[pve-devel] [PATCH openid 1/1] fix #4234: openid: make userinfo request optional
Thomas Skinner
thomas at atskinner.net
Sat Aug 31 00:34:30 CEST 2024
Signed-off-by: Thomas Skinner <thomas at atskinner.net>
---
proxmox-openid/src/lib.rs | 9 ++++++---
1 file changed, 6 insertions(+), 3 deletions(-)
diff --git a/proxmox-openid/src/lib.rs b/proxmox-openid/src/lib.rs
index fe65fded..7cef06e0 100644
--- a/proxmox-openid/src/lib.rs
+++ b/proxmox-openid/src/lib.rs
@@ -195,7 +195,7 @@ impl OpenIdAuthenticator {
&self,
code: &str,
private_auth_state: &PrivateAuthState,
- ) -> Result<(CoreIdTokenClaims, GenericUserInfoClaims), Error> {
+ ) -> Result<(CoreIdTokenClaims, Option<GenericUserInfoClaims>), Error> {
let code = AuthorizationCode::new(code.to_string());
// Exchange the code with a token.
let token_response = self
@@ -213,11 +213,14 @@ impl OpenIdAuthenticator {
.claims(&id_token_verifier, &private_auth_state.nonce)
.map_err(|err| format_err!("Failed to verify ID token: {}", err))?;
- let userinfo_claims: GenericUserInfoClaims = self
+ let userinfo_claims: Option<GenericUserInfoClaims> = match self
.client
.user_info(token_response.access_token().to_owned(), None)?
.request(http_client)
- .map_err(|err| format_err!("Failed to contact userinfo endpoint: {}", err))?;
+ {
+ Ok(claims) => Some(claims),
+ Err(..) => None,
+ };
Ok((id_token_claims.clone(), userinfo_claims))
}
--
2.39.2
More information about the pve-devel
mailing list