search

finalist / liferay-oidc-plugin

Plugin for Liferay, enabling OpenID Connect authentication
Apache License 2.0
21 stars 31 forks source link

OpenID Connect UserInfo does not contain email field #62

Open scmdavid opened 1 year ago

scmdavid commented 1 year ago

Environment • OpenID Connect Liferay plugin 0.5.2 • Azure AD B2C • Liferay CE 7.0.6 GA

Login failed and found the following error:

ERROR [http-nio-8080-exec-5][Liferay70Adapter:69] Unexpected: OpenID Connect UserInfo does not contain email field. Cannot correlate to Liferay user. UserInfo: {sub=yyyyyyyy-98e0-45db-bd4f-3d5f0d4d134c, given_name=Tester, family_name=LocalAccount, email=xxxxxx@outlook.com}

Could I fall back to the default login? For example, say I made a mistake on configuration; how could I sign in again (not with OIDC) and make the correction?

For 7.0 DXP, I don’t think it reads the openidconnect.enableOpenIDConnect from portal-ext.properties

scmdavid commented 1 year ago

Worked when switched to Generic OpenID Provider

Be careful about selecting the OpenID Provider type; they have different expectations about the claims returned from UserInfo endpoint:

Generic: {email, given_name, family_name} Azure AD: {unique_name, given_name, family_name}