update oidc documentation and email claim err msg
Signed-off-by: Rui Yang <ruiya@vmware.com>
This commit is contained in:
parent
41207ba265
commit
0494993326
2 changed files with 7 additions and 14 deletions
|
@ -78,28 +78,21 @@ connectors:
|
|||
# promptType: consent
|
||||
|
||||
|
||||
# Some providers return no standard claim that is different to
|
||||
# claims list at https://openid.net/specs/openid-connect-core-1_0.html#Claims
|
||||
# Use claimMapping to specify custom claim names
|
||||
# Some providers return non-standard claims (eg. mail).
|
||||
# Use claimMapping to map those claims to standard claims:
|
||||
# https://openid.net/specs/openid-connect-core-1_0.html#Claims
|
||||
# claimMapping can only map a non-standard claim to a standard one if it's not returned in the id_token.
|
||||
claimMapping:
|
||||
# The set claim is used as user id.
|
||||
# Default: sub
|
||||
# user_id: nickname
|
||||
|
||||
# The set claim is used as user name.
|
||||
# Default: name
|
||||
# user_name: nickname
|
||||
|
||||
# The set claim is used as preferred username.
|
||||
# Default: preferred_username
|
||||
# preferred_username: other_user_name
|
||||
|
||||
# The set claim is used as email.
|
||||
# Default: "email"
|
||||
# Default: email
|
||||
# email: mail
|
||||
|
||||
# The set claim is used as groups.
|
||||
# Default: "groups"
|
||||
# Default: groups
|
||||
# groups: "cognito:groups"
|
||||
```
|
||||
|
||||
|
|
|
@ -330,7 +330,7 @@ func (c *oidcConnector) createIdentity(ctx context.Context, identity connector.I
|
|||
}
|
||||
|
||||
if !found && hasEmailScope {
|
||||
return identity, fmt.Errorf("missing \"%s\" claim", emailKey)
|
||||
return identity, fmt.Errorf("missing email claim, not found \"%s\" key", emailKey)
|
||||
}
|
||||
|
||||
emailVerified, found := claims["email_verified"].(bool)
|
||||
|
|
Reference in a new issue