feat: add OIDC userinfo endpoint

2026-02-16 13:57:10 +01:00 · 2026-02-16 13:57:10 +01:00 · 11a76d4ea8
commit 11a76d4ea8
parent e4e7cd237e
2 changed files with 201 additions and 0 deletions
--- a/src/fastapi_oidc_op/oidc/endpoints.py
+++ b/src/fastapi_oidc_op/oidc/endpoints.py
@ -189,3 +189,60 @@ async def token_endpoint(request: Request) -> JSONResponse:
        response_data = response_data.to_dict()

    return JSONResponse(response_data)
+
+
+@router.api_route("/userinfo", methods=["GET", "POST"])
+async def userinfo_endpoint(request: Request) -> JSONResponse:
+    """OIDC UserInfo endpoint."""
+    oidc_server = request.app.state.oidc_server
+    endpoint = oidc_server.get_endpoint("userinfo")
+
+    http_info = {
+        "headers": dict(request.headers),
+        "url": str(request.url),
+    }
+
+    if request.method == "POST":
+        body = await request.body()
+        request_data = body.decode("utf-8")
+    else:
+        request_data = {}
+
+    try:
+        parsed = endpoint.parse_request(request_data, http_info=http_info)
+    except Exception as exc:
+        return JSONResponse(
+            {"error": "invalid_token", "error_description": str(exc)},
+            status_code=401,
+        )
+
+    if isinstance(parsed, dict) and "error" in parsed:
+        error_data = parsed
+    elif hasattr(parsed, "to_dict") and "error" in parsed:
+        error_data = parsed.to_dict()
+    else:
+        error_data = None
+
+    if error_data is not None:
+        return JSONResponse(error_data, status_code=401)
+
+    result = endpoint.process_request(parsed)
+
+    if hasattr(result, "to_dict") and "error" in result:
+        return JSONResponse(result.to_dict(), status_code=401)
+    elif isinstance(result, dict) and "error" in result:
+        return JSONResponse(result, status_code=401)
+
+    resp_info = endpoint.do_response(
+        response_args=result.get("response_args"),
+        request=parsed,
+        client_id=result.get("client_id", ""),
+    )
+
+    response_data = resp_info["response"]
+    if isinstance(response_data, str):
+        response_data = json.loads(response_data)
+    elif hasattr(response_data, "to_dict"):
+        response_data = response_data.to_dict()
+
+    return JSONResponse(response_data)