Email ans profile are not claims but scope ...
Le ven. 21 août 2020 à 15:48, Nikolas Stylianides <[email protected]> a écrit : > Hi Jerome. Thank you for the response. > I am a little bit confused. What to define? > When it comes to get the user info, CAS Debugger it reports: > > I have been able to release attributes in the attribute claim > > { > "sub": "test", > "service": "client_id", > "auth_time": 1598017095, > "attributes": { > "email": "[email protected]", > "profile": "test" > }, > "id": "test", > "client_id": "client_id" > } > > by enabling: > > cas.authn.attribute-repository.ldap[0].attributes.cn=profile > cas.authn.attribute-repository.ldap[0].attributes.mail=email > > But still i cannot release the CLAIMS for the requested scopes (email, > profile) > > Thank you in advance > > > > > > > > On Fri, Aug 21, 2020 at 12:36 PM Jérôme Steve <[email protected]> > wrote: > >> Hi, >> >> In cas OIDC claims values come from attribute repositories. >> So you have to define it to retrieved your attributes value. >> And after you can map it to the OIDC claims. >> >> Jérôme >> >> Le ven. 21 août 2020 à 09:39, Nikolas Stylianides <[email protected]> >> a écrit : >> >>> when i use the PASSWORD grant_type and then use the return token to >>> fetch user information from oidc/profile this is what i get. >>> >>> { >>> "sub": "aUserName", >>> "service": "client_id", >>> "auth_time": 1597989795, >>> "attributes": {}, >>> "id": " aUserName ", >>> "client_id": "client_id" >>> } >>> >>> Any ideas why i have no claims in the return JSON? >>> Maybe the same happens with the AUTHORIZATION_CODE grant_type? >>> >>> >>> >>> Στις Πέμπτη, 20 Αυγούστου 2020 στις 5:37:33 μ.μ. UTC+3, ο χρήστης >>> Nikolas Stylianides έγραψε: >>> >>>> Hi there. >>>> Another strange behavior is the following. >>>> I am setting my Moodle to OIDC and the procedure goes well. Once i >>>> "Allow" the the claims it does not get any user info. >>>> >>>> CAS Debugger reports: <No person records were fetched from attribute >>>> repositories for [{username=c44c3fc514202ac9a8cc5cf6437c1c21}]> >>>> >>>> which username is actually client_id >>>> >>>> >>>> >>>> On Wed, Aug 19, 2020 at 6:35 PM Nikolas Stylianides < >>>> [email protected]> wrote: >>>> >>>>> Hi there. >>>>> I have manged to setup the OpenID Connect protocol. >>>>> The issue i am facing is in the last steps where the Attributes should >>>>> be released to the service but they are not. >>>>> I am getting on the logs of CAS the following: WARN >>>>> [org.apereo.cas.authentication.attribute.PrincipalAttributeRepositoryFetcher] >>>>> - <No person records were fetched from attribute repositories for ... > >>>>> >>>>> Any advice? >>>>> >>>>> My service has been defined as follows: >>>>> Service is Moodle >>>>> >>>>> { >>>>> "@class" : "org.apereo.cas.services.OidcRegisteredService", >>>>> "serviceId" : "https://myservice.domain/admin/oauth2callback.php";, >>>>> "name" : "oidc", >>>>> "id" : 102, >>>>> "clientId": "...", >>>>> "clientSecret": "...", >>>>> "scopes": [ "java.util.HashSet", >>>>> [ "openid", "profile", "email", "address", "phone", >>>>> "offline_access", "displayName" ] >>>>> ], >>>>> "supportedGrantTypes":[ "java.util.HashSet", >>>>> >>>>> ["AUTHORIZATION_CODE","CLIENT_CREDENTIALS","PASSWORD","REFRESH_TOKEN"] >>>>> ], >>>>> "supportedResponseTypes":[ "java.util.HashSet", [ "code" ] ], >>>>> "theme": "apereo", >>>>> "description" : "This service definition authorizes all application >>>>> urls that support HTTPS and IMAPS protocols.", >>>>> "evaluationOrder" : 10000, >>>>> "attributeReleasePolicy" : { >>>>> "@class" : >>>>> "org.apereo.cas.services.ReturnAllAttributeReleasePolicy" >>>>> }, >>>>> "accessStrategy" : { >>>>> "@class" : >>>>> "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy", >>>>> "enabled" : true, >>>>> "ssoEnabled" : true >>>>> } >>>>> } >>>>> >>>>> Thank you in advance. >>>>> >>>>> -- >>>>> Δρ. Νικόλας Στυλιανίδης >>>>> Ηλεκτρολόγος Μηχανικός και Μηχ. Υπολογιστών >>>>> >>>>> Nikolas Stylianides, Dr. >>>>> Dr. Eng. in Electrical & Computer Engineering >>>>> >>>>> Contacts >>>>> ------------- >>>>> Mobile Tel.: +35796741315 <+357%2096%20741315> >>>>> Email: [email protected], [email protected] >>>>> Skype: nicostyl >>>>> >>>>> Affilication >>>>> --------------- >>>>> LEAF NET LTD: Research & Development >>>>> Open University of Cyprus: Research Associate, APPLIED HEALTH >>>>> INFORMATICS Master Programme Academic Board Member >>>>> >>>>> >>>>> Tο λακωνίζειν εστί φιλοσοφείν / Μηδέν Άγαν - Χίλων ο Λακεδαιμόνιος: >>>>> >>>>> Brevity is the soul of wit - Shakespeare William (Hamlet) >>>>> >>>>> >>>>> >>>>> >>>>> >>>> >>>> -- >>>> Δρ. Νικόλας Στυλιανίδης >>>> Ηλεκτρολόγος Μηχανικός και Μηχ. Υπολογιστών >>>> >>>> Nikolas Stylianides, Dr. >>>> Dr. Eng. in Electrical & Computer Engineering >>>> >>>> Contacts >>>> ------------- >>>> Mobile Tel.: +35796741315 <+357%2096%20741315> >>>> Email: [email protected], [email protected] >>>> Skype: nicostyl >>>> >>>> Affilication >>>> --------------- >>>> LEAF NET LTD: Research & Development >>>> Open University of Cyprus: Research Associate, APPLIED HEALTH >>>> INFORMATICS Master Programme Academic Board Member >>>> >>>> >>>> Tο λακωνίζειν εστί φιλοσοφείν / Μηδέν Άγαν - Χίλων ο Λακεδαιμόνιος: >>>> >>>> Brevity is the soul of wit - Shakespeare William (Hamlet) >>>> >>>> >>>> >>>> >>>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/e9ce28d5-72f9-4229-9dcc-51ad9a8e1150n%40apereo.org >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/e9ce28d5-72f9-4229-9dcc-51ad9a8e1150n%40apereo.org?utm_medium=email&utm_source=footer> >>> . >>> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD6Knbz0u4iNgJL8MA%2Bq9_c7NFF92VpqgGh-zR_WRbdz8H0Z-Q%40mail.gmail.com >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD6Knbz0u4iNgJL8MA%2Bq9_c7NFF92VpqgGh-zR_WRbdz8H0Z-Q%40mail.gmail.com?utm_medium=email&utm_source=footer> >> . >> > > > -- > Δρ. Νικόλας Στυλιανίδης > Ηλεκτρολόγος Μηχανικός και Μηχ. Υπολογιστών > > Nikolas Stylianides, Dr. > Dr. Eng. in Electrical & Computer Engineering > > Contacts > ------------- > Mobile Tel.: +35796741315 > Email: [email protected], [email protected] > Skype: nicostyl > > Affilication > --------------- > LEAF NET LTD: Research & Development > Open University of Cyprus: Research Associate, APPLIED HEALTH INFORMATICS > Master Programme Academic Board Member > > > Tο λακωνίζειν εστί φιλοσοφείν / Μηδέν Άγαν - Χίλων ο Λακεδαιμόνιος: > > Brevity is the soul of wit - Shakespeare William (Hamlet) > > > > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGp1hEXsCPhv6HsedTkEM3QZ2KnPZQyO1sdSkUBZidtFAM8abQ%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGp1hEXsCPhv6HsedTkEM3QZ2KnPZQyO1sdSkUBZidtFAM8abQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD6Knbyd25Zu95fmbdFAWabk_4%2Bx08H2pXvM%3Dgmp-_qC6HBErw%40mail.gmail.com.
