ms::Authorize method get_user_data (protected)

 <instance of ms::Authorize[i]> get_user_data [ -token token ]

Defined in packages/xooauth/tcl/ms-procs.tcl

Get data via the provided token (which comes from the "id_token"). In case of an error or incomplete data, add this information the result dict. See here for AD claim sets: https://learn.microsoft.com/en-us/azure/active-directory/develop/active-directory-optional-claims The error codes returned by Azure are defined here: https://learn.microsoft.com/en-us/azure/active-directory/develop/reference-error-codes Extra errors for OpenACS are prefixed with "oacs-"

Switches:
-token (optional)
Returns:
return a dict containing the extracted fields

Testcases:
No testcase defined.
Source code:
set result {}
lassign [split $token .] jwt_header jwt_claims jwt_signature

#ns_log notice "[self]: jwt_header <[:json_to_dict [encoding convertfrom "utf-8" [ns_base64urldecode -- $jwt_header]]]>"

if {$jwt_claims eq ""} {
    dict set result error [ns_queryget error]
    return $result
}
#
# At least in the case of Azure, the jwt content is
# already in UTF-8, so no "-binary" flag is needed.
#
set claims [:json_to_dict  [encoding convertfrom "utf-8"  [ns_base64urldecode -- $jwt_claims]]]
dict set result claims $claims

set data [:get_required_fields  -claims $claims  -mapped_fields {
                  {upn email}
                  {family_name last_name}
                  {given_name first_names}
              }]
if {[dict exists $data error]} {
    set result [dict merge $data $result]
} else {
    set result [dict merge $result [dict get $data fields]]
}
return $result
XQL Not present:
Generic, PostgreSQL, Oracle
[ hide source ] | [ make this the default ]
Show another procedure: