update oidc documentation and email claim err msg

Signed-off-by: Rui Yang <ruiya@vmware.com>
This commit is contained in:
Rui Yang 2020-09-08 10:03:52 -04:00
parent 41207ba265
commit 0494993326
2 changed files with 7 additions and 14 deletions

View file

@ -78,28 +78,21 @@ connectors:
# promptType: consent # promptType: consent
# Some providers return no standard claim that is different to # Some providers return non-standard claims (eg. mail).
# claims list at https://openid.net/specs/openid-connect-core-1_0.html#Claims # Use claimMapping to map those claims to standard claims:
# Use claimMapping to specify custom claim names # https://openid.net/specs/openid-connect-core-1_0.html#Claims
# claimMapping can only map a non-standard claim to a standard one if it's not returned in the id_token.
claimMapping: claimMapping:
# The set claim is used as user id.
# Default: sub
# user_id: nickname
# The set claim is used as user name.
# Default: name
# user_name: nickname
# The set claim is used as preferred username. # The set claim is used as preferred username.
# Default: preferred_username # Default: preferred_username
# preferred_username: other_user_name # preferred_username: other_user_name
# The set claim is used as email. # The set claim is used as email.
# Default: "email" # Default: email
# email: mail # email: mail
# The set claim is used as groups. # The set claim is used as groups.
# Default: "groups" # Default: groups
# groups: "cognito:groups" # groups: "cognito:groups"
``` ```

View file

@ -330,7 +330,7 @@ func (c *oidcConnector) createIdentity(ctx context.Context, identity connector.I
} }
if !found && hasEmailScope { if !found && hasEmailScope {
return identity, fmt.Errorf("missing \"%s\" claim", emailKey) return identity, fmt.Errorf("missing email claim, not found \"%s\" key", emailKey)
} }
emailVerified, found := claims["email_verified"].(bool) emailVerified, found := claims["email_verified"].(bool)