mirror of
https://github.com/penpot/penpot.git
synced 2025-03-11 07:11:32 -05:00
🐛 Add missing email
scope to OIDC backend.
And additionaly emit a warn log message about the error.
This commit is contained in:
parent
f8f506a8be
commit
e8919ee340
3 changed files with 18 additions and 4 deletions
|
@ -109,6 +109,17 @@
|
|||
:cause e)
|
||||
nil)))
|
||||
|
||||
(s/def ::backend ::us/not-empty-string)
|
||||
(s/def ::email ::us/not-empty-string)
|
||||
(s/def ::fullname ::us/not-empty-string)
|
||||
(s/def ::props (s/map-of ::us/keyword any?))
|
||||
|
||||
(s/def ::info
|
||||
(s/keys :req-un [::backend
|
||||
::email
|
||||
::fullname
|
||||
::props]))
|
||||
|
||||
(defn retrieve-info
|
||||
[{:keys [tokens provider] :as cfg} request]
|
||||
(let [state (get-in request [:params :state])
|
||||
|
@ -116,7 +127,10 @@
|
|||
info (some->> (get-in request [:params :code])
|
||||
(retrieve-access-token cfg)
|
||||
(retrieve-user-info cfg))]
|
||||
(when-not info
|
||||
|
||||
(when-not (s/valid? ::info info)
|
||||
(l/warn :hint "received incomplete profile info object (please set correct scopes)"
|
||||
:info (pr-str info))
|
||||
(ex/raise :type :internal
|
||||
:code :unable-to-auth
|
||||
:hint "no user info"))
|
||||
|
@ -236,7 +250,7 @@
|
|||
:token-uri (cf/get :oidc-token-uri)
|
||||
:auth-uri (cf/get :oidc-auth-uri)
|
||||
:user-uri (cf/get :oidc-user-uri)
|
||||
:scopes (cf/get :oidc-scopes #{"openid" "profile"})
|
||||
:scopes (cf/get :oidc-scopes #{"openid" "profile" "email"})
|
||||
:roles-attr (cf/get :oidc-roles-attr)
|
||||
:roles (cf/get :oidc-roles)
|
||||
:name "oidc"}]
|
||||
|
|
|
@ -42,7 +42,7 @@ PENPOT_REGISTRATION_ENABLED=true
|
|||
|
||||
# Comma separated list of allowed domains to register. Empty for allow
|
||||
# all.
|
||||
PENPOT_REGISTRATION_DOMAIN_WHITELIST=""
|
||||
# PENPOT_REGISTRATION_DOMAIN_WHITELIST=""
|
||||
|
||||
# Penpot comes with the facility to create quick demo users that are
|
||||
# automatically deleted after some time. This settings enables or
|
||||
|
|
|
@ -97,7 +97,7 @@ update_registration_enabled() {
|
|||
fi
|
||||
}
|
||||
|
||||
update_registration_enabled() {
|
||||
update_analytics_enabled() {
|
||||
if [ -n "$PENPOT_ANALYTICS_ENABLED" ]; then
|
||||
sed -i \
|
||||
-e "s|^//var penpotAnalyticsEnabled = .*;|var penpotAnalyticsEnabled = $PENPOT_ANALYTICS_ENABLED;|g" \
|
||||
|
|
Loading…
Add table
Reference in a new issue