Merge branch 'issue-64-introspection-sub' into 'master'

Fixed introspection sub claim. Fix #64 Closes #64 See merge request yaal/canaille!7
2021-10-03 18:28:50 +00:00 · 2021-10-03 18:28:50 +00:00 · 22f18f8cf2
commit 22f18f8cf2
parent a00ba086ad 2b307e275a
2 changed files with 4 additions and 3 deletions
--- a/canaille/oauth2utils.py
+++ b/canaille/oauth2utils.py
@ -243,13 +243,14 @@ class IntrospectionEndpoint(_IntrospectionEndpoint):

    def introspect_token(self, token):
        client_id = Client.get(token.oauthClient).oauthClientID
+        user = User.get(dn=token.oauthSubject)
        return {
            "active": True,
            "client_id": client_id,
            "token_type": token.oauthTokenType,
-            "username": User.get(dn=token.oauthSubject).name,
+            "username": user.name,
            "scope": token.get_scope(),
-            "sub": token.oauthSubject,
+            "sub": user.uid[0],
            "aud": client_id,
            "iss": authorization.metadata["issuer"],
            "exp": token.get_expires_at(),
--- a/tests/test_token_introspection.py
+++ b/tests/test_token_introspection.py
@ -14,7 +14,7 @@ def test_token_introspection(testclient, user, client, token):
        "token_type": token.oauthTokenType,
        "username": user.name,
        "scope": token.get_scope(),
-        "sub": token.oauthSubject,
+        "sub": user.uid[0],
        "aud": client.oauthClientID,
        "iss": "https://mydomain.tld",
        "exp": token.get_expires_at(),