Possibility to configure attribute used to fill OIDC User ID (#184)

2015-03-11 16:16:37 +00:00 · 2015-03-11 16:16:37 +00:00 · 167fdb66c4
commit 167fdb66c4
parent 55fe1a5ec8
3 changed files with 14 additions and 3 deletions
--- a/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SubAttributes.pm
+++ b/lemonldap-ng-common/lib/Lemonldap/NG/Common/Conf/SubAttributes.pm
@ -121,6 +121,13 @@ has 'oidcRPMetaDataOptionsClientSecret' => (
    documentation => "OIDC RP client Secret",
 );

+has 'oidcRPMetaDataOptionsUserIDAttr' => (
+    is            => 'rw',
+    isa           => 'Str|Undef',
+    default       => undef,
+    documentation => "OIDC RP User ID Attribute",
+);
+
 has 'oidcRPMetaDataOptionsIDTokenSignAlg' => (
    is            => 'rw',
    isa           => 'Str',
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBOpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/IssuerDBOpenIDConnect.pm
@ -138,7 +138,9 @@ sub issuerForUnAuthUser {
            $self->quit;
        }

-        my $user_id = $apacheSession->data->{_user};  # TODO configure attribute
+        my $user_id_attribute = $self->{oidcRPMetaDataOptions}->{$rp}
+          ->{oidcRPMetaDataOptionsUserIDAttr} || $self->{whatToTrace};
+        my $user_id = $apacheSession->data->{$user_id_attribute};

        $self->lmLog( "Found corresponding user: $user_id", 'debug' );

--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/_OpenIDConnect.pm
@ -859,8 +859,10 @@ sub buildUserInfoResponse {
        $self->returnJSONError("invalid_request");
        $self->quit;
    }
-
-    my $user_id = $apacheSession->data->{_user};    # TODO configure attribute
+    my $user_id_attribute =
+      $self->{oidcRPMetaDataOptions}->{$rp}->{oidcRPMetaDataOptionsUserIDAttr}
+      || $self->{whatToTrace};
+    my $user_id = $apacheSession->data->{$user_id_attribute};

    $self->lmLog( "Found corresponding user: $user_id", 'debug' );