Added documentation about response headers

edb71f26 · Julian · a0c88fd1 · edb71f26 · edb71f26
Commit edb71f26 authored Oct 8, 2020 by Julian
--- a/README.md
+++ b/README.md
@@ -7,4 +7,13 @@ OAuth2 server (urls defined in config) and -- apart from a session cookie --
 stateless. OAuth2 client id, secret and redirect URI are passed from the
 integrating NGINX to the proxy in HTTP headers.

+The following data about the authenticated user is returned by the `/auth`
+endpoint as HTTP headers:
+
+* `OAUTH-USER-ID`: (usually numeric) unique user id
+* `OAUTH-USER-NAME`: display name
+* `OAUTH-USER-NICKNAME`: unique user name (for urls, @-handles, ...)
+* `OAUTH-USER-EMAIL`: email address
+* `OAUTH-USER-GROUPS`: comma-separated list of group names
+
 See testapp for an example setup.
--- a/app.py
+++ b/app.py
@@ -45,9 +45,9 @@ def create_app(test_config=None):
 			client_secret=request.headers['X-CLIENT-SECRET'],
 			authorization_response=request.url, verify=(not app.debug))
 		userinfo = client.get(app.config['OAUTH2_USERINFO_URL']).json()
-		session['user_id'] = userinfo['id'] # (usually numeric) unique user id
-		session['user_name'] = userinfo['name'] # display name
-		session['user_nickname'] = userinfo['nickname'] # unique user name (for urls, @-handles, ...)
+		session['user_id'] = userinfo['id']
+		session['user_name'] = userinfo['name']
+		session['user_nickname'] = userinfo['nickname']
 		session['user_email'] = userinfo['email']
 		session['user_groups'] = userinfo['groups']
 		return redirect(session.pop('url'))