3 files changed, 39 insertions, 1 deletions

diff --git a/perllib/FixMyStreet/Cobrand/Westminster.pm b/perllib/FixMyStreet/Cobrand/Westminster.pm
index 9ae276f2b..ba65f75a6 100644
--- a/perllib/FixMyStreet/Cobrand/Westminster.pm
+++ b/perllib/FixMyStreet/Cobrand/Westminster.pm
@@ -44,4 +44,18 @@ sub anonymous_account {
     };
 }
 
+sub oidc_user_extra {
+    my ($self, $id_token) = @_;
+
+    # Westminster want the CRM ID of the user to be passed in the
+    # account_id field of Open311 POST Service Requests, so
+    # extract it from the id token and store in user extra
+    # if it's available.
+    my $crm_id = $id_token->payload->{extension_CrmContactId};
+
+    return {
+        $crm_id ? (westminster_account_id => $crm_id) : (),
+    };
+}
+
 1;
diff --git a/t/Mock/OpenIDConnect.pm b/t/Mock/OpenIDConnect.pm
index ca0da48cd..3fb15ff70 100644
--- a/t/Mock/OpenIDConnect.pm
+++ b/t/Mock/OpenIDConnect.pm
@@ -46,7 +46,8 @@ sub dispatch_request {
             auth_time => $now,
             given_name => "Andy",
             family_name => "Dwyer",
-            tfp => "B2C_1_default"
+            tfp => "B2C_1_default",
+            extension_CrmContactId => "1c304134-ef12-c128-9212-123908123901",
         };
         $payload->{emails} = ['oidc@example.org'] if $self->returns_email;
         my $signature = "dummy";
diff --git a/t/app/controller/auth_social.t b/t/app/controller/auth_social.t
index 0f092b480..6c80c9857 100644
--- a/t/app/controller/auth_social.t
+++ b/t/app/controller/auth_social.t
@@ -74,6 +74,9 @@ for my $test (
     error_callback => '/auth/OIDC?error=ERROR',
     success_callback => '/auth/OIDC?code=response-code',
     redirect_pattern => qr{oidc\.example\.org/oauth2/v2\.0/authorize},
+    user_extras => [
+        [westminster_account_id => "1c304134-ef12-c128-9212-123908123901"],
+    ],
 }
 ) {
 
@@ -194,13 +197,33 @@ for my $state ( 'refused', 'no email', 'existing UID', 'okay' ) {
                 } elsif ($test->{type} eq 'oidc') {
                     is_deeply $user->oidc_ids, [ $test->{uid} ], 'User now has correct OIDC IDs';
                 }
+                if ($test->{user_extras}) {
+                    for my $extra (@{ $test->{user_extras} }) {
+                        my ($k, $v) = @$extra;
+                        is $user->get_extra_metadata($k), $v, "User has correct $k extra field";
+                    }
+                }
 
             } elsif ($page ne 'my') {
                 # /my auth login goes directly there, no message like this
                 $mech->content_contains('You have successfully signed in; please check and confirm your details are accurate');
                 $mech->logged_in_ok;
+                if ($test->{user_extras}) {
+                    my $user = FixMyStreet::App->model( 'DB::User' )->find( { email => $test->{email} } );
+                    for my $extra (@{ $test->{user_extras} }) {
+                        my ($k, $v) = @$extra;
+                        is $user->get_extra_metadata($k), $v, "User has correct $k extra field";
+                    }
+                }
             } else {
                 is $mech->uri->path, '/my', 'Successfully on /my page';
+                if ($test->{user_extras}) {
+                    my $user = FixMyStreet::App->model( 'DB::User' )->find( { email => $test->{email} } );
+                    for my $extra (@{ $test->{user_extras} }) {
+                        my ($k, $v) = @$extra;
+                        is $user->get_extra_metadata($k), $v, "User has correct $k extra field";
+                    }
+                }
             }
         }
     }