From 6e8d15e5ed422c47ad0acc36b8e6f64558fc4b32 Mon Sep 17 00:00:00 2001
From: Kerry <kerrya@element.io>
Date: Wed, 4 Oct 2023 17:05:54 +1300
Subject: [PATCH] add claims to completeauhtorizationcodegrant response (#3765)

---
 spec/unit/oidc/authorize.spec.ts | 2 ++
 src/oidc/authorize.ts            | 4 +++-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/spec/unit/oidc/authorize.spec.ts b/spec/unit/oidc/authorize.spec.ts
index ffd22148d..fdab18d09 100644
--- a/spec/unit/oidc/authorize.spec.ts
+++ b/spec/unit/oidc/authorize.spec.ts
@@ -284,6 +284,7 @@ describe("oidc authorization", () => {
                     expires_at: result.tokenResponse.expires_at,
                     scope,
                 },
+                idTokenClaims: result.idTokenClaims,
             });
         });
 
@@ -325,6 +326,7 @@ describe("oidc authorization", () => {
                     expires_at: result.tokenResponse.expires_at,
                     scope,
                 },
+                idTokenClaims: result.idTokenClaims,
             });
 
             expect(result.tokenResponse.token_type).toEqual("Bearer");
diff --git a/src/oidc/authorize.ts b/src/oidc/authorize.ts
index df802aa0a..d6ca942e6 100644
--- a/src/oidc/authorize.ts
+++ b/src/oidc/authorize.ts
@@ -14,7 +14,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 
-import { Log, OidcClient, SigninResponse, SigninState, WebStorageStateStore } from "oidc-client-ts";
+import { IdTokenClaims, Log, OidcClient, SigninResponse, SigninState, WebStorageStateStore } from "oidc-client-ts";
 
 import { IDelegatedAuthConfig } from "../client";
 import { subtleCrypto, TextEncoder } from "../crypto/crypto";
@@ -199,6 +199,7 @@ export const completeAuthorizationCodeGrant = async (
     oidcClientSettings: IDelegatedAuthConfig & { clientId: string };
     tokenResponse: BearerTokenResponse;
     homeserverUrl: string;
+    idTokenClaims: IdTokenClaims;
     identityServerUrl?: string;
 }> => {
     /**
@@ -250,6 +251,7 @@ export const completeAuthorizationCodeGrant = async (
             tokenResponse: normalizedTokenResponse,
             homeserverUrl: userState.homeserverUrl,
             identityServerUrl: userState.identityServerUrl,
+            idTokenClaims: signinResponse.profile,
         };
     } catch (error) {
         logger.error("Oidc login failed", error);