Enhance ID token with client ID and owner details

Added `aud` field to the ID token, setting it to the client ID, ensuring proper audience specification. Enhanced owner struct to include `name` and `email`, and incorporated these details into the ID token. This improves alignment with OpenID Connect standards and enhances traceability by providing more detailed user information.
azutoolkit · Oct 18, 2024 · e668eb1 · e668eb1
1 parent ee2cb48
commit e668eb1
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 4 deletions.
diff --git a/src/authly/grant.cr b/src/authly/grant.cr
@@ -75,6 +75,7 @@ module Authly
       if scope.includes? "openid"
         payload = Authly.owners.id_token(auth_code["user_id"].as_s)
         payload["iss"] = Authly.config.issuer
+        payload["aud"] = @client_id
         Authly.jwt_encode(payload)
       end
     end

diff --git a/src/authly/owner.cr b/src/authly/owner.cr
@@ -1,5 +1,8 @@
 module Authly
   struct Owner
+    property id : String = Random::Secure.hex(16)
+    property name : String = ""
+    property email : String = ""
     property username : String
     property password : String
 
@@ -26,11 +29,13 @@ module Authly
     end
 
     def id_token(user_id : String) : Hash(String, String | Int64)
+      user = find! { |owner| owner.id == user_id }
       {
-        "sub"     => Random::Secure.hex(32),
-        "iat"     => Time.utc.to_unix,
-        "exp"     => 1.hour.from_now.to_unix,
-        "user_id" => user_id,
+        "sub"   => user_id,
+        "iat"   => Time.utc.to_unix,
+        "exp"   => 1.hour.from_now.to_unix,
+        "name"  => user.name,
+        "email" => user.email,
       }
     end