-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathoauth2_validators.py
More file actions
39 lines (34 loc) · 1.47 KB
/
Copy pathoauth2_validators.py
File metadata and controls
39 lines (34 loc) · 1.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
from oauth2_provider.oauth2_validators import OAuth2Validator
class CustomOAuth2Validator(OAuth2Validator):
def validate_scopes(self, client_id, scopes, client, request, *args, **kwargs):
if client.allowed_scopes:
allowed = set(client.allowed_scopes.split())
if not set(scopes).issubset(allowed):
return False
return super().validate_scopes(client_id, scopes, client, request, *args, **kwargs)
oidc_claim_scope = OAuth2Validator.oidc_claim_scope
oidc_claim_scope.update({
"id": "profile",
"name": "profile",
"username": "profile",
"email": "email",
"first_name": "profile",
"last_name": "profile",
"is_staff": "profile",
"is_active": "profile",
"is_superuser": "profile",
"preferred_username": "profile",
})
def get_additional_claims(self, request):
claims = super().get_additional_claims(request)
claims["id"] = request.user.id
claims["name"] = request.user.username
claims["username"] = request.user.username
claims["email"] = request.user.email
claims["first_name"] = request.user.first_name
claims["last_name"] = request.user.last_name
claims["is_staff"] = request.user.is_staff
claims["is_active"] = request.user.is_active
claims["is_superuser"] = request.user.is_superuser
claims["preferred_username"] = request.user.username
return claims