Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-4459

OpenID Connect attribute mappings should be localizable

    Details

    • Sprint:
      Sprint 76 - Team Tesla

      Description

      The attribute mapping for OpenID connect are currently being hard coded in the ScopeImpl.java class

      http://sources.forgerock.org/browse/openam/trunk/openam/openam-oauth2/src/main/java/org/forgerock/openam/oauth2/provider/impl/ScopeImpl.java?r=10426

      scopeToUserUserProfileAttributes = new HashMap<String, Object>();
      scopeToUserUserProfileAttributes.put("email","mail");
      scopeToUserUserProfileAttributes.put("address", "postaladdress");
      scopeToUserUserProfileAttributes.put("phone", "telephonenumber");

      Map<String, Object> profileSet = new HashMap<String, Object>();
      profileSet.put("name", "cn");
      profileSet.put("given_name", "givenname");
      profileSet.put("family_name", "sn");
      profileSet.put("locale", "preferredlocale");
      profileSet.put("zoneinfo", "preferredtimezone");

      scopeToUserUserProfileAttributes.put("profile", profileSet);

      It would be nice that we have a OpenID attribute to local attribute mapper configuration field in the OpenID connect service (OpenAM console).

      Note you need to configure your scopes in the oauth 2.0 client agent profile according to the claim names instead of the local attribute names (I don't find these steps in the documentation ).
      For example email instead of mail.

      Maybe you can make a section in the documentation about this topic.

        Attachments

          Activity

            People

            • Assignee:
              jamesphillpotts James Phillpotts
              Reporter:
              Jelle.Verbraak Jelle Verbraak [X] (Inactive)
              QA Assignee:
              Garyl Erickson
            • Votes:
              1 Vote for this issue
              Watchers:
              7 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: