From 84629795d18e51f6af2331d05eb54490ab2776f4 Mon Sep 17 00:00:00 2001 From: Stefan Bodewig Date: Fri, 17 Dec 2021 18:00:22 +0100 Subject: [PATCH] add additional arguments to on_authenticated lifecycle hook helps with #413 Signed-off-by: Stefan Bodewig --- ChangeLog | 4 ++++ README.md | 1 + lib/resty/openidc.lua | 2 +- 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index bc5e47a..af72966 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +12/17/2021 +- added id_token and the token endpoint response as additional + arguments to the on_authenticated lifecycle hook; see #413 + 11/19/2021 - added opts.discovery_expires_in in order to make cache expiry of OpenID Connect Discovery responses configurable. diff --git a/README.md b/README.md index 27c4c5a..ed582b3 100644 --- a/README.md +++ b/README.md @@ -212,6 +212,7 @@ h2JHukolz9xf6qN61QMLSd83+kwoBr2drp6xg3eGDLIkQCQLrkY= -- `openidc_authorize` immediately prior to saving the session -- -- `on_authenticated` hook is invoked *after* receiving authorization response in -- `openidc_authorization_response` immediately prior to saving the session + -- Starting with lua-resty-openidc 1.7.5 this receives the decoded id_token as second and the response of the token endpoint as third argument -- -- `on_regenerated` is invoked immediately after the a new access token has been obtained via token refresh and is called with the regenerated session table diff --git a/lib/resty/openidc.lua b/lib/resty/openidc.lua index dff0f7f..ce38a70 100644 --- a/lib/resty/openidc.lua +++ b/lib/resty/openidc.lua @@ -1188,7 +1188,7 @@ local function openidc_authorization_response(opts, session) end if opts.lifecycle and opts.lifecycle.on_authenticated then - err = opts.lifecycle.on_authenticated(session) + err = opts.lifecycle.on_authenticated(session, id_token, json) if err then log(WARN, "failed in `on_authenticated` handler: " .. err) return nil, err, session.data.original_url, session