New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Userinfo response is not as expected as describe in spec #1038
Comments
oxd returns what oxauth-client returns. Right now it seems to always return claim arrays for userinfo. See
|
I disagree that this is even a bug. The example in the spec says explicitly that it is NON-NORMATIVE. I did not see anywhere in the response where it specified the values MUST be strings. We have more important things to do. Returning as arrays makes sense because you always know what kind of object it is, versus having to test whether it is a string or array. This has been discussed ad naseum in the past. |
oxAuth is returning the claims in the correct format as specified in the specs, for example: REQUEST:
RESPONSE:
But, the code in oxauth-client is prepared to also handle custom multivalued claims. |
in this case oxd convert response |
@yurem oxauth-client returns map of list, see link above.
I think it's not big dial. It's also easier to handle for client code when values are unified. |
@yuriyz I don't mind |
… swagger spec and tests for it. GluuFederation/oxAuth#1038
Corrected oxd and transfered oxauth response |
@yuriyz thank you! |
not yet |
Describe the issue
I’m dealing with
get_user_info
endpoint in oxd. The response is very strange - every claim is an array.According to specs it should be single value.
Userinfo response in spec https://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse
Steps To Reproduce
Request to userinfo to OP server or request using OXD API. I am using OXD API.
Expected behavior
but it should be like
Actual behavior
Response return from oxd user_info -> op userinfo endpoint is
Environment:
Discussion
The text was updated successfully, but these errors were encountered: