search

FusionAuth / fusionauth-issues

FusionAuth issue submission project
https://fusionauth.io
90 stars 12 forks source link

Add locale and timezone information to the oauth userinfo endpoint #659

Closed soullivaneuh closed 2 months ago

soullivaneuh commented 4 years ago

Add additional information to the oauth userinfo endpoint

Problem

I setup a very simple oauth login process for an app.

The app will copy some user information on connection. But I can't access to the preferred languages neither the timezone property:

array:9 [▼
  "applicationId" => "7ea0f431-3d2a-43bc-a61b-69180a415c98"
  "email" => "john.doe@example.com"
  "email_verified" => true
  "family_name" => "Doe2"
  "given_name" => "John"
  "phone_number" => "+33666666666"
  "preferred_username" => "user_default"
  "roles" => []
  "sub" => "bd01409c-40e7-46af-8696-cb473bcdaa55"
]

Solution

Add those quite basic and useful fields!

Alternatives/workarounds

I may create a JWT token to call the FA API and get more information.

But I currently don't use the JWT feature, only the auth one.

I would be much simpler to me to have more information directly on the auth response.

Additional context

Add any other context or screenshots about the feature request here.

How to vote

Please give us a thumbs up or thumbs down as a reaction to help us prioritize this feature. Feel free to comment if you have a particular need or comment on how this feature should work.

robotdan commented 4 years ago

Can you use a lambda to accomplish this? The language and timezone are on the user object.

soullivaneuh commented 4 years ago

@robotdan I'm sorry I quite don't understand you. :-/

What do you mean by using a lambda? Have you any example to provide?

robotdan commented 4 years ago

Here is the lambda doc. https://fusionauth.io/docs/v1/tech/lambdas/jwt-populate

The JWT Populate allows you to add additional claims to the access token JWT or the id token JWT.

The Userinfo endpoint takes an Access Token and returns the payload of the JWT in addition to some other registered user claims.

Adding additional information to the JWT using the JWT populate will give you the additional claims on the Userinfo response.

soullivaneuh commented 4 years ago

Yes, this is quite what I mean of what I wrote on the workaround section.

But as I don't use the JWT, I would like to simplify the process.

Why can't we have this information directly from the oauth endpoint? If we can have the phonenumber, why not other useful info like preferred languages and timezone?

I need it only to adjust the locale language and timezone values of my app.

mooreds commented 4 years ago

It looks like the requested claims (locale, zoneinfo) are part of the standard: https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims

Right now the recommended workaround is to use a JWT and a lambda, as Daniel suggested. The lambda gives you a lot more flexibility, but I understand that if you aren't using JWTs it may not work. You could also use the API to get information about the user: https://fusionauth.io/docs/v1/tech/apis/users#retrieve-a-user

I'll mark this as an enhancement request.

We unfortunately can't commit to any timeline right now due to other priorities, unless you choose to engage us in a professional services agreement (more on that here: https://fusionauth.io/community/forum/topic/51/i-need-feature-abc-and-am-willing-to-pay-you-to-build-it-how-can-i-get-in-touch )

spwitt commented 3 months ago

Internal

andrewpai commented 2 months ago

This is addressed in the upcoming 1.50.0 release. These values will be added when using a scope policy of Strict, and can be optionally added using the new userinfo lambda, too.