If you définie a custom clami "attributes" it's normal i think. Show me your custuom configuration to be sure.
Le sam. 22 août 2020 à 15:16, Nikolas Stylianides <[email protected]> a écrit : > I have gone this further. > I declare a SCOPE of my own. With specific CLAIMS. > And this claims are mapped to attributes. > > All claims appear in field "attributes" and not in the top hierarchy. > is this normal? > > > > > > On Sat, Aug 22, 2020 at 3:43 PM Nikolas Stylianides < > [email protected]> wrote: > >> Hi Jerome. Keep in mind that my CAS release is 6.2.1. >> >> I have no attributes.username since I collect my attributes during the >> LDAP authentication. >> I have also tried mapping claims to attributes with no luck. >> >> >> In the document action it says that If no mapping is provide then the >> attributes names must much the claim names. I do that also in my service >> definition file. >> Still no luck. >> >> All claims are included under the field "attributes" >> >> Which is not the response I expect. >> >> Has anyone solved this in 6.2.1? >> Maybe is a bug? >> >> Στις Σάβ, 22 Αυγ 2020, 12:49 ο χρήστης Jérôme Steve < >> [email protected]> έγραψε: >> >>> First,I think you have to définie attributs.username correspondibg to >>> jour login : >>> >>> >>> https://apereo.github.io/cas/5.1.x/integration/Attribute-Release-Policies.html >>> >>> After you have to maps attributs to claims : >>> >>> >>> https://apereo.github.io/cas/5.1.x/installation/OIDC-Authentication.html#mapping-claims >>> >>> >>> >>> Le sam. 22 août 2020 à 10:34, Nikolas Stylianides < >>> [email protected]> a écrit : >>> >>>> Anyone with an answer for this behavior? >>>> I can now release attributes but only under the field "attributes". >>>> Anything i am missing to be able to release claims in the format: >>>> { >>>> "email": "[email protected] <https://groups.google.com/>", >>>> "given_name": "test", >>>> "sub": "test", >>>> "service": "client_id", >>>> "auth_time": 1598017095, >>>> "id": "test", >>>> "client_id": "client_id" >>>> } >>>> >>>> >>>> Στις Παρασκευή, 21 Αυγούστου 2020 στις 4:48:44 μ.μ. UTC+3, ο χρήστης >>>> Nikolas Stylianides έγραψε: >>>> >>>>> Hi Jerome. Thank you for the response. >>>>> I am a little bit confused. What to define? >>>>> When it comes to get the user info, CAS Debugger it reports: >>>>> >>>>> I have been able to release attributes in the attribute claim >>>>> >>>>> { >>>>> "sub": "test", >>>>> "service": "client_id", >>>>> "auth_time": 1598017095, >>>>> "attributes": { >>>>> "email": "[email protected]", >>>>> "profile": "test" >>>>> }, >>>>> "id": "test", >>>>> "client_id": "client_id" >>>>> } >>>>> >>>>> by enabling: >>>>> >>>>> cas.authn.attribute-repository.ldap[0].attributes.cn=profile >>>>> cas.authn.attribute-repository.ldap[0].attributes.mail=email >>>>> >>>>> But still i cannot release the CLAIMS for the requested scopes (email, >>>>> profile) >>>>> >>>>> Thank you in advance >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> On Fri, Aug 21, 2020 at 12:36 PM Jérôme Steve <[email protected]> >>>>> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> In cas OIDC claims values come from attribute repositories. >>>>>> So you have to define it to retrieved your attributes value. >>>>>> And after you can map it to the OIDC claims. >>>>>> >>>>>> Jérôme >>>>>> >>>>>> Le ven. 21 août 2020 à 09:39, Nikolas Stylianides < >>>>>> [email protected]> a écrit : >>>>>> >>>>>>> when i use the PASSWORD grant_type and then use the return token to >>>>>>> fetch user information from oidc/profile this is what i get. >>>>>>> >>>>>>> { >>>>>>> "sub": "aUserName", >>>>>>> "service": "client_id", >>>>>>> "auth_time": 1597989795, >>>>>>> "attributes": {}, >>>>>>> "id": " aUserName ", >>>>>>> "client_id": "client_id" >>>>>>> } >>>>>>> >>>>>>> Any ideas why i have no claims in the return JSON? >>>>>>> Maybe the same happens with the AUTHORIZATION_CODE grant_type? >>>>>>> >>>>>>> >>>>>>> >>>>>>> Στις Πέμπτη, 20 Αυγούστου 2020 στις 5:37:33 μ.μ. UTC+3, ο χρήστης >>>>>>> Nikolas Stylianides έγραψε: >>>>>>> >>>>>>>> Hi there. >>>>>>>> Another strange behavior is the following. >>>>>>>> I am setting my Moodle to OIDC and the procedure goes well. Once i >>>>>>>> "Allow" the the claims it does not get any user info. >>>>>>>> >>>>>>>> CAS Debugger reports: <No person records were fetched from >>>>>>>> attribute repositories for >>>>>>>> [{username=c44c3fc514202ac9a8cc5cf6437c1c21}]> >>>>>>>> >>>>>>>> which username is actually client_id >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> On Wed, Aug 19, 2020 at 6:35 PM Nikolas Stylianides < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Hi there. >>>>>>>>> I have manged to setup the OpenID Connect protocol. >>>>>>>>> The issue i am facing is in the last steps where the Attributes >>>>>>>>> should be released to the service but they are not. >>>>>>>>> I am getting on the logs of CAS the following: WARN >>>>>>>>> [org.apereo.cas.authentication.attribute.PrincipalAttributeRepositoryFetcher] >>>>>>>>> - <No person records were fetched from attribute repositories for ... >>>>>>>>> > >>>>>>>>> >>>>>>>>> Any advice? >>>>>>>>> >>>>>>>>> My service has been defined as follows: >>>>>>>>> Service is Moodle >>>>>>>>> >>>>>>>>> { >>>>>>>>> "@class" : "org.apereo.cas.services.OidcRegisteredService", >>>>>>>>> "serviceId" : "https://myservice.domain/admin/oauth2callback.php >>>>>>>>> ", >>>>>>>>> "name" : "oidc", >>>>>>>>> "id" : 102, >>>>>>>>> "clientId": "...", >>>>>>>>> "clientSecret": "...", >>>>>>>>> "scopes": [ "java.util.HashSet", >>>>>>>>> [ "openid", "profile", "email", "address", "phone", >>>>>>>>> "offline_access", "displayName" ] >>>>>>>>> ], >>>>>>>>> "supportedGrantTypes":[ "java.util.HashSet", >>>>>>>>> >>>>>>>>> ["AUTHORIZATION_CODE","CLIENT_CREDENTIALS","PASSWORD","REFRESH_TOKEN"] >>>>>>>>> ], >>>>>>>>> "supportedResponseTypes":[ "java.util.HashSet", [ "code" ] ], >>>>>>>>> "theme": "apereo", >>>>>>>>> "description" : "This service definition authorizes all >>>>>>>>> application urls that support HTTPS and IMAPS protocols.", >>>>>>>>> "evaluationOrder" : 10000, >>>>>>>>> "attributeReleasePolicy" : { >>>>>>>>> "@class" : >>>>>>>>> "org.apereo.cas.services.ReturnAllAttributeReleasePolicy" >>>>>>>>> }, >>>>>>>>> "accessStrategy" : { >>>>>>>>> "@class" : >>>>>>>>> "org.apereo.cas.services.DefaultRegisteredServiceAccessStrategy", >>>>>>>>> "enabled" : true, >>>>>>>>> "ssoEnabled" : true >>>>>>>>> } >>>>>>>>> } >>>>>>>>> >>>>>>>>> Thank you in advance. >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Δρ. Νικόλας Στυλιανίδης >>>>>>>>> Ηλεκτρολόγος Μηχανικός και Μηχ. Υπολογιστών >>>>>>>>> >>>>>>>>> Nikolas Stylianides, Dr. >>>>>>>>> Dr. Eng. in Electrical & Computer Engineering >>>>>>>>> >>>>>>>>> Contacts >>>>>>>>> ------------- >>>>>>>>> Mobile Tel.: +35796741315 <+357%2096%20741315> >>>>>>>>> Email: [email protected], [email protected] >>>>>>>>> Skype: nicostyl >>>>>>>>> >>>>>>>>> Affilication >>>>>>>>> --------------- >>>>>>>>> LEAF NET LTD: Research & Development >>>>>>>>> Open University of Cyprus: Research Associate, APPLIED HEALTH >>>>>>>>> INFORMATICS Master Programme Academic Board Member >>>>>>>>> >>>>>>>>> >>>>>>>>> Tο λακωνίζειν εστί φιλοσοφείν / Μηδέν Άγαν - Χίλων ο >>>>>>>>> Λακεδαιμόνιος: >>>>>>>>> Brevity is the soul of wit - Shakespeare William (Hamlet) >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>>> Δρ. Νικόλας Στυλιανίδης >>>>>>>> Ηλεκτρολόγος Μηχανικός και Μηχ. Υπολογιστών >>>>>>>> >>>>>>>> Nikolas Stylianides, Dr. >>>>>>>> Dr. Eng. in Electrical & Computer Engineering >>>>>>>> >>>>>>>> Contacts >>>>>>>> ------------- >>>>>>>> Mobile Tel.: +35796741315 <+357%2096%20741315> >>>>>>>> Email: [email protected], [email protected] >>>>>>>> Skype: nicostyl >>>>>>>> >>>>>>>> Affilication >>>>>>>> --------------- >>>>>>>> LEAF NET LTD: Research & Development >>>>>>>> Open University of Cyprus: Research Associate, APPLIED HEALTH >>>>>>>> INFORMATICS Master Programme Academic Board Member >>>>>>>> >>>>>>>> >>>>>>>> Tο λακωνίζειν εστί φιλοσοφείν / Μηδέν Άγαν - Χίλων ο Λακεδαιμόνιος: >>>>>>>> >>>>>>>> Brevity is the soul of wit - Shakespeare William (Hamlet) >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> -- >>>>>>> - Website: https://apereo.github.io/cas >>>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>>>> - Contributions: https://goo.gl/mh7qDG >>>>>>> --- >>>>>>> You received this message because you are subscribed to the Google >>>>>>> Groups "CAS Community" group. >>>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>>> send an email to [email protected]. >>>>>>> To view this discussion on the web visit >>>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/e9ce28d5-72f9-4229-9dcc-51ad9a8e1150n%40apereo.org >>>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/e9ce28d5-72f9-4229-9dcc-51ad9a8e1150n%40apereo.org?utm_medium=email&utm_source=footer> >>>>>>> . >>>>>>> >>>>>> -- >>>>>> - Website: https://apereo.github.io/cas >>>>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>>>> - List Guidelines: https://goo.gl/1VRrw7 >>>>>> - Contributions: https://goo.gl/mh7qDG >>>>>> --- >>>>>> You received this message because you are subscribed to the Google >>>>>> Groups "CAS Community" group. >>>>>> To unsubscribe from this group and stop receiving emails from it, >>>>>> send an email to [email protected]. >>>>>> >>>>> To view this discussion on the web visit >>>>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD6Knbz0u4iNgJL8MA%2Bq9_c7NFF92VpqgGh-zR_WRbdz8H0Z-Q%40mail.gmail.com >>>>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD6Knbz0u4iNgJL8MA%2Bq9_c7NFF92VpqgGh-zR_WRbdz8H0Z-Q%40mail.gmail.com?utm_medium=email&utm_source=footer> >>>>>> . >>>>>> >>>>> >>>>> >>>>> -- >>>>> Δρ. Νικόλας Στυλιανίδης >>>>> Ηλεκτρολόγος Μηχανικός και Μηχ. Υπολογιστών >>>>> >>>>> Nikolas Stylianides, Dr. >>>>> Dr. Eng. in Electrical & Computer Engineering >>>>> >>>>> Contacts >>>>> ------------- >>>>> Mobile Tel.: +35796741315 <+357%2096%20741315> >>>>> Email: [email protected], [email protected] >>>>> Skype: nicostyl >>>>> >>>>> Affilication >>>>> --------------- >>>>> LEAF NET LTD: Research & Development >>>>> Open University of Cyprus: Research Associate, APPLIED HEALTH >>>>> INFORMATICS Master Programme Academic Board Member >>>>> >>>>> >>>>> Tο λακωνίζειν εστί φιλοσοφείν / Μηδέν Άγαν - Χίλων ο Λακεδαιμόνιος: >>>>> >>>>> Brevity is the soul of wit - Shakespeare William (Hamlet) >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/f3be7f46-156e-4d64-a481-cc39eb7d2a48n%40apereo.org >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/f3be7f46-156e-4d64-a481-cc39eb7d2a48n%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> -- >>> - Website: https://apereo.github.io/cas >>> - Gitter Chatroom: https://gitter.im/apereo/cas >>> - List Guidelines: https://goo.gl/1VRrw7 >>> - Contributions: https://goo.gl/mh7qDG >>> --- >>> You received this message because you are subscribed to the Google >>> Groups "CAS Community" group. >>> To unsubscribe from this group and stop receiving emails from it, send >>> an email to [email protected]. >>> To view this discussion on the web visit >>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD6KnbxsAjjKyJ5bxQwBaE1GJy36pAF5xNQa-c_ZN8wowsmSaQ%40mail.gmail.com >>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD6KnbxsAjjKyJ5bxQwBaE1GJy36pAF5xNQa-c_ZN8wowsmSaQ%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >> > > -- > Δρ. Νικόλας Στυλιανίδης > Ηλεκτρολόγος Μηχανικός και Μηχ. Υπολογιστών > > Nikolas Stylianides, Dr. > Dr. Eng. in Electrical & Computer Engineering > > Contacts > ------------- > Mobile Tel.: +35796741315 > Email: [email protected], [email protected] > Skype: nicostyl > > Affilication > --------------- > LEAF NET LTD: Research & Development > Open University of Cyprus: Research Associate, APPLIED HEALTH INFORMATICS > Master Programme Academic Board Member > > > Tο λακωνίζειν εστί φιλοσοφείν / Μηδέν Άγαν - Χίλων ο Λακεδαιμόνιος: > > Brevity is the soul of wit - Shakespeare William (Hamlet) > > > > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGp1hEVqj_5z7xrKFxHzOOdTXHD92_2Efuh_GhgScYQfo-m0mw%40mail.gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAGp1hEVqj_5z7xrKFxHzOOdTXHD92_2Efuh_GhgScYQfo-m0mw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD6KnbzAaFg3%3D2EOtySWJ_3pdrAXCc7CFtuycdmvZQ37FU1t0g%40mail.gmail.com.
