A simple implementation of userinfo endpoint#1201
Conversation
df4d57a to
b2b85fe
Compare
|
Hello @jackielii, You've saved a soul! I just patched my dex deployment with this pull request and IT WORKED AWESOME!!! Bravo! |
|
Glad it helped. Please also note that the |
Noted, please. If you won't mind, can I "go get" from your fork? Thanks, please. |
|
Our fork had a lot custom changes, I think I'll make the master branch of github.com/jackielii/dex up to date with this patch. will do it later |
8bca500 to
e3489b9
Compare
|
@adebisi-fa updated the PR. I suggest you just clone the repo: https://github.com/jackielii/dex.git to |
|
Whao, @jackielii ! I cannot thank you enough for this, honestly!
I will do exactly that. Thanks, please. Thank you! |
|
@srenatus @jackielii Any progress with this? Thanks |
|
Hi @ccojocar, as far as this pr is concerned, it's finished. |
|
I'll try to review this soon, sorry for radio silence here. 😅 |
|
@srenatus any chance this will be merged? |
|
I've adapted the code to the current branch: #1453 |
A stop gap to solve #376. Borrowed mostly from #1133.
The way it works is we create a signed jwt token as access_token (same claims as id token), on requesting /userinfo, it verifies the token and check it's not expired etc, and return the claims in json
IMHO, the full solution should involve the storage to implement similar logic for refresh_token. i.e. serialise access token and save in storage and retrieve upon requesting user info.
Because access token is opaque to the user, we can later roll in the proper solution without breaking API.