From ecfa1f9e8236d61772b94e66dd3539f188a8dcfb Mon Sep 17 00:00:00 2001
From: Julian Rother <julianr@fsmpi.rwth-aachen.de>
Date: Thu, 26 Nov 2020 15:50:41 +0100
Subject: [PATCH] documented removal of ldap_uuid from oauth2 userinfo

---
 uffd/oauth2/views.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/uffd/oauth2/views.py b/uffd/oauth2/views.py
index a7d81d06..a054b0d1 100644
--- a/uffd/oauth2/views.py
+++ b/uffd/oauth2/views.py
@@ -100,6 +100,9 @@ def token():
 @oauth.require_oauth('profile')
 def userinfo():
 	user = request.oauth.user
+	# We once exposed the entryUUID here as "ldap_uuid" until realising that it
+	# can (and does!) change randomly and is therefore entirely useless as an
+	# indentifier.
 	return jsonify(
 		id=user.uid,
 		name=user.displayname,
-- 
GitLab