Merge pull request #157 from thivi/master

Enforce `openid` scope

lib/src/authentication-client.ts

@@ -17,7 +17,12 @@
  */
 
 import { AxiosResponse } from "axios";
-import { OIDC_SCOPE, OP_CONFIG_INITIATED, ResponseMode, SIGN_OUT_SUCCESS_PARAM } from "./constants";
+import {
+    OIDC_SCOPE,
+    OP_CONFIG_INITIATED,
+    ResponseMode,
+    SIGN_OUT_SUCCESS_PARAM
+} from "./constants";
 import { AuthenticationCore } from "./core";
 import { DataLayer } from "./data";
 import {
@@ -39,7 +44,7 @@ const DefaultConfig: Partial<AuthClientConfig<unknown>> = {
     clockTolerance: 300,
     enablePKCE: true,
     responseMode: ResponseMode.query,
-    scope: [OIDC_SCOPE],
+    scope: [ OIDC_SCOPE ],
     sendCookiesInRequests: true,
     validateIDToken: true
 };
@@ -100,7 +105,8 @@ export class AsgardeoAuthClient<T> {
      * @preserve
      */
     public async initialize(config: AuthClientConfig<T>): Promise<void> {
-        await this._dataLayer.setConfigData({ ...DefaultConfig, ...config });
+        await this._dataLayer.setConfigData(
+            { ...DefaultConfig, ...config, scope: [...DefaultConfig.scope ?? [], ...config.scope ?? []] });
     }
 
     /**

lib/src/core/authentication-core.ts

@@ -443,17 +443,17 @@ export class AuthenticationCore<T> {
 
         let basicUserInfo: BasicUserInfo = {
             allowedScopes: sessionData.scope,
-            sessionState: sessionData.session_state,
-            username: authenticatedUser.username
+            sessionState: sessionData.session_state
         };
 
-        if (!authenticatedUser.displayName || authenticatedUser.displayName === "") {
-            delete authenticatedUser.displayName;
-        }
-
-        if (!authenticatedUser.tenantDomain || authenticatedUser.tenantDomain === "") {
-            delete authenticatedUser.tenantDomain;
-        }
+        Object.keys(authenticatedUser).forEach((key) => {
+            if (
+                authenticatedUser[key] === undefined ||
+                authenticatedUser[key] === "" ||
+                authenticatedUser[key] === null ) {
+                delete authenticatedUser[key];
+            }
+        });
 
         basicUserInfo = { ...basicUserInfo, ...authenticatedUser };
 

lib/src/models/user.ts

@@ -18,7 +18,7 @@
 
 export interface BasicUserInfo {
     email?: string | undefined;
-    username: string;
+    username?: string | undefined;
     displayName?: string | undefined;
     allowedScopes: string;
     tenantDomain?: string | undefined;

lib/src/utils/authentication-utils.ts

@@ -26,8 +26,7 @@ export class AuthenticationUtils {
     public static getAuthenticatedUserInfo(idToken: string): AuthenticatedUserInfo {
         const payload: DecodedIDTokenPayload = CryptoUtils.decodeIDToken(idToken);
         const tenantDomain: string = this.getTenantDomainFromIdTokenPayload(payload);
-        const username: string = this.extractUserName(payload);
-
+        const username: string = payload?.username ?? "";
         const givenName: string = payload.given_name ?? "";
         const familyName: string = payload.family_name ?? "";
         const fullName: string =
@@ -86,15 +85,6 @@ export class AuthenticationUtils {
         return camelCasedPayload;
     }
 
-    public static extractUserName = (payload: DecodedIDTokenPayload, uidSeparator: string = "@"): string => {
-        const uid = payload.sub;
-        const parts = uid.split(uidSeparator);
-
-        parts.length > 2 && parts.pop();
-
-        return parts.join(uidSeparator);
-    };
-
     public static getTenantDomainFromIdTokenPayload = (
         payload: DecodedIDTokenPayload,
         uidSeparator: string = "@"