Standard claims are ignored when CustomClaim is defined

[ArcRiiad]

Hi there!

We noticed unexpected behavior after updating django-oidc-provider 0.7 to 0.8 when using standard and custom claims when forging the id_token.

When we define a resolver for custom claims using OIDC_EXTRA_SCOPE_CLAIMS, the OIDC_USERINFO is somehow ignored.

After some research, we discovered that this behavior was introduced by this commit (https://github.com/juanifioren/django-oidc-provider/commit/64e395c5b68b9374e6b3e1d1fedb362dacb9000d) and from what I understood from reading the code, StandardScopeClaims are never called when OIDC_EXTRA_SCOPE_CLAIMS is defined.

So my questions is,

• Is this normal behavior? (I have some doubts about this after reading the commit message and the corresponding documentation).

Python: 3.10.12
Django: 4.2.1
Django-oidc-provider: 0.8.0

Settings:
OIDC_IDTOKEN_INCLUDE_CLAIMS = True
OIDC_USERINFO = 'users.models.oidc_userinfo'
OIDC_EXTRA_SCOPE_CLAIMS = 'users.models.CustomScopeClaims'

[bmihelac]

I have a similar issue. For now, as a workaround, I am subclassing from StandardScopeClaims:

-class CustomScopeClaims(ScopeClaims):
+class CustomScopeClaims(StandardScopeClaims):

@ArcRiiad did you ever find an answer?

[ArcRiiad]

Hi @bmihelac! We ended up doing the same thing by forking and patching the package on our end. Unfortunately, I can't share the exact fix since I'm no longer with that company 😅