By: Qaiser Iftikhar user 04 Jul 2019 at 5:20 a.m. CDT

8 Responses
Qaiser Iftikhar gravatar
Is there a way to get the Session attributes in dynamic scopes interception scripts? I am trying below but it doesn't work as identity.getSessionId() returns None/null. ``` identity = CdiUtil.bean(Identity) sessionAttributes = identity.getSessionId().getSessionAttributes() sessionAttributes.get("foo_attribute") ``` The same code works fine Person authentication interception script.

By Qaiser Iftikhar user 04 Jul 2019 at 5:22 a.m. CDT

Qaiser Iftikhar gravatar
Also below code doesn't work in Dynamic scope scripts either. ``` identity = CdiUtil.bean(Identity) identity.getWorkingParameter("foo_parameter") ```

By Michael Schwartz staff 04 Jul 2019 at 8:33 a.m. CDT

Michael Schwartz gravatar
One of the developers will get back to you shortly.

By Yuriy Zabrovarnyy staff 04 Jul 2019 at 9:33 a.m. CDT

Yuriy Zabrovarnyy gravatar
You can try to take `session_id` directly from cookie and then load session object ``` session_id = CdiUtil.bean(SessionIdService).getSessionIdFromCookie() CdiUtil.bean(SessionIdService).getSessionId(session_id).getSessionAttributes() ``` If will work for user info. In `id_token` case better to load session from grant object (since request object may be absent at the time of calling.) ``` session_id = context.getAuthorizationGrant().getSessionDn(); CdiUtil.bean(SessionIdService).getSessionId(session_id).getSessionAttributes() ``` Let us know whether it works for you. Thanks, Yuriy Z

By Yuriy Movchan staff 04 Jul 2019 at 9:36 a.m. CDT

Yuriy Movchan gravatar
`identity` is request scoped object. It's available on authentication phase.

By Michael Schwartz staff 04 Jul 2019 at 9:36 a.m. CDT

Michael Schwartz gravatar
Note, if the id_token has legacy claims (i.e. if you are stuffing user claims in the id_token) it might not exist yet.

By Qaiser Iftikhar user 04 Jul 2019 at 9:44 a.m. CDT

Qaiser Iftikhar gravatar
Thanks for the suggestion Yuriy. The getSessionId(session_id) return None. Here is a sample code I am trying. ``` session_id = authorizationGrant.getSessionDn() print "Got session id: %s" % session_id sessionIdService = CdiUtil.bean(SessionIdService) print "Got session id service: %s " % sessionIdService sessionId2 = sessionIdService.getSessionId(session_id) print "Got session id 2: %s" % sessionId2 sessionAttributes = sessionId2.getSessionAttributes() print "Got session attributes: %s " % sessionAttributes ``` And here are the logs ``` 2019-07-04 14:40:07,955 INFO [qtp804611486-9] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:239) - Got session id: oxAuthSessionId=299dff59-119b-465d-925b-15368626ab02,ou=session,o=@!489F.B53C.5D05.2E63!0001!902A.0EEE,o=gluu 2019-07-04 14:40:07,957 INFO [qtp804611486-9] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:239) - Got session id service: org.xdi.oxauth.service.SessionIdService@46ef54b8 2019-07-04 14:40:07,957 INFO [qtp804611486-9] [org.xdi.service.PythonService$PythonLoggerOutputStream] (PythonService.java:239) - Got session id 2: None ```

By Yuriy Zabrovarnyy staff 04 Jul 2019 at 9:54 a.m. CDT

Yuriy Zabrovarnyy gravatar
From logs we can see that it returned DN ``` oxAuthSessionId=299dff59-119b-465d-925b-15368626ab02,ou=session,o=@!489F.B53C.5D05.2E63!0001!902A.0EEE,o=gluu ``` While we have to pass into `sessionIdService.getSessionId(session_id)` just id, means `299dff59-119b-465d-925b-15368626ab02`. Please try to extract `session_id` and pass it into `sessionIdService.getSessionId(session_id)`. Thanks, Yuriy Z

By Qaiser Iftikhar user 04 Jul 2019 at 10:20 a.m. CDT

Qaiser Iftikhar gravatar
That has worked. thanks Yuriy!