Before spending time on a pull request, I wanted to raise it first as an issue to understand the reasoning behind it. An provider returns a normalized {:ok, userinfo_claims} according to the OpenID standard claims spec. One of these claims is the subject or sub and - according to the specs - should be of type string. Some providers return their subject as integer, and I would suspect that the normalize call would convert those to a string. But unfortunately, that is not the case and even appears as integer in the test cases (see https://github.com/pow-auth/assent/blob/main/test/assent/strategies/strava_test.exs#L56 for example).
Wouldn't it be more logical and according to the specs if the normalizer always return a string for the sub claim? If so, I would certainly help changing it in a PR.
Before spending time on a pull request, I wanted to raise it first as an issue to understand the reasoning behind it. An provider returns a normalized
{:ok, userinfo_claims}
according to the OpenID standard claims spec. One of these claims is the subject orsub
and - according to the specs - should be of type string. Some providers return their subject as integer, and I would suspect that thenormalize
call would convert those to a string. But unfortunately, that is not the case and even appears as integer in the test cases (see https://github.com/pow-auth/assent/blob/main/test/assent/strategies/strava_test.exs#L56 for example).Wouldn't it be more logical and according to the specs if the normalizer always return a string for the
sub
claim? If so, I would certainly help changing it in a PR.