From 83f2c713e9f57abb0b056176ec7a809bd88179de Mon Sep 17 00:00:00 2001 From: Oskars Pakers Date: Fri, 31 May 2024 12:07:05 +0300 Subject: [PATCH 1/5] Ability to map custom claims --- src/routes/consent.ts | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/src/routes/consent.ts b/src/routes/consent.ts index 33962584..3e489e63 100644 --- a/src/routes/consent.ts +++ b/src/routes/consent.ts @@ -57,6 +57,18 @@ const extractSession = ( session.id_token.name = identity.traits.name } + const traitsToMap = process.env.ID_TOKEN_TRAITS + console.log("traitsToMap", traitsToMap) + if (traitsToMap) { + const traits = traitsToMap.split(",") + for (const trait of traits) { + if (identity.traits[trait]) { + console.log("mapping trait", trait) + session.id_token[trait] = identity.traits[trait] + } + } + } + if (identity.updated_at) { session.id_token.updated_at = Date.parse(identity.updated_at) } From 129a1dd800c755e124436701383691ca189e0175 Mon Sep 17 00:00:00 2001 From: Oskars Pakers Date: Fri, 31 May 2024 13:47:18 +0300 Subject: [PATCH 2/5] Add documentation for introduced variable --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index fa65342a..bd6e38f3 100644 --- a/README.md +++ b/README.md @@ -56,6 +56,7 @@ Ory OAuth2 requires more setup to get CSRF cookies on the `/consent` endpoint. name without the `__Host-` prefix. - `TRUSTED_CLIENT_IDS` (optional): A list of trusted client ids. They can be set to skip the consent screen. +- `ID_TOKEN_TRAITS` (optional): A comma separated list of identity traits to be mapped to id_token. Getting TLS working: From f5ed8da08c1e5c43e9322e807c062776a0109f1d Mon Sep 17 00:00:00 2001 From: Oskars Pakers Date: Fri, 31 May 2024 13:54:29 +0300 Subject: [PATCH 3/5] Fix formatting --- README.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index bd6e38f3..98307e69 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,8 @@ Ory OAuth2 requires more setup to get CSRF cookies on the `/consent` endpoint. name without the `__Host-` prefix. - `TRUSTED_CLIENT_IDS` (optional): A list of trusted client ids. They can be set to skip the consent screen. -- `ID_TOKEN_TRAITS` (optional): A comma separated list of identity traits to be mapped to id_token. +- `ID_TOKEN_TRAITS` (optional): A comma separated list of identity traits to be + mapped to id_token. Getting TLS working: From baa424928203ea4d04b20d5d851207736641f4aa Mon Sep 17 00:00:00 2001 From: Oskars Pakers Date: Fri, 31 May 2024 14:04:48 +0300 Subject: [PATCH 4/5] Fix formatting --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 98307e69..a829b47a 100644 --- a/README.md +++ b/README.md @@ -56,7 +56,7 @@ Ory OAuth2 requires more setup to get CSRF cookies on the `/consent` endpoint. name without the `__Host-` prefix. - `TRUSTED_CLIENT_IDS` (optional): A list of trusted client ids. They can be set to skip the consent screen. -- `ID_TOKEN_TRAITS` (optional): A comma separated list of identity traits to be +- `ID_TOKEN_TRAITS` (optional): A comma separated list of identity traits to be mapped to id_token. Getting TLS working: From 6d391f0116df6ec51583ba333fb28a85bf0d7f4a Mon Sep 17 00:00:00 2001 From: Oskars Pakers Date: Fri, 31 May 2024 14:18:35 +0300 Subject: [PATCH 5/5] Remove console.log statement --- src/routes/consent.ts | 2 -- 1 file changed, 2 deletions(-) diff --git a/src/routes/consent.ts b/src/routes/consent.ts index 3e489e63..e71689e6 100644 --- a/src/routes/consent.ts +++ b/src/routes/consent.ts @@ -58,12 +58,10 @@ const extractSession = ( } const traitsToMap = process.env.ID_TOKEN_TRAITS - console.log("traitsToMap", traitsToMap) if (traitsToMap) { const traits = traitsToMap.split(",") for (const trait of traits) { if (identity.traits[trait]) { - console.log("mapping trait", trait) session.id_token[trait] = identity.traits[trait] } }