Add realm_access.roles from JWT claims (keep in parity with front-end)

uwcirg · Dec 24, 2024 · 433ff0a · 433ff0a
1 parent c9c8526
commit 433ff0a
Showing 1 changed file with 5 additions and 1 deletion.
diff --git a/patientsearch/api.py b/patientsearch/api.py
@@ -109,7 +109,11 @@ def current_user_info(token):
         DEA = oidc.user_getfield("DEA")
     except Exception:
         DEA = "unknown"
-    return {"username": username, "DEA": DEA}
+    try:
+        roles = oidc.user_getfield("realm_access")["roles"]
+    except Exception:
+        roles = []
+    return {"username": username, "DEA": DEA, "roles": roles}
 
 
 @api_blueprint.route("/home", methods=["GET"])