From 0832c2c10fdc84829e229eb2f000313a0f9b2df4 Mon Sep 17 00:00:00 2001
From: eliasjpr <eliasjpr@gmail.com>
Date: Fri, 18 Oct 2024 19:59:13 -0400
Subject: [PATCH] Refactor id_token logic for OpenID compatibility

Replaced `user_id` with `username` for `sub` claim in ID token to align with OpenID standards. Removed unnecessary `name` and `email` properties from `Owner` struct for streamlined data handling. Adjusted token expiration to use `access_ttl` from configuration for consistency. This update improves ID token generation and enhances interoperability with OpenID compliant systems.
---
 spec/authly_spec.cr | 2 +-
 src/authly/grant.cr | 3 ++-
 src/authly/owner.cr | 9 +++------
 3 files changed, 6 insertions(+), 8 deletions(-)

diff --git a/spec/authly_spec.cr b/spec/authly_spec.cr
index ee6318f..d395a3b 100644
--- a/spec/authly_spec.cr
+++ b/spec/authly_spec.cr
@@ -27,7 +27,7 @@ describe Authly do
           id_token_decoded = Authly.jwt_decode(id_token).first
 
           token.should be_a Authly::AccessToken
-          id_token_decoded["user_id"].should eq "username"
+          id_token_decoded["sub"].should eq "username"
         end
       end
     end
diff --git a/src/authly/grant.cr b/src/authly/grant.cr
index a7d6170..8bab9b6 100644
--- a/src/authly/grant.cr
+++ b/src/authly/grant.cr
@@ -73,7 +73,8 @@ module Authly
 
     private def generate_id_token
       if scope.includes? "openid"
-        payload = Authly.owners.id_token(auth_code["user_id"].as_s)
+        user_id = auth_code["user_id"].as_s
+        payload = Authly.owners.id_token(user_id)
         payload["iss"] = Authly.config.issuer
         payload["aud"] = @client_id
         Authly.jwt_encode(payload)
diff --git a/src/authly/owner.cr b/src/authly/owner.cr
index 4676b75..81ab3ec 100644
--- a/src/authly/owner.cr
+++ b/src/authly/owner.cr
@@ -1,8 +1,6 @@
 module Authly
   struct Owner
     property id : String = Random::Secure.hex(16)
-    property name : String = ""
-    property email : String = ""
     property username : String
     property password : String
 
@@ -29,13 +27,12 @@ module Authly
     end
 
     def id_token(user_id : String) : Hash(String, String | Int64)
-      user = find! { |owner| owner.id == user_id }
+      user = find! { |owner| owner.username == user_id }
       {
         "sub"   => user_id,
         "iat"   => Time.utc.to_unix,
-        "exp"   => 1.hour.from_now.to_unix,
-        "name"  => user.name,
-        "email" => user.email,
+        "exp"   => Authly.config.access_ttl.from_now.to_unix,
+        "iss"   => Authly.config.issuer,
       }
     end