OpenID already has a photo URL as part of the 'profile' scope. Added the the datatracker photo url to the returned OpenID 'profile' scope information when a profile photo is available.

- Legacy-Id: 18484
2020-09-10 21:45:21 +00:00 · 2020-09-10 21:45:21 +00:00 · e6f6f4697a
parent 07be1f8516
commit e6f6f4697a
2 changed files with 10 additions and 6 deletions
--- a/ietf/ietfauth/tests.py
+++ b/ietf/ietfauth/tests.py
@ -765,7 +765,7 @@ class OpenIDConnectTests(TestCase):
            client.store_registration_info(client_reg)

            # Get a user for which we want to get access
-            person = PersonFactory()
+            person = PersonFactory(with_bio=True)
            RoleFactory(name_id='chair', person=person)
            # an additional email
            EmailFactory(person=person)
@ -831,7 +831,7 @@ class OpenIDConnectTests(TestCase):
            # Get userinfo, check keys present
            userinfo = client.do_user_info_request(state=params["state"], scope=args['scope'])
            for key in [ 'email', 'family_name', 'given_name', 'meeting', 'name', 'roles',
-                         'ticket_type', 'reg_type', 'affiliation', ]:
+                         'ticket_type', 'reg_type', 'affiliation', 'picture', ]:
                self.assertIn(key, userinfo)
            self.assertIn('remote', set(userinfo['reg_type'].split()))
            self.assertNotIn('hackathon', set(userinfo['reg_type'].split()))
--- a/ietf/ietfauth/utils.py
+++ b/ietf/ietfauth/utils.py
@ -18,6 +18,7 @@ from django.core.exceptions import PermissionDenied
 from django.db.models import Q
 from django.http import HttpResponseRedirect
 from django.shortcuts import get_object_or_404
+from django.urls import reverse as urlreverse
 from django.utils.decorators import available_attrs
 from django.utils.http import urlquote

@ -209,21 +210,24 @@ def openid_userinfo(claims, user):
    # Populate claims dict.
    person = get_object_or_404(Person, user=user)
    email = person.email()
+    if person.photo:
+        photo_path = urlreverse('ietf.person.views.photo', kwargs={'email_or_name': person.email()})
+        photo_url = settings.IDTRACKER_BASE_URL + photo_path
+    else:
+        photo_url = ''
    claims.update( {
            'name':         person.plain_name(),
            'given_name':   person.first_name(),
            'family_name':  person.last_name(),
            'nickname':     '-',
            'email':        email.address if email else '',
+            'picture':      photo_url,
        } )
    return claims

-
-
-
 oidc_provider.lib.claims.StandardScopeClaims.info_profile = (
 		'Basic profile',
-		'Access to your basic datatracker information: Name.'
+		'Access to your basic datatracker information: Name, photo.'
 	    )

 class OidcExtraScopeClaims(oidc_provider.lib.claims.ScopeClaims):