wso2 身份服务器 oauth userinfo 无角色 [英] wso2 identity server oauth userinfo no role

问题描述

我安装了 WSO2 Identiy 服务器，并编写了一些 Java 代码来使用 oauth 2 获取用户信息.为此，我使用的是 OLTU.我已正确连接，在协商 access_code 后，我要求这样的 userinfo 端点:

I have a WSO2 Identiy server installed and i have written some java code to get user information with oauth 2. For this I am using OLTU. I have connected correctly and after negotiating the access_code, I ask for the userinfo endpoint like this:

https://<serverIP>:9443/oauth2/userinfo?schema=openid

我以 JSON 格式正确获取用户信息:

I get user info correctly in JSON format:

{"email":"xxxx@xxx.aa","name":"xxx","family_name":"xx","preferred_username":"xxx","given_name":"xx"}

我发现没有返回任何角色信息.我创建了一些自定义角色并分配了用户.他们没有分配任何权限.

What I find is that no role information is returned. I have created some custom roles and asigned the users. They don't have any permisions asigned.

我必须在服务器中配置任何东西吗?必须以任何其他方式提出请求?我做错了什么?

Do I have to configure anything in the server? The request has to be made in any other way? What am I doing wrong?

推荐答案

There are two ways to add this claim mapping. It's depends on your requirement.

要完成此操作，必须在http://wso2.org/oidc/claim 下添加角色声明映射"声称方言.这可以通过以下方式完成

To get this done has to add a role claim mapping under "http://wso2.org/oidc/claim" claim dialect. This can be done in following ways

案例 1:首次启动前使用新的 WSO2IS

Case 1 : For fresh WSO2IS before first startup

转到<IS_HOME>/repository/conf/claim-config.xml 文件<br/>在 <Dialect dialectURI="http://wso2.org/oidc/claim"><br/><声明><ClaimURI>角色</ClaimURI><显示名称>角色</显示名称><AttributeID>角色</AttributeID><描述>用户角色</描述><DisplayOrder>10</DisplayOrder><SupportedByDefault /></声明>情况 2:对于已经运行的服务器.以管理员用户身份登录到身份服务器管理控制台.单击配置按钮以访问配置菜单点击 http://wso2.org/oidc/claim 方言.单击添加新声明映射"并设置上述详细信息.(在那里你会得到一个已知问题的错误.但该值会存储.然后再次编辑它并再次设置映射属性)

Go to <IS_HOME>/repository/conf/claim-config.xml file<br/> Add following configuration under <Dialect dialectURI="http://wso2.org/oidc/claim"><br/> <Claim> <ClaimURI>Roles</ClaimURI> <DisplayName>Roles</DisplayName> <AttributeID>role</AttributeID> <Description>role of the user</Description> <DisplayOrder>10</DisplayOrder> <SupportedByDefault /> </Claim> Case 2: For already running server. Login to the Identity server management console as admin user. Click the Configure button to access the Configure menu Click on http://wso2.org/oidc/claim Dialect. Click on "Add New Claim Mapping" and set the above details. (There you will get an error which is known issues. But that value will store. Then again edit it and set Mapped Attribute again)

然后重启服务器.现在您可以通过角色获取用户信息

Then restart the server. Now you can get user info with roles

这篇关于wso2 身份服务器 oauth userinfo 无角色的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！