How to add addtional information in JWT claims

[SangHyun Kim]

Hi I user cas 5.3.2.

I want to add custom claims in JWT.

So, I add configuration in cas.properties

cas.authn.attributeRepository.jdbc[0].singleRow=true

cas.authn.attributeRepository.jdbc[0].sql=SELECT u.*, g.group_name FROM user As u JOIN user_groups AS g ON u.user_email = g.user_email WHERE {0}

cas.authn.attributeRepository.jdbc[0].username=u.user_email

cas.authn.attributeRepository.jdbc[0].requireAllAttributes=true

cas.authn.attributeRepository.jdbc[0].attributes.user_email=user_email

cas.authn.attributeRepository.jdbc[0].attributes.user_name=user_name

cas.authn.attributeRepository.jdbc[0].attributes.user_group=group_name

cas.authn.attributeRepository.defaultAttributesToRelease=user_email,user_name,user_group

cas.authn.oidc.userDefinedScopes.myscope=user_email,user_name,user_group

cas.authn.oidc.scopes=openid,profile,email,address,phone,offline_access,myscope

cas.authn.oidc.dynamicClientRegistrationMode=OPEN

cas.authn.oidc.claims=sub,name,preferred_username,family_name, \

given_name,middle_name,given_name,profile, \

picture,nickname,website,zoneinfo,locale,updated_at,birthdate, \

user_email,user_name,auth_yn,email_verified,phone_number,phone_number_verfied,address,user_group

cas.authn.oidc.claimsMap.user_group=user_group

user_email, user_name include in JWT. but user_group not include....

service file

{

  "@class" : "org.apereo.cas.services.OidcRegisteredService",

  "clientId": "oidcTest",

  "clientSecret": "oidcTestSecret",

  "bypassApprovalPrompt": true,

  "generateRefreshToken": true,  

  "serviceId" : "serviceurl",

  "name" : "oidcClient",

  "id" : 1,

  "scopes" : [ "java.util.HashSet", ["openid", "profile", "myscope"]],

  "attributeReleasePolicy" : {

    "@class" : "org.apereo.cas.services.ReturnAllAttributeReleasePolicy"

  }

}