Merge pull request #2 from safarijv/DOM-1132

DOM-1132 | Add setting to allow overidding create_id_token

Author: bunchesofdonald

CHANGELOG.md

@@ -5,11 +5,17 @@ All notable changes to this project will be documented in this file.
 ### [Unreleased]
 
 
+### [0.5.5] - 2018-09-11
+
+##### Changed
+- Added `OIDC_IDTOKEN_CREATE_HOOK` setting to allow for setting function that's used when creating the payload dict for the id_token.
+
+
 ### [0.5.2] - 2017-08-22
 
 ##### Fixed
 -	Fix infinite login loop if "prompt=login" (#198)
-- Fix Django 2.0 deprecation warnings (#185) 
+- Fix Django 2.0 deprecation warnings (#185)
 
 
 ### [0.5.1] - 2017-07-11

oidc_provider/lib/endpoints/authorize.py

@@ -21,7 +21,6 @@
 )
 from oidc_provider.lib.utils.token import (
     create_code,
-    create_id_token,
     create_token,
     encode_id_token,
 )
@@ -162,7 +161,11 @@ def create_response_uri(self):
                     # Include at_hash when access_token is being returned.
                     if 'access_token' in query_fragment:
                         kwargs['at_hash'] = token.at_hash
-                    id_token_dic = create_id_token(**kwargs)
+
+                    create_id_token_hook = settings.import_hook(
+                        'OIDC_IDTOKEN_CREATE_HOOK'
+                    )
+                    id_token_dic = create_id_token_hook(**kwargs)
 
                     # Check if response_type must include id_token in the response.
                     if self.params['response_type'] in ['id_token', 'id_token token', 'code id_token', 'code id_token token']:

oidc_provider/lib/endpoints/token.py

@@ -166,7 +166,11 @@ def create_access_token_response_dic(self):
             self.client,
             self.params['scope'].split(' '))
 
-        id_token_dic = create_id_token(
+        create_id_token_hook = settings.import_hook(
+            'OIDC_IDTOKEN_CREATE_HOOK'
+        )
+
+        id_token_dic = create_id_token_hook(
             user=self.user,
             aud=self.client.client_id,
             nonce='self.code.nonce',
@@ -194,8 +198,12 @@ def create_code_response_dic(self):
             client=self.code.client,
             scope=self.code.scope)
 
+        create_id_token_hook = settings.import_hook(
+            'OIDC_IDTOKEN_CREATE_HOOK'
+        )
+
         if self.code.is_authentication:
-            id_token_dic = create_id_token(
+            id_token_dic = create_id_token_hook(
                 user=self.code.user,
                 aud=self.client.client_id,
                 nonce=self.code.nonce,
@@ -238,8 +246,11 @@ def create_refresh_response_dic(self):
             scope=scope)
 
         # If the Token has an id_token it's an Authentication request.
+        create_id_token_hook = settings.import_hook(
+            'OIDC_IDTOKEN_CREATE_HOOK'
+        )
         if self.token.id_token:
-            id_token_dic = create_id_token(
+            id_token_dic = create_id_token_hook(
                 user=self.token.user,
                 aud=self.client.client_id,
                 nonce=None,

oidc_provider/settings.py

@@ -131,6 +131,14 @@ def OIDC_IDTOKEN_PROCESSING_HOOK(self):
         """
         return 'oidc_provider.lib.utils.common.default_idtoken_processing_hook'
 
+    @property
+    def OIDC_IDTOKEN_CREATE_HOOK(self):
+        """
+        OPTIONAL. A string with the location of your hook.
+        Used to create a dictionary that will be the payload of the id_token.
+        """
+        return 'oidc_provider.lib.utils.token.create_id_token'
+
     @property
     def OIDC_GRANT_TYPE_PASSWORD_ENABLE(self):
         """
@@ -171,6 +179,11 @@ def import_from_str(value):
         raise ImportError(msg)
 
 
+def import_hook(hook_name):
+    hook_path = get(hook_name.upper())
+    return import_from_str(hook_path)
+
+
 def get(name, import_str=False):
     """
     Helper function to use inside the package.

setup.py

@@ -10,7 +10,7 @@
 
 setup(
     name='django-oidc-provider',
-    version='0.5.4',
+    version='0.5.5',
     packages=find_packages(),
     include_package_data=True,
     license='MIT License',