Spring 授权服务器用户信息端点
Spring Authorization Server userinfo endpoint
我从 /userinfo 端点得到以下输出
{
"sub": "XXXX@gmail.com",
"aud": [
"XXXXXXXXX"
],
"nbf": 1646097620.000000000,
"scope": [
"openid",
"profile",
"email"
],
"iss": "https://XXXXXX/authServer",
"exp": 1646097920.000000000,
"iat": 1646097620.000000000
我需要用户名和电子邮件可见。
谁能帮我解决这个问题?
我们正在编写参考文档,包括 how-to 此类案例的指南。请参阅 How-to: Customize the OpenID Connect 1.0 UserInfo response #537,如果对您有帮助,请随时 up-vote 该问题。
同时,检查 OidcUserInfoTests 中的配置,它演示了如何自定义用户信息端点返回的声明。例如,您可以简单地映射来自 JWT(访问令牌)的所有声明,也可以仅映射特定声明。
您可能还想查看 DefaultOidcUserInfoMapper. The default strategy used is to map the standard claims from the id_token that are resolvable by the granted OIDC scope(s). Since in your example, you have profile and email, you can also provide an OAuth2TokenCustomizer to add the associated claims to the id_token when it is created, and they will automatically show up in the User Info endpoint. See OidcTests 以了解自定义 id_token 的示例。
我从 /userinfo 端点得到以下输出
{
"sub": "XXXX@gmail.com",
"aud": [
"XXXXXXXXX"
],
"nbf": 1646097620.000000000,
"scope": [
"openid",
"profile",
"email"
],
"iss": "https://XXXXXX/authServer",
"exp": 1646097920.000000000,
"iat": 1646097620.000000000
我需要用户名和电子邮件可见。
谁能帮我解决这个问题?
我们正在编写参考文档,包括 how-to 此类案例的指南。请参阅 How-to: Customize the OpenID Connect 1.0 UserInfo response #537,如果对您有帮助,请随时 up-vote 该问题。
同时,检查 OidcUserInfoTests 中的配置,它演示了如何自定义用户信息端点返回的声明。例如,您可以简单地映射来自 JWT(访问令牌)的所有声明,也可以仅映射特定声明。
您可能还想查看 DefaultOidcUserInfoMapper. The default strategy used is to map the standard claims from the id_token that are resolvable by the granted OIDC scope(s). Since in your example, you have profile and email, you can also provide an OAuth2TokenCustomizer to add the associated claims to the id_token when it is created, and they will automatically show up in the User Info endpoint. See OidcTests 以了解自定义 id_token 的示例。