[cas-user] How to add addtional information in JWT claims

Wed, 22 Aug 2018 19:20:02 -0700 

Hi I user cas 5.3.2.

I want to add custom claims in JWT.


So, I add configuration in cas.properties

cas.authn.attributeRepository.jdbc[0].singleRow=true
cas.authn.attributeRepository.jdbc[0].sql=SELECT u.*, g.group_name FROM 
user As u JOIN user_groups AS g ON u.user_email = g.user_email WHERE {0}
cas.authn.attributeRepository.jdbc[0].username=u.user_email
cas.authn.attributeRepository.jdbc[0].requireAllAttributes=true

cas.authn.attributeRepository.jdbc[0].attributes.user_email=user_email
cas.authn.attributeRepository.jdbc[0].attributes.user_name=user_name
*cas.authn.attributeRepository.jdbc[0].attributes.user_group=group_name*
*cas.authn.attributeRepository.defaultAttributesToRelease=user_email,user_name,user_group*


*cas.authn.oidc.userDefinedScopes.myscope=user_email,user_name,user_group*

*cas.authn.oidc.scopes=openid,profile,email,address,phone,offline_access,myscope*
*cas.authn.oidc.dynamicClientRegistrationMode=OPEN*
*cas.authn.oidc.claims=sub,name,preferred_username,family_name, \*
*given_name,middle_name,given_name,profile, \*
*picture,nickname,website,zoneinfo,locale,updated_at,birthdate, \*
*user_email,user_name,auth_yn,email_verified,phone_number,phone_number_verfied,address,user_group*

*cas.authn.oidc.claimsMap.user_group=user_group*

user_email, user_name include in JWT. but user_group not include....


service file

{
  "@class" : "org.apereo.cas.services.OidcRegisteredService",
  "clientId": "oidcTest",
  "clientSecret": "oidcTestSecret",
  "bypassApprovalPrompt": true,
  "generateRefreshToken": true,  
  "serviceId" : "serviceurl",
  "name" : "oidcClient",
  "id" : 1,
  "scopes" : [ "java.util.HashSet", ["openid", "profile", "myscope"]],
  "attributeReleasePolicy" : {
    "@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"
  }
}

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5492d6b6-abee-463f-b596-ce9749fe92cf%40apereo.org.

Reply via email to