diff --git a/langdev/web/templates/thirdparty/app.html b/langdev/web/templates/thirdparty/app.html
index 03e869d..6c183fd 100644
--- a/langdev/web/templates/thirdparty/app.html
+++ b/langdev/web/templates/thirdparty/app.html
@@ -103,6 +103,17 @@
Not Found
even if there is no given user, give error=ignore
option into
request.
+ Request the user information
+ If you need the information of given user when the authentication has
+ succeed, give with=userinfo
option into request.
+
+ Response example: when with=userinfo
option was given
+ HTTP/1.1 200 OK
+Vary: Accept
+Content-Type: application/json
+
+{{ require('langdev.web.serializers').json(current_user) }}
+
Delete
{% call render_raw_form('delete_app', app_key=app.key) %}
diff --git a/langdev/web/thirdparty.py b/langdev/web/thirdparty.py
index d95816b..93dd880 100644
--- a/langdev/web/thirdparty.py
+++ b/langdev/web/thirdparty.py
@@ -87,6 +87,7 @@ def delete_app(app_key):
def sso(app_key, user_login):
"""Simple SSO API."""
app = get_app(app_key)
+ require_userinfo = request.values.get('with') == 'userinfo'
error_ignored = request.values.get('error') == 'ignore'
success = None
if User.LOGIN_PATTERN.match(user_login):
@@ -108,5 +109,12 @@ def sso(app_key, user_login):
success = False
if success is None:
success = app.hmac(user.password) == request.values['password']
- return render('thirdparty/sso', success, success=success)
+ if success and require_userinfo:
+ result = user
+ # workaround to include ``email`` attribute in the response.
+ # see also :func:`langdev.objsimplify.transform`.
+ g.current_user = user
+ else:
+ result = success
+ return render('thirdparty/sso', result, success=success)