Possibility to add extra claims and extra vars in OIDC register (#2003)

6 years ago · f5c2b81051
parent f396e59207
commit f5c2b81051
2 changed files with 33 additions and 2 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Issuer/OpenIDConnect.pm
@ -1781,6 +1781,24 @@ sub registration {
      ->{oidcRPMetaDataOptionsUserInfoSignAlg} = $userinfo_signed_response_alg
      if defined $userinfo_signed_response_alg;

+    # Exported Vars
+    if (
+        ref( $self->conf->{oidcServiceDynamicRegistrationExportedVars} ) eq
+        'HASH' )
+    {
+        $conf->{oidcRPMetaDataExportedVars}->{$rp} =
+          $self->conf->{oidcServiceDynamicRegistrationExportedVars};
+    }
+
+    # Extra claims
+    if (
+        ref( $self->conf->{oidcServiceDynamicRegistrationExtraClaims} ) eq
+        'HASH' )
+    {
+        $conf->{oidcRPMetaDataOptionsExtraClaims}->{$rp} =
+          $self->conf->{oidcServiceDynamicRegistrationExtraClaims};
+    }
+
    if ( $self->confAcc->saveConf($conf) ) {

        # Reload RP list
--- a/lemonldap-ng-portal/t/32-OIDC-Register.t
+++ b/lemonldap-ng-portal/t/32-OIDC-Register.t
@ -52,7 +52,6 @@ my $confFile = "t/lmConf-2.json";
 my $conf     = JSON::from_json(`cat $confFile`);

 # Check saved data
-
 my $rpId = ( keys %{ $conf->{oidcRPMetaDataOptions} } )[0];

 ok(
@ -61,12 +60,22 @@ ok(
    "Client ID saved in configuration"
 );

+# Check extra claims and extra attributes
+ok(
+    $conf->{oidcRPMetaDataOptionsExtraClaims}->{$rpId}->{"extra_claim"} eq
+      "extra_var",
+    "Extra claim defined"
+);
+ok( $conf->{oidcRPMetaDataExportedVars}->{$rpId}->{"extra_var"} eq "mail",
+    "Extra variable defined" );
+
 unlink $confFile;
 clean_sessions();
 done_testing();

 sub op {
-    return LLNG::Manager::Test->new( {
+    return LLNG::Manager::Test->new(
+        {
            ini => {
                logLevel                        => $debug,
                domain                          => 'idp.com',
@ -82,6 +91,10 @@ sub op {
                        name        => "cn"
                    }
                },
+                oidcServiceDynamicRegistrationExportedVars =>
+                  { "extra_var" => "mail" },
+                oidcServiceDynamicRegistrationExtraClaims =>
+                  { "extra_claim" => "extra_var" },
                oidcServiceMetaDataAuthorizeURI       => "authorize",
                oidcServiceMetaDataCheckSessionURI    => "checksession.html",
                oidcServiceMetaDataJWKSURI            => "jwks",