From a5b3f2b6465521feb75074a10724650d5bcc2795 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Cl=C3=A9ment=20Oudot?= Date: Sun, 12 Apr 2015 13:50:10 +0000 Subject: [PATCH] Request UserInfo endpoint to get Google attributes (#LEMONLDAP-807) git-svn-id: svn://svn.forge.objectweb.org/svnroot/lemonldap/branches/lemonldap-ng_version_1_4-bugfixes@3714 1dbb9719-a921-0410-b57f-c3a383c2c641 --- .../NG/Portal/AuthGoogleMigration.pm | 35 +++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthGoogleMigration.pm b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthGoogleMigration.pm index 78a714db7..867df8989 100644 --- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthGoogleMigration.pm +++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthGoogleMigration.pm @@ -51,6 +51,12 @@ sub extractFormInfo { my $redirect_uri = $self->{portal} . "?googlecb=1"; my $state = encode_base64url( $self->{urldc} ); + # Ask for profile if googleExportedVars requested + my %vars = ( %{ $self->{exportedVars} }, %{ $self->{googleExportedVars} } ); + if (%vars) { + $scope .= " profile"; + } + my $callback = $self->param("googlecb"); if ($callback) { @@ -100,6 +106,35 @@ sub extractFormInfo { $self->{urldc} = decode_base64url( $self->param("state") ); } + if (%vars) { + + # Request UserInfo + my $ui_response = $self->ua->get( + "https://www.googleapis.com/oauth2/v3/userinfo", + "Authorization" => "Bearer $access_token" + ); + my $ui_content = $ui_response->decoded_content; + + my $ui_json; + eval { $ui_json = decode_json($ui_content); }; + + # Convert OpenID attribute name into OIDC UserInfo field + my $convertAttr = { + "firstname" => "given_name", + "lastname" => "family_name", + "language" => "locale", + "email" => "email", + }; + + # Store attributes in session + while ( my ( $k, $v ) = each %vars ) { + my $attr = $k; + $attr =~ s/^!//; + my $oidc_attr = $convertAttr->{$v}; + $self->{sessionInfo}->{$attr} = $ui_json->{$oidc_attr}; + } + } + return PE_OK; } -- GitLab