Getting nil omniauth response hash about omniauth-openid-connect HOT 15 CLOSED

@jjbohn @cmrd-senya @rdingwell Any idea?

from omniauth-openid-connect.

have you tried it with the email and profile scopes added in

from omniauth-openid-connect.

I originally had email in there, but either one of those I get an invalid_scope error.

from omniauth-openid-connect.

Hi,
Which scope values ​​does your provider support?

Generally it follows the specification, but the value returned by the scope value depends on the provider.

http://openid.net/specs/openid-connect-core-1_0.html#ScopeClaims

from omniauth-openid-connect.

There was a mixup, and they just added the :email scope. However, when I add that in, I get the same thing, a user info hash full of nil's.

from omniauth-openid-connect.

Could you check the extra.raw_info ? There is raw data in it.

https://github.com/jjbohn/omniauth-openid-connect/blob/master/lib/omniauth/strategies/openid_connect.rb#L62-L64

from omniauth-openid-connect.

That is empty as well.

from omniauth-openid-connect.

If so, it seems that empty data is returned from the provider.
ummm, Does the provider support scope values ​​such as email, profile?

from omniauth-openid-connect.

Just email

On Nov 11, 2016 6:10 PM, "Tomoya Usami" [email protected] wrote:

If so, it seems that empty data is returned from the provider.
ummm, Does the provider support scope values ​​such as email, profile?

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
#66 (comment),
or mute the thread
https://github.com/notifications/unsubscribe-auth/AEz9ikMpgluNV81wqiY6oPHqNTEXZFWnks5q9PXKgaJpZM4KwFvx
.

from omniauth-openid-connect.

Could you get the response you requested with curl command?

$ curl -H "Authorization: Bearer ${YOUR_ACCESS_TOKEN}" ${USERINFO_ENDOPONT}

from omniauth-openid-connect.

Ok, I'm told that I need to take my id_token, split it by ".", decode each element of the array (3 elements) into Base64, and then decrypt the 3rd element. The first element should contain data indicating Type of Token=JWT, Algorithm=RSA256, a thumbprint, and keyId, while it looks like the 2nd element contains the data. Is this what the gem is doing (i.e., does sound correct)?

from omniauth-openid-connect.

Verified that the 2nd element looks like it has username, email, etc. the data that I'm looking for. However, when userinfo! is called on the AccessToken in OpenIDConnect, the get call returns an empty hash. I verified that it's setting the access token as the bearer authorization code. I suspect this could is an issue on the provider side?

from omniauth-openid-connect.

Do you mean that id_token (2nd element) returned by the provider contains information such as username, email address, etc.?

from omniauth-openid-connect.

I suspect this could is an issue on the provider side?

I think so too.

from omniauth-openid-connect.

Verified it was an issue on the provider end, thanks for the help.

from omniauth-openid-connect.