OIDC configure claimes attributes
81 views
Skip to first unread message
Papa Amadou Baba NDIAYE
Oct 15, 2024, 8:27:43 PM10/15/24
to CAS Community
Hello i want to add somes attributes for my OIDC token but i always have blank {} for attributes
WHO: us...@exemple.com
WHAT: {service=https://moodle.exemple.com/auth/oidc/, attributes={}, id=us...@exemple.com, scopes=[email, openid, profile], client_id=XXXXXX}
ACTION: OAUTH2_USER_PROFILE_CREATED
APPLICATION: CAS
WHEN: Tue Oct 15 22:58:40 UTC 2024
CLIENT IP ADDRESS: x.x.x.x
SERVER IP ADDRESS: 127.0.0.1
WHO: us...@exemple.com
WHAT: {service=https://moodle.exemple.com/auth/oidc/, attributes={}, id=us...@exemple.com, scopes=[email, openid, profile], client_id=XXXXXX}
ACTION: OAUTH2_USER_PROFILE_CREATED
APPLICATION: CAS
WHEN: Tue Oct 15 22:58:40 UTC 2024
CLIENT IP ADDRESS: x.x.x.x
SERVER IP ADDRESS: 127.0.0.1
my oidc service config
{
"@class": "org.apereo.cas.services.OidcRegisteredService",
"clientId": "xxxxxx",
"clientSecret": "xxxxxxxx",
"serviceId": "^(http|https)://.*",
"name": "oidc",
"id": 14102024,
"bypassApprovalPrompt": true,
"description": "Service OIDC pour Moodle",
"evaluationOrder": 1,
"scopes": ["java.util.HashSet", [ "openid", "profile", "email" ] ],
"attributeReleasePolicy" : {
"@class": "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
"allowedAttributes": {
"@class": "java.util.TreeMap",
"mail": "email",
"sn": "family_name",
"givenName": "given_name"
}
}
}
my cas.properties
cas.server.name=https://cas.exemple.com
cas.server.prefix=${cas.server.name}/cas
logging.config=file:/etc/cas/config/log4j2.xml
# URL de base pour OpenID Connect
cas.authn.oidc.core.issuer=https://cas.exemple.com/cas/oidc
cas.authn.oidc.discovery.discoverySettingsEnabled=true
cas.authn.oidc.jwks.file-system.jwks-file=file:///etc/cas/config/keystore.jwks
cas.authn.oidc.discovery.scopes=openid,profile,email
cas.authn.attributeRepository.ldap[0].attributes.sn=sn
cas.authn.attributeRepository.ldap[0].attributes.givenName=givenName
cas.authn.attributeRepository.ldap[0].attributes.mail=mail
cas.authn.oidc.userinfo.claims=sn,givenName,mail
cas.authn.oidc.id-token.include-id-token-claims=true
cas.authn.oidc.discovery.enabled=true
cas.authn.oidc.skew=5
cas.authn.ldap[0].principalAttributeList=sn,givenName,mail,eduPersonPrimaryAffiliation,displayName
How can i fix it?????
{
"@class": "org.apereo.cas.services.OidcRegisteredService",
"clientId": "xxxxxx",
"clientSecret": "xxxxxxxx",
"serviceId": "^(http|https)://.*",
"name": "oidc",
"id": 14102024,
"bypassApprovalPrompt": true,
"description": "Service OIDC pour Moodle",
"evaluationOrder": 1,
"scopes": ["java.util.HashSet", [ "openid", "profile", "email" ] ],
"attributeReleasePolicy" : {
"@class": "org.apereo.cas.services.ReturnMappedAttributeReleasePolicy",
"allowedAttributes": {
"@class": "java.util.TreeMap",
"mail": "email",
"sn": "family_name",
"givenName": "given_name"
}
}
}
my cas.properties
cas.server.name=https://cas.exemple.com
cas.server.prefix=${cas.server.name}/cas
logging.config=file:/etc/cas/config/log4j2.xml
# URL de base pour OpenID Connect
cas.authn.oidc.core.issuer=https://cas.exemple.com/cas/oidc
cas.authn.oidc.discovery.discoverySettingsEnabled=true
cas.authn.oidc.jwks.file-system.jwks-file=file:///etc/cas/config/keystore.jwks
cas.authn.oidc.discovery.scopes=openid,profile,email
cas.authn.attributeRepository.ldap[0].attributes.sn=sn
cas.authn.attributeRepository.ldap[0].attributes.givenName=givenName
cas.authn.attributeRepository.ldap[0].attributes.mail=mail
cas.authn.oidc.userinfo.claims=sn,givenName,mail
cas.authn.oidc.id-token.include-id-token-claims=true
cas.authn.oidc.discovery.enabled=true
cas.authn.oidc.skew=5
cas.authn.ldap[0].principalAttributeList=sn,givenName,mail,eduPersonPrimaryAffiliation,displayName
How can i fix it?????
Papeace Ndiaye
Oct 15, 2024, 8:32:39 PM10/15/24
to CAS Community, Papa Amadou Baba NDIAYE
I have the same issue
Reply all
Reply to author
Forward
0 new messages