From 69572c66537d737b099b84663fa0ef0547789333 Mon Sep 17 00:00:00 2001 From: Josh Cunningham Date: Fri, 3 Jan 2020 07:27:57 -0800 Subject: [PATCH] Update example for userinfo --- EXAMPLES.md | 3 ++- lib/hooks/getUser.js | 3 +-- middleware/auth.js | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/EXAMPLES.md b/EXAMPLES.md index 1732d262..8108b9d3 100644 --- a/EXAMPLES.md +++ b/EXAMPLES.md @@ -211,12 +211,13 @@ app.get('/route-that-calls-an-api', async (req, res, next) => { ## 7. Calling userinfo -If your application needs to call the userinfo endpoint for the user's identity instead of the ID token used by default, add a `handleCallback` function during initialization that will make this call. To map the incoming claims to the user identity, also add a `getUser` function. +If your application needs to call the userinfo endpoint for the user's identity instead of the ID token used by default, add a `handleCallback` function during initialization that will make this call. Save the claims retrieved from the userinfo endpoint to the `appSessionName` on the request object (default is `identity`): ```js app.use(auth({ handleCallback: async function (req, res, next) { const client = req.openid.client; + req.identity = req.identity || {}; try { req.identity.claims = await client.userinfo(req.openidTokens); next(); diff --git a/lib/hooks/getUser.js b/lib/hooks/getUser.js index 26beb6d3..6cb80a7d 100644 --- a/lib/hooks/getUser.js +++ b/lib/hooks/getUser.js @@ -4,8 +4,7 @@ */ module.exports = function(req, config) { - // If there is no appSessionSecret, session handing is custom. - if (!config.appSessionSecret || !req[config.appSessionName] || !req[config.appSessionName].claims) { + if (!req[config.appSessionName] || !req[config.appSessionName].claims) { return null; } diff --git a/middleware/auth.js b/middleware/auth.js index 72a19047..8488a094 100644 --- a/middleware/auth.js +++ b/middleware/auth.js @@ -109,7 +109,7 @@ module.exports = function (params) { throw createError.BadRequest(err.message); } - req.openIdTokens = tokenSet; + req.openidTokens = tokenSet; if (config.appSessionSecret) { let identityClaims = tokenSet.claims();