prosody-modules: mod_oidc_userinfo_vcard4/mod_oidc_userinfo

5354 f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	1	-- Provide OpenID UserInfo data to mod_http_oauth2
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	2	-- Alternatively, separate module for the whole HTTP endpoint?
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	3	--
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	4	local nodeprep = require "util.encodings".stringprep.nodeprep;
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	5
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	6	local mod_pep = module:depends "pep";
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	7
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	8	local gender_map = { M = "male"; F = "female"; O = "other"; N = "nnot applicable"; U = "unknown" }
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	9
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	10	module:hook("token/userinfo", function(event)
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	11	local pep_service = mod_pep.get_pep_service(event.username);
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	12
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	13	local vcard4 = select(3, pep_service:get_last_item("urn:xmpp:vcard4", true));
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	14
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	15	local userinfo = event.userinfo;
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	16	if vcard4 and event.claims:contains("profile") then
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	17	userinfo.name = vcard4:find("fn/text#");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	18	userinfo.family_name = vcard4:find("n/surname#");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	19	userinfo.given_name = vcard4:find("n/given#");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	20	userinfo.middle_name = vcard4:find("n/additional#");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	21
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	22	userinfo.nickname = vcard4:find("nickname/text#");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	23	if not userinfo.nickname then
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	24	local ok, _, nick_item = pep_service:get_last_item("http://jabber.org/protocol/nick", true);
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	25	if ok and nick_item then
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	26	userinfo.nickname = nick_item:get_child_text("nick", "http://jabber.org/protocol/nick");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	27	end
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	28	end
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	29
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	30	userinfo.preferred_username = event.username;
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	31
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	32	-- profile -- page? not their website
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	33	-- picture -- mod_http_pep_avatar?
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	34	userinfo.website = vcard4:find("url/uri#");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	35	userinfo.birthdate = vcard4:find("bday/date#");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	36	userinfo.zoneinfo = vcard4:find("tz/text#");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	37	userinfo.locale = vcard4:find("lang/language-tag#");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	38
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	39	userinfo.gender = gender_map[vcard4:find("gender/sex#")] or vcard4:find("gender/text#");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	40
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	41	-- updated_at -- we don't keep a vcard change timestamp?
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	42	end
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	43
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	44	if not userinfo.nickname and event.claims:contains("profile") then
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	45	local ok, _, nick_item = pep_service:get_last_item("http://jabber.org/protocol/nick", true);
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	46	if ok and nick_item then
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	47	userinfo.nickname = nick_item:get_child_text("nick", "http://jabber.org/protocol/nick");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	48	end
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	49	end
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	50
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	51	if vcard4 and event.claims:contains("email") then
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	52	userinfo.email = vcard4:find("email/text#")
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	53	if userinfo.email then
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	54	userinfo.email_verified = false;
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	55	end
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	56	end
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	57
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	58	if vcard4 and event.claims:contains("address") then
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	59	local adr = vcard4:get_child("adr");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	60	if adr then
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	61	userinfo.address = {
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	62	formatted = nil;
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	63	street_address = adr:get_child_text("street");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	64	locality = adr:get_child_text("locality");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	65	region = adr:get_child_text("region");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	66	postal_code = adr:get_child_text("code");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	67	country = adr:get_child_text("country");
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	68	}
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	69	end
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	70	end
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	71
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	72	if vcard4 and event.claims:contains("phone") then
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	73	userinfo.phone = vcard4:find("email/text#")
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	74	if userinfo.phone then
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	75	userinfo.phone_number_verified = false;
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	76	end
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	77	end
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	78
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	79
f8ec43db580b mod_oidc_userinfo_vcard4: Provide profile details in mod_http_oauth2 Kim Alvefur <zash@zash.se> parents: diff changeset	80	end, 10);

author	Kim Alvefur <zash@zash.se>
	Mon, 17 Apr 2023 08:01:09 +0200
changeset 5354	f8ec43db580b
child 5364	f05de5ac219f
permissions	-rw-r--r--