Hi everyone,
we are using CAS as OIDC server and return the accessToken as JWT in the
authentication response. We just tried to upgrade from 6.6.2 to 6.6.15.2.
But now all the CAS authentication-related attributes that were previously
part of the JWT access token are missing. and only the attributes returned
during attribute resolution are still there. E.g. these attributes are now
missing:
{
"surrogateUser": "yyy",
"longTermAuthenticationRequestTokenUsed": false,
"surrogateEnabled": "true",
"isFromNewLogin": true,
"authenticationDate": "2024-07-29T12:44:57.359913Z",
"surrogatePrincipal": "xxx",
"successfulAuthenticationHandlers": "QueryDatabaseAuthenticationHandler",
"credentialType": "SurrogateUsernamePasswordCredential",
"authenticationMethod": "QueryDatabaseAuthenticationHandler",
...
}
>From these, we require the surrogate* attributes.
Is it the intended behavior that these attributes are missing now? Is there
any configuration setting to get them back into the JWT access token?
Thanks,
Udo
--
- Website: https://apereo.github.io/cas
- List Guidelines: https://goo.gl/1VRrw7
- Contributions: https://goo.gl/mh7qDG
---
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to cas-user+unsubscr...@apereo.org.
To view this discussion on the web visit
https://groups.google.com/a/apereo.org/d/msgid/cas-user/46c0e0de-0914-4c0c-9165-8e1d5d7748cbn%40apereo.org.
