feat: add OIDC claims mapping and PorchlightUserInfo source

2026-02-16 12:52:43 +01:00 · 2026-02-16 12:52:43 +01:00 · 02b75a3eca
commit 02b75a3eca
parent fd098a4eff
3 changed files with 122 additions and 0 deletions
--- a/tests/test_oidc/test_claims.py
+++ b/tests/test_oidc/test_claims.py
@ -0,0 +1,65 @@
+from datetime import UTC, datetime
+
+from fastapi_oidc_op.models import User
+from fastapi_oidc_op.oidc.claims import PorchlightUserInfo, user_to_claims
+
+
+def test_user_to_claims_minimal() -> None:
+    user = User(userid="lusab-bansen", username="alice")
+    claims = user_to_claims(user)
+    assert claims["sub"] == "lusab-bansen"
+    assert claims["preferred_username"] == "alice"
+    assert "email" not in claims  # None fields excluded
+
+
+def test_user_to_claims_full() -> None:
+    user = User(
+        userid="lusab-bansen",
+        username="alice",
+        preferred_username="Alice W.",
+        given_name="Alice",
+        family_name="Wonderland",
+        nickname="ali",
+        email="alice@example.com",
+        email_verified=True,
+        phone_number="+1234567890",
+        phone_number_verified=False,
+        picture="https://example.com/alice.jpg",
+        locale="en",
+        updated_at=datetime(2025, 1, 1, tzinfo=UTC),
+    )
+    claims = user_to_claims(user)
+    assert claims["sub"] == "lusab-bansen"
+    assert claims["preferred_username"] == "Alice W."
+    assert claims["given_name"] == "Alice"
+    assert claims["family_name"] == "Wonderland"
+    assert claims["nickname"] == "ali"
+    assert claims["email"] == "alice@example.com"
+    assert claims["email_verified"] is True
+    assert claims["phone_number"] == "+1234567890"
+    assert claims["phone_number_verified"] is False
+    assert claims["picture"] == "https://example.com/alice.jpg"
+    assert claims["locale"] == "en"
+    assert claims["updated_at"] == int(datetime(2025, 1, 1, tzinfo=UTC).timestamp())
+
+
+def test_porchlight_userinfo_returns_claims() -> None:
+    userinfo = PorchlightUserInfo()
+    userinfo.set_user_claims("lusab-bansen", {"sub": "lusab-bansen", "email": "a@b.com"})
+    result = userinfo("lusab-bansen", "client1")
+    assert result["sub"] == "lusab-bansen"
+    assert result["email"] == "a@b.com"
+
+
+def test_porchlight_userinfo_filters_claims() -> None:
+    userinfo = PorchlightUserInfo()
+    userinfo.set_user_claims("lusab-bansen", {"sub": "lusab-bansen", "email": "a@b.com", "name": "Alice"})
+    result = userinfo("lusab-bansen", "client1", user_info_claims={"email": None})
+    assert "email" in result
+    assert "name" not in result
+
+
+def test_porchlight_userinfo_unknown_user() -> None:
+    userinfo = PorchlightUserInfo()
+    result = userinfo("unknown", "client1")
+    assert result == {}