Hi, Your OIDC configuration look good.
You map your claims like this : cas.authn.oidc.claimsMap.name=sn cas.authn.oidc.claimsMap.email=mail Maibe you don't have sn and email in your attribute repository ? Le lun. 8 juin 2020 à 16:37, qla3fa <qla...@gmail.com> a écrit : > Hi, > > I try to configure OIDC with CAS 5.2. I added module > "cas-server-support-oidc" and the config with lines : > > # Configuration OIDC > cas.authn.oidc.issuer=https://my-url.com/cas/oidc > cas.authn.oidc.skew=5 > cas.authn.oidc.jwksFile=file:/etc/cas/keystore.jwks > cas.authn.oidc.jwksCacheInMinutes=60 > cas.authn.oidc.dynamicClientRegistrationMode=PROTECTED > cas.authn.oidc.subjectTypes=public,pairwise > cas.authn.oidc.scopes=openid, profile, email > > cas.authn.oidc.claims=sub,name,preferred_username,family_name,given_name,middle_name,given_name,profile,picture,nickname,website,zoneinfo,locale,updated_at,birthdate,email,email_verified,phone_number,phone_number_verified,address > cas.authn.oidc.claimsMap.given_name=givenName > cas.authn.oidc.claimsMap.name=sn > cas.authn.oidc.claimsMap.email=mail > > For my App, I configure service : > > { > "@class" : "org.apereo.cas.services.OidcRegisteredService", > "clientId": "applicationQLA-testPHP", > "clientSecret": "xxxxxxxxx", > "serviceId" : "^http://localhost:8080/.*";, > "bypassApprovalPrompt": true, > "supportedResponseTypes" : [ "java.util.HashSet", [ "code", "token" ] ], > "name" : "applicationQLAtestPHP", > "scopes" : [ "java.util.HashSet", > [ "openid", "email", "profile" ] > ], > "id" : 7, > "evaluationOrder" : 7, > } > > Oidc authentication works good but in my application the only attributes I > can get are : > > sub, auth_time, jti, iss, aud, exp, iat, nbf, amr, state, nonce, at_hash, > preferred_username > > But I can't get the attributes of email or profile scope... > > In logs file I don't have error messages. > > What is wrong with my config ? > > Thanks for help. > Best regards, > > QLA > > -- > - Website: https://apereo.github.io/cas > - Gitter Chatroom: https://gitter.im/apereo/cas > - List Guidelines: https://goo.gl/1VRrw7 > - Contributions: https://goo.gl/mh7qDG > --- > You received this message because you are subscribed to the Google Groups > "CAS Community" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cas-user+unsubscr...@apereo.org. > To view this discussion on the web visit > https://groups.google.com/a/apereo.org/d/msgid/cas-user/838f0180-1c48-a196-2672-0981d6d971fb%40gmail.com > <https://groups.google.com/a/apereo.org/d/msgid/cas-user/838f0180-1c48-a196-2672-0981d6d971fb%40gmail.com?utm_medium=email&utm_source=footer> > . > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/CAD6KnbwcvSbwj20pdAq46X7j1EGbAoOp7GH1fO1GcZuU_SqDbQ%40mail.gmail.com.
