update oidc documentation and email claim err msg

Signed-off-by: Rui Yang <ruiya@vmware.com>
This commit is contained in:
Rui Yang 2020-09-08 10:03:52 -04:00
parent 41207ba265
commit 0494993326
2 changed files with 7 additions and 14 deletions

View file

@ -78,28 +78,21 @@ connectors:
# promptType: consent
# Some providers return no standard claim that is different to
# claims list at https://openid.net/specs/openid-connect-core-1_0.html#Claims
# Use claimMapping to specify custom claim names
# Some providers return non-standard claims (eg. mail).
# Use claimMapping to map those claims to standard claims:
# https://openid.net/specs/openid-connect-core-1_0.html#Claims
# claimMapping can only map a non-standard claim to a standard one if it's not returned in the id_token.
claimMapping:
# The set claim is used as user id.
# Default: sub
# user_id: nickname
# The set claim is used as user name.
# Default: name
# user_name: nickname
# The set claim is used as preferred username.
# Default: preferred_username
# preferred_username: other_user_name
# The set claim is used as email.
# Default: "email"
# Default: email
# email: mail
# The set claim is used as groups.
# Default: "groups"
# Default: groups
# groups: "cognito:groups"
```

View file

@ -330,7 +330,7 @@ func (c *oidcConnector) createIdentity(ctx context.Context, identity connector.I
}
if !found && hasEmailScope {
return identity, fmt.Errorf("missing \"%s\" claim", emailKey)
return identity, fmt.Errorf("missing email claim, not found \"%s\" key", emailKey)
}
emailVerified, found := claims["email_verified"].(bool)