headless_lms_server::controllers::main_frontend::oauth::userinfo

Function user_info

pub async fn user_info(
    pool: Data<PgPool>,
    req: HttpRequest,
    app_conf: Data<ApplicationConfiguration>,
) -> ControllerResult<HttpResponse>

Expand description

Handles /userinfo for returning user claims according to granted scopes.

Validates access token (Bearer or DPoP-bound)
For DPoP tokens: requires valid DPoP proof (JKT + ATH)
For Bearer tokens: requires client.bearer_allowed = true
Returns sub always; first_name/last_name with profile; email with email

Follows OIDC Core §5.3.

Function user_infoCopy item path

Function user_info