|
@@ -9,7 +9,20 @@ OAuth.registerService('oidc', 2, null, function (query) {
|
|
|
var accessToken = token.access_token || token.id_token;
|
|
var accessToken = token.access_token || token.id_token;
|
|
|
var expiresAt = (+new Date) + (1000 * parseInt(token.expires_in, 10));
|
|
var expiresAt = (+new Date) + (1000 * parseInt(token.expires_in, 10));
|
|
|
|
|
|
|
|
- var userinfo = getUserInfo(accessToken);
|
|
|
|
|
|
|
+ var claimsInAccessToken = process.env.OAUTH2_ADFS || false;
|
|
|
|
|
+
|
|
|
|
|
+ var userinfo;
|
|
|
|
|
+ if(claimsInAccessToken)
|
|
|
|
|
+ {
|
|
|
|
|
+ // hack when using custom claims in the accessToken. On premise ADFS
|
|
|
|
|
+ userinfo = getTokenContent(accessToken);
|
|
|
|
|
+ }
|
|
|
|
|
+ else
|
|
|
|
|
+ {
|
|
|
|
|
+ // normal behaviour, getting the claims from UserInfo endpoint.
|
|
|
|
|
+ userinfo = getUserInfo(accessToken);
|
|
|
|
|
+ }
|
|
|
|
|
+
|
|
|
if (userinfo.ocs) userinfo = userinfo.ocs.data; // Nextcloud hack
|
|
if (userinfo.ocs) userinfo = userinfo.ocs.data; // Nextcloud hack
|
|
|
if (userinfo.metadata) userinfo = userinfo.metadata // Openshift hack
|
|
if (userinfo.metadata) userinfo = userinfo.metadata // Openshift hack
|
|
|
if (debug) console.log('XXX: userinfo:', userinfo);
|
|
if (debug) console.log('XXX: userinfo:', userinfo);
|
Lauri Ojansivu