By: Sakit Atakishiyev user 02 Jun 2017 at 1:50 a.m. CDT

9 Responses

Hi. I wanna get user data , That is why i call profile method in oxd. But i only get [sub] claim . I added scope . Then i added claims to it .it is also active , But i can not get these claims when i call profile. This is my log : ```` 2017-06-02 10:46:50,142 TRACE [org.xdi.oxd.common.CoreUtils] Read result: ReadResult{m_command='{"command":"get_user_info","params":{"oxd_id":"0d7157e6-5b28-4ab0-9023-235c7de37e41","access_token":"161ab2cc-60e6-4127-b6e0-7b1f8473b5de","protection_access_token":null}}', m_leftString=''} 2017-06-02 10:46:50,142 TRACE [org.xdi.oxd.server.Processor] Command: {"command":"get_user_info","params":{"oxd_id":"0d7157e6-5b28-4ab0-9023-235c7de37e41","access_token":"161ab2cc-60e6-4127-b6e0-7b1f8473b5de","protection_access_token":null}} 2017-06-02 10:46:50,178 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2017-06-02 10:46:50,327 WARN [org.apache.http.client.protocol.ResponseProcessCookies] Cookie rejected: "[version: 0][name: JSESSIONID][value: 8akwfy32casi1gttw962gtmrg][domain: cyber.gluu.info][path: /oxauth][expiry: null]". Illegal path attribute "/oxauth". Path of origin: "/.well-known/openid-configuration" 2017-06-02 10:46:50,342 TRACE [org.xdi.oxd.server.service.DiscoveryService] Discovery response: { "issuer": "https://cyber.gluu.info", "authorization_endpoint": "https://cyber.gluu.info/oxauth/seam/resource/restv1/oxauth/authorize", "token_endpoint": "https://cyber.gluu.info/oxauth/seam/resource/restv1/oxauth/token", "userinfo_endpoint": "https://cyber.gluu.info/oxauth/seam/resource/restv1/oxauth/userinfo", "clientinfo_endpoint": "https://cyber.gluu.info/oxauth/seam/resource/restv1/oxauth/clientinfo", "check_session_iframe": "https://cyber.gluu.info/oxauth/opiframe", "end_session_endpoint": "https://cyber.gluu.info/oxauth/seam/resource/restv1/oxauth/end_session", "jwks_uri": "https://cyber.gluu.info/oxauth/seam/resource/restv1/oxauth/jwks", "registration_endpoint": "https://cyber.gluu.info/oxauth/seam/resource/restv1/oxauth/register", "validate_token_endpoint": "https://cyber.gluu.info/oxauth/seam/resource/restv1/oxauth/validate", "id_generation_endpoint": "https://cyber.gluu.info/oxauth/seam/resource/restv1/id", "introspection_endpoint": "https://cyber.gluu.info/oxauth/seam/resource/restv1/introspection", "scopes_supported": [ "permission", "clientinfo", "user_name", "openid", "email", "logic", "phone", "profile", "mobile_phone", "address" ], "response_types_supported": ["token"], "grant_types_supported": [ "authorization_code", "implicit", "urn:ietf:params:oauth:grant-type:jwt-bearer" ], "acr_values_supported": ["auth_ldap_server"], "auth_level_mapping": {"-1": ["auth_ldap_server"]}, "subject_types_supported": [ "public", "pairwise" ], "userinfo_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "userinfo_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "userinfo_encryption_enc_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "id_token_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "id_token_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "request_object_signing_alg_values_supported": [ "none", "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "request_object_encryption_alg_values_supported": [ "RSA1_5", "RSA-OAEP", "A128KW", "A256KW" ], "request_object_encryption_enc_values_supported": [ "A128CBC+HS256", "A256CBC+HS512", "A128GCM", "A256GCM" ], "token_endpoint_auth_methods_supported": [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt" ], "token_endpoint_auth_signing_alg_values_supported": [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "ES256", "ES384", "ES512" ], "display_values_supported": [ "page", "popup" ], "claim_types_supported": ["normal"], "claims_supported": [ "birthdate", "country", "name", "email", "email_verified", "given_name", "gender", "inum", "family_name", "updated_at", "locale", "logic", "middle_name", "nickname", "phone_number_verified", "picture", "preferred_username", "profile", "zoneinfo", "user_name", "website" ], "service_documentation": "http://gluu.org/docs", "claims_locales_supported": ["en"], "ui_locales_supported": [ "en", "es" ], "scope_to_claims_mapping": [ {"uma_authorization": []}, {"permission": []}, {"clientinfo": [ "name", "inum" ]}, {"user_name": ["user_name"]}, {"openid": []}, {"email": [ "email_verified", "email" ]}, {"logic": ["logic"]}, {"uma_protection": []}, {"phone": [ "phone_number_verified", "phone_number" ]}, {"profile": [ "name", "family_name", "given_name", "middle_name", "nickname", "preferred_username", "profile", "picture", "website", "gender", "birthdate", "zoneinfo", "locale", "updated_at" ]}, {"mobile_phone": ["phone_mobile_number"]}, {"address": [ "formatted", "postal_code", "street_address", "locality", "country", "region" ]} ], "claims_parameter_supported": true, "request_parameter_supported": true, "request_uri_parameter_supported": true, "require_request_uri_registration": false, "op_policy_uri": "http://ox.gluu.org/doku.php?id=oxauth:policy", "op_tos_uri": "http://ox.gluu.org/doku.php?id=oxauth:tos", "frontchannel_logout_supported": "true", "frontchannel_logout_session_supported": true } 2017-06-02 10:46:50,356 TRACE [org.xdi.oxd.server.service.HttpService] Created TRUST_ALL client. 2017-06-02 10:46:50,466 TRACE [org.xdi.oxd.server.Processor] Send back response: {"status":"ok","data":{"claims":{"sub":["xyGLN58yGQRy7iBE2b2d1aNrtLz61gX09N1kZJZlJE8"]}}} 2017-06-02 10:46:50,467 TRACE [org.xdi.oxd.server.SocketProcessor] Socket processor handling... 2017-06-02 10:46:50,468 TRACE [org.xdi.oxd.common.CoreUtils] commandSize: -1, stringStorage: 2017-06-02 10:46:50,469 TRACE [org.xdi.oxd.common.CoreUtils] End of stream. Quit. 2017-06-02 10:46:50,469 TRACE [org.xdi.oxd.server.SocketProcessor] Quit. Read result is null or command string is blank. ````

U1404

closed

By Mohib Zico Account Admin 02 Jun 2017 at 3:06 a.m. CDT

Copy

Which oxd plugin you are using?

By Sakit Atakishiyev user 02 Jun 2017 at 3:13 a.m. CDT

Copy

Oxd-client for java .

By Mohib Zico Account Admin 02 Jun 2017 at 3:24 a.m. CDT

Copy

[This](https://gluu.org/docs/oxd/libraries/java/) one?

By Sakit Atakishiyev user 02 Jun 2017 at 4 a.m. CDT

Copy

Yes

By Sakit Atakishiyev user 05 Jun 2017 at 12:10 a.m. CDT

Copy

Hi. I could not solve that . Did you figure out that issue?

By Yuriy Zabrovarnyy staff 05 Jun 2017 at 1:54 a.m. CDT

Copy

1. This is not full oxd-server.log. Would you please attach the file? 2. Would you please check scopes in oxtrust (admin gui) and make sure that Default is set to `true` ? It seems that scope Default is set to `false` on your side and as result is filtered out during dynamic registration. Thanks, Yuriy

By Sakit Atakishiyev user 05 Jun 2017 at 2:24 a.m. CDT

Copy

All scopes Default are true . This is my log [oxd-server.log](https://www.dropbox.com/s/6xexrkn8hrcafxe/oxd-server.log?dl=0)

By Yuriy Zabrovarnyy staff 05 Jun 2017 at 2:43 a.m. CDT

Copy

In logs I can see that you specified only `openid` `uma_authorization` and `uma_protection` scopes. ``` https://cyber.gluu.info/oxauth/seam/resource/restv1/oxauth/authorize?response_type=code&client_id=@!54B8.E44B.A17C.A9E8!0001!5BD7.7FEA!0008!0B2E.4449.49DD.DAB5&redirect_uri=https://cyber.oxd.info:8443/GluuServerTest/user/profile&scope=openid+uma_authorization+uma_protection&state=f0l0jrd1df604sp18vog54qh4a&nonce=rvqhpe8lpuhgce48d17deahg0c&prompt=login ``` If you wish to have other scopes then you should request those scopes, there are 2 ways how to do that: 1. set in `oxd-default-site-config.json`, then those scopes will be used for ALL requests if scope is not specified explicitly 2. set scopes directly in get_authorization_url command. Sample of request with "profile" scope: ``` {m_command='{"command":"get_authorization_url","params":{"prompt":"login","scope":["openid", "profile", "uma_authorization", "uma_protection"],"oxd_id":"0586405e-a55d-4a90-ad39-61f14772a4f9","acr_values":null,"hd":null,"protection_access_token":null}}', m_leftString=''} ``` Right now it is ``` {m_command='{"command":"get_authorization_url","params":{"prompt":"login","scope":null,"oxd_id":"0586405e-a55d-4a90-ad39-61f14772a4f9","acr_values":null,"hd":null,"protection_access_token":null}}', m_leftString=''} ``` Thanks, Yuriy

By Sakit Atakishiyev user 05 Jun 2017 at 2:59 a.m. CDT

Copy

I checked that and it worked . THanks!

You need to Login in order to post an answer

User Data (profile)

By: Sakit Atakishiyev user 02 Jun 2017 at 1:50 a.m. CDT

Answers

By Mohib Zico Account Admin 02 Jun 2017 at 3:06 a.m. CDT

By Sakit Atakishiyev user 02 Jun 2017 at 3:13 a.m. CDT

By Mohib Zico Account Admin 02 Jun 2017 at 3:24 a.m. CDT

By Sakit Atakishiyev user 02 Jun 2017 at 4 a.m. CDT

By Sakit Atakishiyev user 05 Jun 2017 at 12:10 a.m. CDT

By Yuriy Zabrovarnyy staff 05 Jun 2017 at 1:54 a.m. CDT

By Sakit Atakishiyev user 05 Jun 2017 at 2:24 a.m. CDT

By Yuriy Zabrovarnyy staff 05 Jun 2017 at 2:43 a.m. CDT

By Sakit Atakishiyev user 05 Jun 2017 at 2:59 a.m. CDT

Post an answer