[cas-user] Re: Azure deletegated authentication and mapping attributes

Wed, 31 Jan 2024 21:19:38 -0800 

Sorry, title should have been "delegated", not "deleted".

I already had a custom web flow setup, so I just remapped the attributes 
and added them back into the principal attributes:

val authentication = WebUtils.getAuthentication(context);
Principal principle = authentication.getPrincipal();
Map<String, List<Object>> attributesMap = principle.getAttributes();

remapAttribute(attributesMap, "Email", "upn");

private void remapAttribute(Map<String, List<Object>> attributesMap, String 
keyToAdd, String keyToCopy) {
if(!attributesMap.containsKey(keyToAdd) && 
attributesMap.containsKey(keyToCopy)) {
attributesMap.put(keyToAdd, 
Arrays.asList(attributesMap.get(keyToCopy).get(0)));
}
}
On Wednesday, January 31, 2024 at 10:49:51 PM UTC-6 Pablo Vidaurri wrote:

> I'm about to authenticate against azure, and process the token for user 
> attrubutes. I am also able to remap attributes via service config:
> {
>                     "@class": 
> "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
>                     "allowedAttributes": {
>                         "@class": "java.util.TreeMap",
>                         "upn": "Email",
>                         "givenName": "firstName",
>                         "surName": "lastName"
>                     }
>                 }
>
> *But I need the mapped attributes during my login webflow action. *The 
> mapped attribute does not exist at this point until after the service 
> ticket is created I assume.
>
> Remapping via
> cas.authn.pac4j.oidc[0].azure.mapped-claims=upn->Email
> per documentation located at 
> https://apereo.github.io/cas/6.6.x/integration/Delegate-Authentication-Azure-AD.html
> does not appear to be fully implemented in v6.6.8. 
>
> Is there anyway to map this or should I resort to modifying principal 
> attributes during my login webflow?
>
> -psv
>

-- 
- Website: https://apereo.github.io/cas
- Gitter Chatroom: https://gitter.im/apereo/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
--- 
You received this message because you are subscribed to the Google Groups "CAS 
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-user/5fd4455f-634d-4459-b5b7-b236a3b0ce10n%40apereo.org.

Reply via email to