New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Passport should support dynamic mapping #19

Open
yurem opened this Issue Apr 25, 2018 · 1 comment

Comments

Projects
None yet
3 participants
@yurem
Contributor

yurem commented Apr 25, 2018

Right now passport knows about only hardcoded list of user attributes: https://support.gluu.org/single-sign-on/5354/accessing-memberof-in-sso-environment/#at32535

It should should use /etc/gluu/conf/passport-saml-config.json in mapping to allow map any attributes to local user attributes. This mapping should be configurable for each provider. Also we should update mapping to map into Gluu attributes

Also custom script has 2 properties:

generic_remote_attributes_list = username, email, name, name, givenName, familyName, provider, memberOf
generic_local_attributes_list = uid, mail, cn, displayName, givenName, sn, provider, memberOf

I think if passport returns attributes in convenient for Gluu attributes we can make this mapping optional. By default we can use all attributes from request.

@yurem yurem added this to the 3.1.4 milestone Apr 25, 2018

@jgomer2001

This comment has been minimized.

Contributor

jgomer2001 commented Aug 22, 2018

Tackling attribute mapping stuff is in our roadmap for 4.0. I think it deserves careful redesign and should cope with both flavors of inbound identity: saml & social.

@jgomer2001 jgomer2001 modified the milestones: 3.1.4, 4.0 Aug 22, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment