aboutsummaryrefslogtreecommitdiffstats
path: root/perllib/OIDC/Lite/Client/WebServer/Azure.pm
diff options
context:
space:
mode:
authorDave Arter <davea@mysociety.org>2019-08-16 14:26:17 +0100
committerDave Arter <davea@mysociety.org>2019-08-16 14:26:17 +0100
commite13c2a88e875b549624df0d1ad46bb0e2e121653 (patch)
tree5122704fe370499d35643b96f8bc9440d70cb152 /perllib/OIDC/Lite/Client/WebServer/Azure.pm
parent52dfeb4d3c0883d05d01662597f1f8f5d74ba15b (diff)
parent3137ae8d24dd4ab922ef83b5733332b54bac1903 (diff)
Merge branch 'westminster-reviewed'
Diffstat (limited to 'perllib/OIDC/Lite/Client/WebServer/Azure.pm')
-rw-r--r--perllib/OIDC/Lite/Client/WebServer/Azure.pm39
1 files changed, 39 insertions, 0 deletions
diff --git a/perllib/OIDC/Lite/Client/WebServer/Azure.pm b/perllib/OIDC/Lite/Client/WebServer/Azure.pm
new file mode 100644
index 000000000..b19dce90e
--- /dev/null
+++ b/perllib/OIDC/Lite/Client/WebServer/Azure.pm
@@ -0,0 +1,39 @@
+package OIDC::Lite::Client::WebServer::Azure;
+
+use strict;
+use warnings;
+use parent 'OIDC::Lite::Client::WebServer';
+
+use OIDC::Lite::Client::IDTokenResponseParser;
+
+=head1 NAME
+
+OIDC::Lite::Client::WebServer::Azure - extension to auth against Azure AD B2C
+
+OIDC::Lite doesn't appear to support the authorisation code flow to get an
+ID token - only an access token. Azure returns all its claims in the id_token
+and doesn't support a UserInfo endpoint, so this extension adds support for
+parsing the id_token when calling get_access_token.
+
+=cut
+
+=head2 new
+
+Overrides response_parser so that get_access_token returns a
+L<OIDC::Lite::Model::IDToken> object.
+
+NB this does not perform any verification of the id_token. It's assumed to be
+safe as it's come directly from the OpenID IdP and not an untrusted user's
+browser.
+
+=cut
+
+sub new {
+ my $self = shift->next::method(@_);
+
+ $self->{response_parser} = OIDC::Lite::Client::IDTokenResponseParser->new;
+
+ return $self;
+}
+
+1;
generated by cgit v1.2.3 (git 2.25.1) at 2025-09-06 06:32:13 +0000