import { UserInfoResponse } from "https://deno.land/x/authlete_deno@v1.2.7/mod.ts";
Enums
The next action that the service implementation should take. |
import { UserInfoResponse } from "https://deno.land/x/authlete_deno@v1.2.7/mod.ts";
Response from Authlete /auth/userinfo
API
Properties
The list of claims that the client application requests
to be embedded in the userinfo response. The value comes from
scope
and claims
request parameters of the original
authorization request. For more details, see the following links.
The client ID alias when the authorization request for the access token was made. Note that this value may be different from the current client ID alias.
Flag which indicates whether the client ID alias was used when the authorization request for the access token was made.
The value of the "userinfo"
property in the claims
request
parameter or in the "claims"
property in an authorization
request object.
A client application may request certain claims be embedded in
an ID token or in a response from the UserInfo endpoint. There
are several ways. Including the claims
request parameter and
including the "claims"
property in a request object are such examples.
In both the cases, the value of the claims
parameter/property
is JSON. Its format is described in 5.5. Requesting Claims using
the "claims" Request Parameter
of OpenID Connect Core 1.0.
The following is an excerpt from the specification. You can find
"userinfo"
and "id_token"
are top-level properties.
{
"userinfo":
{
"given_name": {"essential": true},
"nickname": null,
"email": {"essential": true},
"email_verified": {"essential": true},
"picture": null,
"http://example.info/claims/groups": null
},
"id_token":
{
"auth_time": {"essential": true},
"acr": {"values": ["urn:mace:incommon:iap:silver"] }
}
}
This property has the value of the "userinfo"
property in JSON
format. For example, if the JSON above is included in an authorization
request, the value of this property is JSON equivalent to the
following.
{
"given_name": {"essential": true},
"nickname": null,
"email": {"essential": true},
"email_verified": {"essential": true},
"picture": null,
"http://example.info/claims/groups": null
}
Note that if a request object is given and it contains the "claims"
property and if the claims
request parameter is also given, this
method returns the value in the former.