endpoint Jul 25, 2018

@adebisi-fa

This comment has been minimized.

Copy link

adebisi-fa commented Jul 25, 2018

Whao, @jackielii !

I cannot thank you enough for this, honestly!
Really appreciate the time and effort you put into getting it this far!

I suggest you just clone the repo to $GOPATH/src/github.com/coreos/dex and checkout the feature/userinfo-endpoint branch.

I will do exactly that. Thanks, please.

Thank you!

@ccojocar

This comment has been minimized.

Copy link
Contributor

ccojocar commented Dec 12, 2018

@srenatus @jackielii Any progress with this? Thanks

@jackielii

This comment has been minimized.

Copy link

jackielii commented Dec 12, 2018

Hi @ccojocar, as far as this pr is concerned, it's finished.

@srenatus

This comment has been minimized.

Copy link
Collaborator

srenatus commented Dec 12, 2018

I'll try to review this soon, sorry for radio silence here. 😅

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment