From 3e26170f4b77ff384a4334a713caf7c0027f4670 Mon Sep 17 00:00:00 2001
From: Jens Langhammer <jens.langhammer@beryju.org>
Date: Thu, 1 Jul 2021 17:33:46 +0200
Subject: [PATCH] providers/oauth2: deepmerge claims

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
---
 authentik/providers/oauth2/views/userinfo.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/authentik/providers/oauth2/views/userinfo.py b/authentik/providers/oauth2/views/userinfo.py
index 0771c3313..3c544b425 100644
--- a/authentik/providers/oauth2/views/userinfo.py
+++ b/authentik/providers/oauth2/views/userinfo.py
@@ -1,6 +1,7 @@
 """authentik OAuth2 OpenID Userinfo views"""
 from typing import Any, Optional
 
+from deepmerge import always_merger
 from django.http import HttpRequest, HttpResponse
 from django.http.response import HttpResponseBadRequest
 from django.views import View
@@ -78,7 +79,7 @@ class UserInfoView(View):
                 )
                 continue
             LOGGER.debug("updated scope", scope=scope)
-            final_claims.update(value)
+            always_merger.merge(final_claims, value)
         return final_claims
 
     def dispatch(self, request: HttpRequest, *args: Any, **kwargs: Any) -> HttpResponse: