Infrastructure/logto
0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2025-01-06 20:40:08 -05:00
Code Issues Activity

fix(core): user claims hot fix (#3109)

Browse source
This commit is contained in:
simeng-li 2023-02-15 10:13:25 +08:00 committed by GitHub
parent 087935cfd3
commit dbad0ed8a0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
packages/core/src/oidc/init.ts
View file

@ -16,7 +16,7 @@ import { routes } from '#src/routes/consts.js';
import type Libraries from '#src/tenants/Libraries.js'; import type Libraries from '#src/tenants/Libraries.js';
import type Queries from '#src/tenants/Queries.js'; import type Queries from '#src/tenants/Queries.js';
import { claimToUserKey, getUserClaims } from './scope.js'; import { getUserClaimData, getUserClaims } from './scope.js';
// Temporarily removed 'EdDSA' since it's not supported by browser yet // Temporarily removed 'EdDSA' since it's not supported by browser yet
const supportedSigningAlgs = Object.freeze(['RS256', 'PS256', 'ES256', 'ES384', 'ES512'] as const); const supportedSigningAlgs = Object.freeze(['RS256', 'PS256', 'ES256', 'ES384', 'ES512'] as const);
@ -170,7 +170,7 @@ export default function initOidc(envSet: EnvSet, queries: Queries, libraries: Li
...Object.fromEntries( ...Object.fromEntries(
getUserClaims(use, scope, claims, rejected).map((claim) => [ getUserClaims(use, scope, claims, rejected).map((claim) => [
claim, claim,
user[claimToUserKey[claim]], getUserClaimData(user, claim),
]) ])
), ),
}, },

22
packages/core/src/oidc/scope.ts
View file

@ -4,20 +4,32 @@ import type { User } from '@logto/schemas';
import type { Nullable } from '@silverhand/essentials'; import type { Nullable } from '@silverhand/essentials';
import type { ClaimsParameterMember } from 'oidc-provider'; import type { ClaimsParameterMember } from 'oidc-provider';
export const claimToUserKey: Readonly<Record<UserClaim, keyof User>> = Object.freeze({ export const claimToUserKey: Readonly<
Record<Exclude<UserClaim, 'email_verified' | 'phone_number_verified'>, keyof User>
> = Object.freeze({
name: 'name', name: 'name',
picture: 'avatar', picture: 'avatar',
username: 'username', username: 'username',
email: 'primaryEmail', email: 'primaryEmail',
// LOG-4165: Change to proper key/function once profile fulfilling implemented
email_verified: 'primaryEmail',
phone_number: 'primaryPhone', phone_number: 'primaryPhone',
// LOG-4165: Change to proper key/function once profile fulfilling implemented
phone_number_verified: 'primaryPhone',
custom_data: 'customData', custom_data: 'customData',
identities: 'identities', identities: 'identities',
}); });
export const getUserClaimData = (user: User, claim: UserClaim): unknown => {
// LOG-4165: Change to proper key/function once profile fulfilling implemented
if (claim === 'email_verified') {
return Boolean(user.primaryEmail);
}
// LOG-4165: Change to proper key/function once profile fulfilling implemented
if (claim === 'phone_number_verified') {
return Boolean(user.primaryPhone);
}
return user[claimToUserKey[claim]];
};
// Ignore `_claims` since [Claims Parameter](https://github.com/panva/node-oidc-provider/tree/main/docs#featuresclaimsparameter) is not enabled // Ignore `_claims` since [Claims Parameter](https://github.com/panva/node-oidc-provider/tree/main/docs#featuresclaimsparameter) is not enabled
export const getUserClaims = ( export const getUserClaims = (
use: string, use: string,