SATOSA icon indicating copy to clipboard operation
SATOSA copied to clipboard

Published 20 hours ago verified publisher icon IdentityPython

Stateless and Extra Token Claim Config does not work together

Open shaardie opened this issue 2 years ago • 4 comments

During responding to the token request, satosa tries to get the configured extra troken claims from the provider.userinfo, see https://github.com/IdentityPython/SATOSA/blob/master/src/satosa/frontends/openid_connect.py#L367, but since the informations are not in the database (or the dict) , but in the token, this fails with a Traceback.

Code Version

v8.4.0

Expected Behavior

Get the token and no Traceback.

Current Behavior

Traceback

Possible Solution

The provider already hat logic to get the get the extra token claims from the request. So the solution is simply not set extra_token_claims at this point: https://github.com/IdentityPython/SATOSA/blob/83ad0737e08b51a9774b0eae8b1c112ce7aef539/src/satosa/frontends/openid_connect.py#L363-L368

and simply call

response = self.provider.handle_token_request(urlencode(context.request), headers)

Steps to Reproduce

  1. Configure Stateless and extra Token Claims for a Client in the OIDC Frontend.
  2. Try to authenticate
  3. Traceback

shaardie avatar Nov 06 '23 13:11 shaardie