openid - how to get claims from userinfo endpoint without including them in id token -


i'm having trouble trying figure out how use userinfo endpoint. example uses identity server 4 authorization server.

let's have js app displays authenticated user's location. let's assume have user store provides claims including users' location. iprofileservice interface has been implemented getprofiledataasync retrieves users claims user store user.

the js app needs have access user's location claim. 1 way add identityresource ids e.g.

new identityresource("test", new [] {"location"})

then add scope js client e.g.

new client {     clientid = "js",     allowedscopes =     {         identityserverconstants.standardscopes.openid,         "test"     } }

then configure oidc library request scope e.g.

var config = {    authority: "http://localhost:5000",    client_id: "js",    redirect_uri: "http://localhost:5003/callback.html",    response_type: "id_token token",    scope:"openid test",    post_logout_redirect_uri : "http://localhost:5003/index.html", };

doing mean id_token contain location claim , accessible part of users' profile. same claim returned when calling userinfo endpoint access token received during authentication.

however have repeatedly read (here, instance) should put few claims possible in identity token , use userinfo endpoint retrieve additional claims. linked article seems imply behavior available default in identity server.

so in order that, using example code mentioned above, i'd remove 'test' scope requested scopes oidc config. means id token no longer populated location claim. when userinfo endpoint called, 'test' scope not in access token, location claim not put in response.

basically question how supposed ask claims omitted id token, returned userinfo endpoint?

the oidc spec seems imply should able request specific claims using "claims" request parameter, cant find documentation around identity server (or auth0 matter).

if request identity token only, claims in token. if request both id_token , token, basic claims in id_token, , other claims can retrieved userinfo endpoint.

this spec suggests.

https://leastprivilege.com/2016/12/14/optimizing-identity-tokens-for-size/


Comments

Post a Comment

Popular posts from this blog

neo4j - finding mutual friends in a cypher statement starting with three or more persons -

Image
i trying build cypher statement neo4j know 2-n starting nodes name , need find node (if any) can reached of starting nodes. at first tought similar "mutual friend" situation handled (start1)-[*..2]->(main)<-[*..2]-(start2) in case have more 2 starting points around 6 know name. so puzzled how can include third, fourth , on node cypher able find commmon root amongst them. in above example neo4j website need path starting 'dilshad', 'becky' , 'cesar' check if have common friend (anders) excluding 'filipa' , 'emil' not friends of three. so far create statement programmatically looks like match (start1 {name:'person1'}), (start2 {name:'person2'}), (start3 {name: 'person3'}), (main) (start1)-[*..2]->(main) , (start2)-[*..2]->(main) , (start3)-[*..2]->(main) return distinct main but wondering if there more elegant / efficient way in cypher possibly use list of names parameter ...
Read more

php - How to remove letter in front of the word laravel -

Image
based on picture above result of var_dump() , dd() of same variable ,when var_dump() , apostrophe (') symbol in black diamond of question mark , when dd() same variable , apostrophe can seen letter 'b' appear in front of words what want can me result : loreal's sdn bhd and @ same time want remove special character ( excluding these 4 symbols (-) ,(_) ,('),(,) ) simply escape special character resolve issue. mysqli_real_escape_string resolve issue. $name = mysqli_real_escape_string($request()->user); or use addslashes function() $name = addslashes($request()->user);
Read more

minify - Minimizing css files -

i want know how css files can minimized. currently, using external sites css minifier compress css files. however, after removing whitespaces, comments, etc, file sizes reduced 10-15%. how frameworks bootstrap manage make minimized versions kilobytes. as example, css is: body { background-color: #ff0; } the reduction goes 28 bytes 22 bytes other css files have lot more characters still smaller this. actually minifying code means it's remove thing code white space characters new line characters comments block delimiters it reduces amount of code has transferred on web , speed site load fastly.but unreadable format.
Read more