我安装了WSO2 Identiy服务器,我编写了一些java代码来获取oauth 2的用户信息。为此我使用的是OLTU。我已正确连接,在协商access_code后,我要求userinfo端点,如下所示:
https://<serverIP>:9443/oauth2/userinfo?schema=openid
我以JSON格式正确获取用户信息:
{"email":"xxxx@xxx.aa","name":"xxx","family_name":"xx","preferred_username":"xxx","given_name":"xx"}
我发现没有返回任何角色信息。我创建了一些自定义角色并签署了用户。他们没有任何权利。
我是否必须在服务器中配置任何内容?请求必须以任何其他方式进行?我做错了什么?
答案 0 :(得分:2)
There are two ways to add this claim mapping. It's depends on your requirement.To get this done has to add a role claim mapping under "http://wso2.org/oidc/claim" claim dialect. This can be done in following ways
Case 1 : For fresh WSO2IS before first startup
Go to <IS_HOME>/repository/conf/claim-config.xml file<br/> Add following configuration under <Dialect dialectURI="http://wso2.org/oidc/claim"><br/> <Claim> <ClaimURI>Roles</ClaimURI> <DisplayName>Roles</DisplayName> <AttributeID>role</AttributeID> <Description>role of the user</Description> <DisplayOrder>10</DisplayOrder> <SupportedByDefault /> </Claim> Case 2: For already running server. Login to the Identity server management console as admin user. Click the Configure button to access the Configure menu Click on http://wso2.org/oidc/claim Dialect. Click on "Add New Claim Mapping" and set the above details. (There you will get an error which is known issues. But that value will store. Then again edit it and set Mapped Attribute again)
Then restart the server. Now you can get user info with roles