Storing nuxeo-platform-login-openid UserInfo response claims in Nuxeo UserProfile documents

It would seem useful to add an extension to nuxeo-platform-login-openid that supports the mapping of the OpenID Connect UserInfo response claims to the Nuxeo user's UserDirectory Entry as well as the user's UserProfile. Since the UserProfile is a Nuxeo document that supports complex schema structures, it seems like a good candidate to store complex UserInfo response claim JSON objects like the OIDC Address claim, for example. Do you think such a feature would be useful?

1 votes

2 answers

3883 views

ANSWER



I did the initial implementation of nuxeo-platform-login-openid and as you said we still lack the ability to specify which email address should be associated with each OpenID provider. The long term plan is to store it in the UserProfile and come up with an interface to manage these external accounts. If you're willing to tackle this I'd be more than welcome to take a look at it.. I'm sure this is something that would interest Nuxeo. Importing user profiles from these OpenID providers would also be very nice to haveā€¦.

2 votes



Hi,

I indeed sounds like something useful. For now the mapping is really minmal and we could do better by letting contributing a class to handle the mapping.

This may come in the futur :

  • if someone contribute something like that
  • if we need it at some point for a project
  • if someone asks for it

Tiry

0 votes