providers/oauth2: use user.uid

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-05-15 14:08:49 +02:00
parent a4278833d8
commit 6600d5bf69
2 changed files with 3 additions and 2 deletions

View file

@ -12,7 +12,6 @@ from uuid import uuid4
from cryptography.hazmat.primitives.asymmetric.rsa import RSAPrivateKey
from dacite import from_dict
from django.conf import settings
from django.db import models
from django.http import HttpRequest
from django.utils import dateformat, timezone
@ -457,7 +456,7 @@ class RefreshToken(ExpiringModel, BaseGrantModel):
See: http://openid.net/specs/openid-connect-core-1_0.html#IDToken"""
sub = ""
if self.provider.sub_mode == SubModes.HASHED_USER_ID:
sub = sha256(f"{user.id}-{settings.SECRET_KEY}".encode("ascii")).hexdigest()
sub = user.uid
elif self.provider.sub_mode == SubModes.USER_EMAIL:
sub = user.email
elif self.provider.sub_mode == SubModes.USER_USERNAME:

View file

@ -13,12 +13,14 @@ func getTemplates() *template.Template {
<head>
<title>{{.Title}}</title>
<meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1, user-scalable=no">
<style>* { font-family: sans-serif; }</style>
</head>
<body>
<h2>{{.Title}}</h2>
<p>{{.Message}}</p>
<hr>
<p><a href="{{.ProxyPrefix}}/sign_in">Sign In</a></p>
<p>Powered by <a href="https://goauthentik.io">authentik</a></p>
</body>
</html>{{end}}`)
if err != nil {