Extend the functionality of custom OIDC_USERNAME_ALGO to using claims

Question

Extend the functionality of custom OIDC_USERNAME_ALGO to using claims

EduardRosert opened this issue a year ago · comments

At the moment, configuring a custom user name also via the OIDC_USERNAME_ALGO environment variable currently limits the username generation to usernames based on the user's email from the oidc claims.

In auth.py:

    def get_username(self, claims):
        """Generate username based on claims."""
        # bluntly stolen from django-browserid
        # https://github.com/mozilla/django-browserid/blob/master/django_browserid/auth.py
        username_algo = self.get_settings("OIDC_USERNAME_ALGO", None)

        if username_algo:
            if isinstance(username_algo, str):
                username_algo = import_string(username_algo)
            return username_algo(claims.get("email"))  # <-- this could accept claims as an argument to make it more general

It would be useful make the custom user name generation more general by also passing the claims, maybe in a backwards compatible manner.

A related issue that might be solved with the proposed change as well would be #482.

Tasos Katsoulas · Answer 1 · Fri Nov 24 2023 18:21:27 GMT+0800 (China Standard Time)

Fixed via #508