feat(oauth2): simple userinfo endpoint

Signed-off-by: d.kudrinskiy <hardviper@icloud.com>
nextcloud · Feb 20, 2024 · f5b90e2 · f5b90e2
1 parent f1fe3be
commit f5b90e2
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 0 deletions.
diff --git a/apps/oauth2/appinfo/routes.php b/apps/oauth2/appinfo/routes.php
@@ -43,5 +43,10 @@
  'url' => '/api/v1/token',
  'verb' => 'POST'
  ],
+ [
+ 'name' => 'OauthApi#getUserInfo',
+ 'url' => '/api/v1/userinfo',
+ 'verb' => 'GET'
+ ],
  ],
 ];
diff --git a/apps/oauth2/lib/Controller/OauthApiController.php b/apps/oauth2/lib/Controller/OauthApiController.php
@@ -45,6 +45,7 @@
 use OCP\Security\ICrypto;
 use OCP\Security\ISecureRandom;
 use Psr\Log\LoggerInterface;
+use OCP\IUserSession;
 
 class OauthApiController extends Controller {
  // the authorization code expires after 10 minutes
@@ -62,6 +63,7 @@ public function __construct(
  private LoggerInterface $logger,
  private IThrottler $throttler,
  private ITimeFactory $timeFactory,
+ private IUserSession $userSession,
  ) {
  parent::__construct($appName, $request);
  }
@@ -226,4 +228,21 @@ public function getToken(
  ]
  );
  }
+
+ /**
+ * @PublicPage
+ * @NoCSRFRequired
+ *
+ * @return JSONResponse
+ */
+ public function getUserInfo() {
+ $user = $this->userSession->getUser();
+ $displayname = explode(' ', $user->getDisplayName());
+ return new JSONResponse([
+ 'sub' => $user->getUID(),
+ 'given_name' => $displayname[0],
+ 'family_name' => $displayname[1] ? $displayname[1] : $displayname[0],
+ 'email' => $user->getEMailAddress()
+ ]);
+ }
 }