Request id_token, sync more fields to Auth0

dotkom · Feb 28, 2024 · 6686bf2 · 6686bf2
1 parent a4b5092
commit 6686bf2
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 0 deletions.
diff --git a/apps/authentication/models.py b/apps/authentication/models.py
@@ -294,6 +294,28 @@ def save(self, *args, **kwargs):
                     }
                 )
 
+            if self.first_name != old.first_name and len(self.first_name) > 0:
+                # auth0 does not allow zero-length names
+                auth0 = auth0 if auth0 is not None else auth0_client()
+                auth0.users.update(self.auth0_subject, {"given_name": self.first_name})
+
+            if self.last_name != old.last_name and len(self.first_name) > 0:
+                auth0 = auth0 if auth0 is not None else auth0_client()
+                auth0.users.update(self.auth0_subject, {"family_name": self.last_name})
+
+            if self.phone_number != old.phone_number:
+                # this should technically perform more validation, number might be invalid
+                auth0 = auth0 if auth0 is not None else auth0_client()
+                auth0.users.update(
+                    self.auth0_subject, {"user_metadata": {"phone": self.phone_number}}
+                )
+
+            if self.gender != old.gender:
+                auth0 = auth0 if auth0 is not None else auth0_client()
+                auth0.users.update(
+                    self.auth0_subject, {"user_metadata": {"gender": self.gender}}
+                )
+
         super().save(*args, **kwargs)
 
     def serializable_object(self):

diff --git a/onlineweb4/settings/base.py b/onlineweb4/settings/base.py
@@ -149,3 +149,4 @@ def get_stats_file() -> str:
 OIDC_OP_LOGOUT_URL_METHOD = "apps.authentication.backends.provider_logout"
 # we need it for logout
 OIDC_STORE_ID_TOKEN = True
+OIDC_RP_SCOPES = "openid email profile"