simplesamlphp-module-oidc icon indicating copy to clipboard operation
simplesamlphp-module-oidc copied to clipboard

Published 20 hours ago verified publisher icon simplesamlphp

Show 'claims_supported' in discovery document

Open cicnavi opened this issue 4 years ago • 3 comments

Find a way to show which claims are supported by OP using 'claims_supported' property in discovery document as per https://openid.net/specs/openid-connect-discovery-1_0.html

cicnavi avatar Sep 02 '21 13:09 cicnavi

Keys from 'claim to attribute translate table' from module config file could be used, however, claim names can have type designations at the beginning...

cicnavi avatar Sep 02 '21 14:09 cicnavi

I think (even without dealing with the type issue) you would need to get the claims from ClaimTranslatorExtractor since ClaimTranslatorExtractorFactory does all the custom scope/claim prefixing when it builds ClaimTranslatorExtractor (though I've never used the claim prefixing feature, so I easily could be wrong)

Then maybe something like this to remove the types

$claims = [];
foreach ($this->translationTable as $claimWithType) {
            list($type, $claim) = $this->getTypeAndClaimName($claimWithType);
            $claims[] = $claim;
}

Overall I agree with your point in #138 that maybe a different syntax for indicating type would make the code and data structures easier.

pradtke avatar Sep 02 '21 17:09 pradtke

Great, thanks for sharing this option!

cicnavi avatar Sep 03 '21 07:09 cicnavi