search

dns3l / dns3l-core

Core functionality of dns3l written in Go
1 stars 3 forks source link

Username missing in claimedBy #34

Open iaean opened 1 year ago

iaean commented 1 year ago

I created a cert but the username is empty and seems lost

"name": "dns3l.example.com.",
"claimedBy": {
  "name": "",
  "email": "kilgore.trout@example.com"
}

Can you check how the ID token email and name are passed to and stored with a claimed cert? If both was provided both should be part of the state...

lnobach commented 1 year ago

I can not yet reproduce the bug with the component tests using a stubbed auth plugin, unfortunately I don't have a dex instance at hand to try this out without a stub.

Please set

auth:
  debug_claims: true

in the config and grep the log for Debug Claims (be sure to remove the flag afterwards, because it may leak secrets to the log).

Maybe the JSON key name is not set in the claims. If it is set correctly, I will debug the OIDC plugin as soon as I have a dex instance at hand (probably start of next week). If name is not set, the error must be resolved in the configuration of the dex instance attached to the backend. Maybe name is not the expected JSON key for the name?

Note that dns3ld only complains if both name and email keys in the dex claims json are missing or empty.