问题
When I ask the information of the user WSO2, the response contains only his sub.
Request GET https://srv-wso2.domain.com:9443/oauth2/userinfo?schema=openid
Request headers {Accept=[application/json, application/*+json], Authorization=[Bearer 50ff3e7940248bdc01e2c1d33de77537], Content-Length=[0]}
Response body {"sub":"RECIF/arnaud@carbon.super"}
In repository/conf/identity/identity.xml file, OpenIdConnect is configured to use http://wso2.org/claims as UserInfoEndpointClaimDialect.
I use an Active Directory as user store. And in claims configuration, some mappings should be hit like displayName or givenName or fullname.
Any ideas ?
Edit: I have the same problems with the playground2 application. I use WSO2 5.1.0
回答1:
There is an opened bug: https://wso2.org/jira/browse/IDENTITY-4250 and a pull request has made: https://github.com/wso2/carbon-identity/pull/1677
回答2:
It seems like we have to wait 5.3.0 version... https://wso2.org/jira/browse/IDENTITY-4250 resolved 2 days ago.
回答3:
If you would like to confirm this bug using a template Spring Boot project please see the following: https://github.com/nicodewet/template-spring-boot-oauth2-wso2-is
As you will note in the README.md of the cited project, the bug relates to the response to the HTTP GET request to https://localhost:9444/oauth2/userinfo?schema=openid appearing as follows in the response body.
{"sub":"nicodewet@carbon.super"}
来源:https://stackoverflow.com/questions/34889038/openid-connect-with-wso2-returns-only-sub-claim