Added openid fallback to user token info if profile URL not defined (d…

…irectus#9368)
samdze · Nov 2, 2021 · 1379e8b · 1379e8b
1 parent 2065df8
commit 1379e8b
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 3 deletions.
diff --git a/api/src/auth/drivers/oauth2.ts b/api/src/auth/drivers/oauth2.ts
@@ -24,7 +24,7 @@ export class OAuth2AuthDriver extends LocalAuthDriver {
 
 		const { authorizeUrl, accessUrl, profileUrl, clientId, clientSecret, ...additionalConfig } = config;
 
-		if (!authorizeUrl || !accessUrl || !profileUrl || !clientId || !clientSecret || !additionalConfig.provider) {
+		if (!authorizeUrl || !accessUrl || !clientId || !clientSecret || !additionalConfig.provider) {
 			throw new InvalidConfigException('Invalid provider config', { provider: additionalConfig.provider });
 		}
 
@@ -93,7 +93,15 @@ export class OAuth2AuthDriver extends LocalAuthDriver {
 				{ code: payload.code, state: payload.state },
 				{ code_verifier: payload.codeVerifier, state: generators.codeChallenge(payload.codeVerifier) }
 			);
-			userInfo = await this.client.userinfo(tokenSet);
+
+			const issuer = this.client.issuer;
+			if (issuer.metadata.userinfo_endpoint) {
+				userInfo = await this.client.userinfo(tokenSet);
+			} else if (tokenSet.id_token) {
+				userInfo = tokenSet.claims();
+			} else {
+				throw new InvalidConfigException('OAuth profile URL not defined', { provider: this.config.provider });
+			}
 		} catch (e) {
 			throw handleError(e);
 		}

diff --git a/api/src/auth/drivers/openid.ts b/api/src/auth/drivers/openid.ts
@@ -95,7 +95,13 @@ export class OpenIDAuthDriver extends LocalAuthDriver {
 				{ code: payload.code, state: payload.state },
 				{ code_verifier: payload.codeVerifier, state: generators.codeChallenge(payload.codeVerifier) }
 			);
-			userInfo = await client.userinfo(tokenSet);
+
+			const issuer = client.issuer;
+			if (issuer.metadata.userinfo_endpoint) {
+				userInfo = await client.userinfo(tokenSet);
+			} else {
+				userInfo = tokenSet.claims();
+			}
 		} catch (e) {
 			throw handleError(e);
 		}