From edb71f262ed263372e004eb7f1a42e78112c51ae Mon Sep 17 00:00:00 2001
From: Julian Rother <julianr@fsmpi.rwth-aachen.de>
Date: Fri, 9 Oct 2020 01:24:27 +0200
Subject: [PATCH] Added documentation about response headers

---
 README.md | 9 +++++++++
 app.py    | 6 +++---
 2 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index f3a94ee..65a7474 100644
--- a/README.md
+++ b/README.md
@@ -7,4 +7,13 @@ OAuth2 server (urls defined in config) and -- apart from a session cookie --
 stateless. OAuth2 client id, secret and redirect URI are passed from the
 integrating NGINX to the proxy in HTTP headers.
 
+The following data about the authenticated user is returned by the `/auth`
+endpoint as HTTP headers:
+
+* `OAUTH-USER-ID`: (usually numeric) unique user id
+* `OAUTH-USER-NAME`: display name
+* `OAUTH-USER-NICKNAME`: unique user name (for urls, @-handles, ...)
+* `OAUTH-USER-EMAIL`: email address
+* `OAUTH-USER-GROUPS`: comma-separated list of group names
+
 See testapp for an example setup.
diff --git a/app.py b/app.py
index e40b829..04c09f1 100644
--- a/app.py
+++ b/app.py
@@ -45,9 +45,9 @@ def create_app(test_config=None):
 			client_secret=request.headers['X-CLIENT-SECRET'],
 			authorization_response=request.url, verify=(not app.debug))
 		userinfo = client.get(app.config['OAUTH2_USERINFO_URL']).json()
-		session['user_id'] = userinfo['id'] # (usually numeric) unique user id
-		session['user_name'] = userinfo['name'] # display name
-		session['user_nickname'] = userinfo['nickname'] # unique user name (for urls, @-handles, ...)
+		session['user_id'] = userinfo['id']
+		session['user_name'] = userinfo['name']
+		session['user_nickname'] = userinfo['nickname']
 		session['user_email'] = userinfo['email']
 		session['user_groups'] = userinfo['groups']
 		return redirect(session.pop('url'))
-- 
GitLab