search

simpleidserver / SimpleIdServer

OpenID, OAuth 2.0, SCIM2.0, UMA2.0, FAPI, CIBA & OPENBANKING Framework for ASP.NET Core
https://simpleidserver.com/
Apache License 2.0
683 stars 90 forks source link

Email and profile picture problems #707

Closed qq1176914912 closed 3 months ago

qq1176914912 commented 3 months ago

hello. 1、I see that if he passes the verification by binding a mobile phone, the field of "phone_number_verified" will appear in the claim, but after I bind the mailbox, he has no related field. So what should I do if I want to know whether the mailbox passes the verification? image 2、As for the avatar, I see that there is a field about picture in the claim. How does this address come from? If I log in with google, will he get my google avatar address? Does your project now not support setting your own avatar? image

qq1176914912 commented 3 months ago

hello. 1、I see that if he passes the verification by binding a mobile phone, the field of "phone_number_verified" will appear in the claim, but after I bind the mailbox, he has no related field. So what should I do if I want to know whether the mailbox passes the verification? image 2、As for the avatar, I see that there is a field about picture in the claim. How does this address come from? If I log in with google, will he get my google avatar address? Does your project now not support setting your own avatar? image

For the first question, I found it in scope: image

qq1176914912 commented 3 months ago

3、When adding a scope, if an error occurs, the error persists regardless of any scope click. image image

qq1176914912 commented 3 months ago

4、I found that when I added scope, I accidentally added one more space to the value of "Token claim name". After saving, this value was with space. When I tried to delete the space and save it again, I would get an error: "Token claim name must be unique". image

simpleidserver commented 3 months ago

Hello,

Currently, the end-user lacks the capability to define their picture in SimpleIdServer. I have initiated ticket #708 to address and implement this feature.

When a user authenticates with their Google account, it becomes feasible to incorporate their picture into the picture claim. To achieve this, you need to add a mapping rule in the Identity Provider by following these steps:

  1. Navigate to the Authentications window and select Google.

  2. Go to the Mappers tab.

  3. Click on the Add mapper button.

  4. Select the Property button and proceed to the Next button.

  5. Complete the form with the following values and click on the Save button:

Parameter Value
Name Picture
Source claim name picture (https://developers.google.com/identity/openid-connect/openid-connect?hl=fr)
User property picture

Upon attempting to save these settings, you may encounter the error message "Token claim name must be unique." This error is displayed when the scope already contains a mapping rule with the same name.

  1. Check if your scope includes mapping rules identical to the ones specified above.
  2. If the error persists, provide detailed steps on how to reproduce the error message, including any specific configurations or settings that might contribute to the issue.
qq1176914912 commented 3 months ago

Token claim name must be unique

On the issue of "Token claim name must be unique" The operation is as follows:

  1. I added a "scope" whose type is "Identity Value" and name is "testscope ".
  2. Then add "Mappers" to it and click "Mappers" Add Mapper, add an Attribute, and set Name and Token claim name to test: image
  3. Then repeat the operation of the second part, this is the "Name must be unique" at the top of the prompt. After the prompt appears, close the window and click the "Add Mapper" button again. Whether I select "Attribute" or "Property", the error message still exists even if I haven't entered anything: image
  4. The same thing happens with "API Resources", which basically means that if an error occurs once, even if I close the window and reopen it, the error still persists.
  5. Even if I click on "Client" to jump from its "ClientScope" to "Scope", this error still persists: image The same goes for the "Token claim name must be unique" error prompt, which persists for as long as an error has occurred.
qq1176914912 commented 3 months ago

Token claim name must be unique

On the issue of "Token claim name must be unique" The operation is as follows:

  1. I added a "scope" whose type is "Identity Value" and name is "testscope ".
  2. Then add "Mappers" to it and click "Mappers" Add Mapper, add an Attribute, and set Name and Token claim name to test: image
  3. Then repeat the operation of the second part, this is the "Name must be unique" at the top of the prompt. After the prompt appears, close the window and click the "Add Mapper" button again. Whether I select "Attribute" or "Property", the error message still exists even if I haven't entered anything: image
  4. The same thing happens with "API Resources", which basically means that if an error occurs once, even if I close the window and reopen it, the error still persists.
  5. Even if I click on "Client" to jump from its "ClientScope" to "Scope", this error still persists: image The same goes for the "Token claim name must be unique" error prompt, which persists for as long as an error has occurred.

I found that the pop-up window of the "Add client" button also has this problem. As long as there is an error once, the error will always exist. Maybe all pop-ups have this problem.

simpleidserver commented 3 months ago

When an error message was displayed in the popup window, it was never removed, even when the window was closed. This issue has been fixed in all popup windows.

qq1176914912 commented 3 months ago

When an error message was displayed in the popup window, it was never removed, even when the window was closed. This issue has been fixed in all popup windows.

Thank you for your modification.