LG-15391 Allow SPs to request the user's locale#11756
Merged
Conversation
We have a service provider who would like to be able to receive the user's UI locale when they receive attributes after sign in. This partner has a `post_idv_follow_up_url` that is configured to redirect the user to Login.gov with a request for verified attributes. Since the user does not see a UI on their site and likely does not have an established session there they want to know what locale the user is using on Login.gov to provide a consistent experience. This commit enables partners to request to user's locale using the `locale` OIDC scope. The locale is stored in the session and set to the current user's locale on every request. This ensures the latest value will be returned to service providers. changelog: Upcoming features, Requestable attributes, A claim that will allows SPs to request the user's UI locale was added
jmhooper
requested review from
a team,
Sgtpluck,
aduth,
mitchellhenke and
zachmargolis
jmhooper
changed the title
jmhooper
changed the title
|
|
||
| userinfo_response = JSON.parse(page.body).with_indifferent_access | ||
| expect(userinfo_response[:email]).to eq(user.email) | ||
| expect(userinfo_response[:locale]).to eq('en') |
Contributor
There was a problem hiding this comment.
would it be a more illustrative test if we did a non-default (non-en) locale?
Contributor
Author
There was a problem hiding this comment.
I've been working on this one for a bit and it is surprisingly difficult. The helpers that we use to work through the sign in and redirect process all assume the default locale. Some of them do unhelpful things like explicitly visit a path without a locale param which resets the locale to en.
I'll keep hacking on it to see what I come up with but it is getting messy.
Contributor
Author
There was a problem hiding this comment.
I pushed f1e8a38 to the other branch. It has what I came up with. I'll move it over here.
mitchellhenke
approved these changes
Jan 16, 2025
Sgtpluck
approved these changes
Jan 16, 2025
jmhooper
changed the title
jmhooper
added a commit
to GSA-TTS/identity-dev-docs
that referenced
this pull request
Jan 16, 2025
In 18F/identity-idp#11756 we added a feature that allows service providers to request a user's locale and receive it in the claims about the user. This commit documents the mechanism that service providers should use to make that request with OIDC and SAML.
jmhooper
added a commit
to GSA-TTS/identity-dev-docs
that referenced
this pull request
Jan 21, 2025
In 18F/identity-idp#11756 we added a feature that allows service providers to request a user's locale and receive it in the claims about the user. This commit documents the mechanism that service providers should use to make that request with OIDC and SAML. Signed-off-by: Jonathan Hooper <jonathan.hooper@gsa.gov>
jmhooper
added a commit
to GSA-TTS/identity-dev-docs
that referenced
this pull request
Jan 21, 2025
In 18F/identity-idp#11756 we added a feature that allows service providers to request a user's locale and receive it in the claims about the user. This commit documents the mechanism that service providers should use to make that request with OIDC and SAML. Signed-off-by: Jonathan Hooper <jonathan.hooper@gsa.gov>
jmhooper
added a commit
to GSA-TTS/identity-dev-docs
that referenced
this pull request
Jan 21, 2025
In 18F/identity-idp#11756 we added a feature that allows service providers to request a user's locale and receive it in the claims about the user. This commit documents the mechanism that service providers should use to make that request with OIDC and SAML. Signed-off-by: Jonathan Hooper <jonathan.hooper@gsa.gov>
jmhooper
added a commit
that referenced
this pull request
Jan 22, 2025
We added the locale param to the post-IdV follow-up URL as a short term solution for a partner who needed to get the user's locale when they clicked that link. In #11756 we made a change that allows SPs to request the locale via the OIDC claims or SAML attributes. This should resolve the issue for that partner. This commit removes support for including the locale as a param on the post-IdV follow-up URL. It should not be merged until: 1. Our partner has configured their application to request the locale in the OIDC params 2. We have removed the templated locale value from their configured post-IdV follow-up URL [skip changelog]
2 tasks
jmhooper
added a commit
that referenced
this pull request
Feb 12, 2025
We added the locale param to the post-IdV follow-up URL as a short term solution for a partner who needed to get the user's locale when they clicked that link. In #11756 we made a change that allows SPs to request the locale via the OIDC claims or SAML attributes. This should resolve the issue for that partner. This commit removes support for including the locale as a param on the post-IdV follow-up URL. It should not be merged until: 1. Our partner has configured their application to request the locale in the OIDC params 2. We have removed the templated locale value from their configured post-IdV follow-up URL [skip changelog]
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
We have a service provider who would like to be able to receive the user's UI locale when they receive attributes after sign in. This partner has a
post_idv_follow_up_urlthat is configured to redirect the user to Login.gov with a request for verified attributes. Since the user does not see a UI on their site and likely does not have an established session there they want to know what locale the user is using on Login.gov to provide a consistent experience.This commit enables partners to request to user's locale using the
localeOIDC scope. The locale is stored in the session and set to the current user's locale on every request. This ensures the latest value will be returned to service providers.