Missing claim (Email) WordPress

By: Alex Planting user 07 Jun 2017 at 3:41 a.m. CDT

6 Responses
Alex Planting gravatar
Using WordPress with Gluu openid connect plugin. All latest versions. Using it to test the functionality. The plugin will register fine against my Gluu instance and will register an client under openid but when I try to login with an user I receive an error that the scope email is missing. I edit the client add the scope Email save it and then it works. After a while however the client gets changed, the oxd id changes and the scope email is lost again. I have to add it again. but then my user cannot login anymore. Checking the admin GUI an new oxd id has been created without the email scope again. It's frustrating. Cannot say I am to happy with the documentation, incomplete and hard to understand. What if i want to add an client manually, how can i get WordPress to register with that client under openId. Cannot find anything about that in the documentation. The screenshots appear to be outdated. the general screen in the plugin settings is missing the client_Id and client_secret for instance. Question 1: missing claim email, what to do ? Question 2: how to create client and register with WordPress ? Grtz Alex
OS Version : N/A
closed

Answers

By Aliaksandr Samuseu staff 07 Jun 2017 at 8:05 a.m. CDT

Copy
Aliaksandr Samuseu gravatar
Hi, Alex. Did you configure the "email" scope as a default scope in admin web UI? Unless you did, dynamically registered clients won't be able to request it without you first adding the scope to them in web UI. It's a security measure, as some scopes may be too sensitive to release them to just any client which decided to register at this OP. >Question 2: how to create client and register with WordPress ? You can easily create a client manually at your Gluu instance and assign any scope you wish to it there. Please check [this page](https://gluu.org/docs/ce/3.0.1/admin-guide/openid-connect/#client-registration-configuration) for details.

By Alex Planting user 07 Jun 2017 at 8:12 a.m. CDT

Copy
Alex Planting gravatar
Thanks for the quick response. I did not do that, was not mentioned anywhere. Have tried it an indeed the email claim missing notice is gone. Creating client manually is ok, i understand how to do that. But how can i make sure WordPress connects to that client so I can disable dynamicRegistration afterwards. Thanks. Alex

By Alex Planting user 07 Jun 2017 at 9:47 a.m. CDT

Copy
Alex Planting gravatar
this is the error. 2017-06-07 16:46:12,574 ERROR [org.xdi.oxd.server.op.RegisterSiteOperation] ClientId: null, clientSecret: null 2017-06-07 16:46:12,574 ERROR [org.xdi.oxd.server.op.RegisterSiteOperation] The authorization server denied the request. there is no room in the plugin in WordPress to enter the client_id and client_secret.

By Aliaksandr Samuseu staff 08 Jun 2017 at 1:57 p.m. CDT

Copy
Aliaksandr Samuseu gravatar
Understood. Assigning to the respective team member.

By Jajati Badu Account Admin 09 Jun 2017 at 8:46 a.m. CDT

Copy
Jajati Badu gravatar
Hi Alex, As I understand from the thread Question-1 is resolved Regarding Question 2 > As Gluu Server supports dynamic registration, it will generate Client Id and Client Secret automatically. You can manually create ClientId and secret manually. But current Wordpress plugin version has no option to set Client Id and Client Secret for Gluu server. > > In OXD Wordpress plugin when you enter "Op host" url it automatically checks if the OpenId endpoint. If it finds " "registration_endpoint" then plugin will automatically register client. And if "registration_endpoint" not available then it will ask to enter Client Id and Client Secret. > > That means if you give https://accounts.google.com as OP host you will get the option to enter ClientId/Secret. > > In the next version of plugin we will try to implement the feature you have asked for. > > Regarding the documentation we appreciate your valued feedback and we would like to let you know that currently we are rewriting the document to make it easy and simple. > Thanks, Jajati

By Alex Planting user 09 Jun 2017 at 8:51 a.m. CDT

Copy
Alex Planting gravatar
thanks Jajati !

Post an answer