Uploaded image for project: 'Single Sign On'
  1. Single Sign On
  2. MGNLSSO-4

Usergroup Resolution - groups cannot be parsed with default json parser - create a hook

    XMLWordPrintable

Details

    • Improvement
    • Resolution: Fixed
    • Major
    • None
    • 2.0 Incubator
    • None
    • None
    • Independent

    Description

      We are trying to connect to an Azure AD with the new OAuth module and use the external groups resolution feature. 

      It seems that Microsoft AD does not format it's response valid. 

      When requesting the userinfo to extract the groups, the names that should be a JSON Array are a String 

      {
      	"aio": "...",
      	"amr": "[\"pwd\"]",
      	"email": "...",
      	"idp": "...",
      	"ipaddr": "...",
      	"name": "...",
      	"oid": "...",
      	"pwd_exp": "67488",
      	"pwd_url": "...",
      	"roles": "[\"tester\"]",
      	"sub": "..",
      	"tid": "..",
      	"unique_name": "..",
      	"uti": "..",
      	"ver": "..."
      } 

      The value within roles (we use it as groups) is not a valid json so the Parser in UserAccountUtils.createUserProperties cannot handle it correctly.

      For example I think it would be a gread idea to be able to use a custom class at the point UserAccountUtils converts the OICResponse.

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                lfischer Lars Fischer
                joergwirsig Jörg Wirsig
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Checklists

                    Task DoD