Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
filter the value fo the local claim to either the desired values for the specific provider or to no value at all. Either code updates the user's local claim value in the user local store.
Place this script in the Script Based Adaptive Configuration inside Advanced configuration of Local & Outbound Authentication Configuration under any service provider.
We expect not to alter at any way the underline user store but rather alter the local's claim values which are to be passed to the service provider.
Product Version: IS 5.10.0
OS: Mac OS 10.15.3
Database, Userstore : Default configuration provided in the installation
We wrote the following script for filtering values of a user local claim depending on the service provider.
var claimToFilterURI = 'http://wso2.org/claims/country'; var claimValuesToKeep = ['GREECE', 'UK']; var onLoginRequest = function(context) { executeStep(1, { onSuccess : function(context){ var user = context.steps[1].subject; var claimValue = user.localClaims[claimToFilterURI]; Log.info('JS - Before Filtering '+ claimValue); var newClaimValue = []; claimValuesToKeep.forEach(function (item, index) { if (claimValue.indexOf(item) !== -1){ newClaimValue.push(item); } }); if (newClaimValue.length){ user.localClaims[claimToFilterURI] = newClaimValue.toString();
} else{ user.localClaims[claimToFilterURI] = ''; } Log.info('JS - After Filtering'+ user.localClaims[claimToFilterURI]); } }); };
The following lines
user.localClaims[claimToFilterURI] = newClaimValue.toString(); user.localClaims[claimToFilterURI] = '';
filter the value fo the local claim to either the desired values for the specific provider or to no value at all. Either code updates the user's local claim value in the user local store.
Place this script in the Script Based Adaptive Configuration inside Advanced configuration of Local & Outbound Authentication Configuration under any service provider.
We expect not to alter at any way the underline user store but rather alter the local's claim values which are to be passed to the service provider.