search

dominik-th / matomo-plugin-LoginOIDC

external authentication services for matomo
https://plugins.matomo.org/LoginOIDC/
GNU General Public License v3.0
40 stars 29 forks source link

email claim on userinfo endpoint #96

Open gpkappos opened 1 year ago

gpkappos commented 1 year ago

Hello, in the line below it is assumed that the userinfo endpoint contains an "email" claim. This is not a safe assumption because the email claim does not exist in the userinfo specification.

https://github.com/dominik-th/matomo-plugin-LoginOIDC/blob/63f3bf5eeb72d6feeb1dffd86c87f7396977fbc3/Controller.php#L279

a solution could be what @moschlar mentioned in https://github.com/dominik-th/matomo-plugin-LoginOIDC/issues/65#issuecomment-1403568831

christophvw commented 9 months ago

This applies to AD FS: https://github.com/dominik-th/matomo-plugin-LoginOIDC/issues/106