Normalisation de la réécriture des attributs par défaut
This commit is contained in:
parent
126dbf66c2
commit
1ff89ac420
@ -86,12 +86,24 @@ hydra_passwordless_smtp_use_start_tls: no
|
||||
hydra_passwordless_sender_address: noreply@localhost
|
||||
hydra_passwordless_sender_name: "[hydra-passwordless]"
|
||||
hydra_passwordless_attributes_rewrite_rules:
|
||||
email:
|
||||
- consent.session.id_token.email
|
||||
email_verified:
|
||||
- consent.session.id_token.email_verified
|
||||
roles:
|
||||
- "[]"
|
||||
email:
|
||||
- "property_exists(consent.session.id_token, 'email') ? consent.session.id_token.email : null"
|
||||
email_verified:
|
||||
- "property_exists(consent.session.id_token, 'email_verified') ? consent.session.id_token.email_verified : false"
|
||||
family_name:
|
||||
- "property_exists(consent.session.id_token, 'family_name') ? consent.session.id_token.family_name : null"
|
||||
given_name:
|
||||
- "property_exists(consent.session.id_token, 'given_name') ? consent.session.id_token.given_name : null"
|
||||
birthdate:
|
||||
- "property_exists(consent.session.id_token, 'birthdate') ? consent.session.id_token.birthdate : null"
|
||||
gender:
|
||||
- "property_exists(consent.session.id_token, 'gender') ? consent.session.id_token.gender : null"
|
||||
birthplace:
|
||||
- "property_exists(consent.session.id_token, 'birthplace') ? consent.session.id_token.birthplace : null"
|
||||
birthcountry:
|
||||
- "property_exists(consent.session.id_token, 'birthcountry') ? consent.session.id_token.birthcountry : null"
|
||||
roles:
|
||||
- "property_exists(consent.session.id_token, 'roles') ? consent.session.id_token.roles : []"
|
||||
|
||||
# Hydra SAML configuration
|
||||
|
||||
@ -124,7 +136,21 @@ hydra_saml_include_sp_default_attributes_policy: "yes"
|
||||
# en provenance de la login-app sélectionnée
|
||||
hydra_saml_attributes_rewrite_rules:
|
||||
email:
|
||||
- consent.session.id_token.email
|
||||
- "consent.session.id_token.email ? consent.session.id_token.email : null"
|
||||
family_name:
|
||||
- "consent.session.id_token.family_name ? consent.session.id_token.family_name : null"
|
||||
given_name:
|
||||
- "consent.session.id_token.given_name ? consent.session.id_token.given_name : null"
|
||||
birthdate:
|
||||
- "consent.session.id_token.given_name ? consent.session.id_token.birthdate : null"
|
||||
gender:
|
||||
- "consent.session.id_token.given_name ? consent.session.id_token.gender : null"
|
||||
birthplace:
|
||||
- "consent.session.id_token.given_name ? consent.session.id_token.birthplace : null"
|
||||
birthcountry:
|
||||
- "consent.session.id_token.given_name ? consent.session.id_token.birthcountry : null"
|
||||
roles:
|
||||
- "consent.session.id_token.roles ? consent.session.id_token.roles : null"
|
||||
|
||||
# Entête HTTP utilisée pour identifier l'utilisateur connecté
|
||||
hydra_saml_subject_header: subject-id
|
||||
@ -172,21 +198,23 @@ hydra_oidc_client_secret:
|
||||
|
||||
hydra_oidc_attributes_rewrite_rules:
|
||||
email:
|
||||
- consent.session.id_token.email
|
||||
- "property_exists(consent.session.id_token, 'email') ? consent.session.id_token.email : null"
|
||||
email_verified:
|
||||
- "property_exists(consent.session.id_token, 'email_verified') ? consent.session.id_token.email_verified : false"
|
||||
family_name:
|
||||
- consent.session.id_token.family_name
|
||||
- "property_exists(consent.session.id_token, 'family_name') ? consent.session.id_token.family_name : null"
|
||||
given_name:
|
||||
- consent.session.id_token.given_name
|
||||
- "property_exists(consent.session.id_token, 'given_name') ? consent.session.id_token.given_name : null"
|
||||
birthdate:
|
||||
- consent.session.id_token.birthdate
|
||||
- "property_exists(consent.session.id_token, 'birthdate') ? consent.session.id_token.birthdate : null"
|
||||
gender:
|
||||
- consent.session.id_token.gender
|
||||
- "property_exists(consent.session.id_token, 'gender') ? consent.session.id_token.gender : null"
|
||||
birthplace:
|
||||
- consent.session.id_token.birthplace
|
||||
- "property_exists(consent.session.id_token, 'birthplace') ? consent.session.id_token.birthplace : null"
|
||||
birthcountry:
|
||||
- consent.session.id_token.birthcountry
|
||||
- "property_exists(consent.session.id_token, 'birthcountry') ? consent.session.id_token.birthcountry : null"
|
||||
roles:
|
||||
- "[]"
|
||||
- "property_exists(consent.session.id_token, 'roles') ? consent.session.id_token.roles : []"
|
||||
|
||||
# Hydra LDAP configuration
|
||||
|
||||
@ -197,13 +225,23 @@ hydra_ldap_app_icon_url:
|
||||
hydra_ldap_dev_mode: false
|
||||
hydra_ldap_attributes_rewrite_rules:
|
||||
email:
|
||||
- consent.session.id_token.email
|
||||
- "property_exists(consent.session.id_token, 'email') ? consent.session.id_token.email : null"
|
||||
email_verified:
|
||||
- "property_exists(consent.session.id_token, 'email_verified') ? consent.session.id_token.email_verified : false"
|
||||
family_name:
|
||||
- consent.session.id_token.family_name
|
||||
- "property_exists(consent.session.id_token, 'family_name') ? consent.session.id_token.family_name : null"
|
||||
given_name:
|
||||
- consent.session.id_token.given_name
|
||||
- "property_exists(consent.session.id_token, 'given_name') ? consent.session.id_token.given_name : null"
|
||||
birthdate:
|
||||
- "property_exists(consent.session.id_token, 'birthdate') ? consent.session.id_token.birthdate : null"
|
||||
gender:
|
||||
- "property_exists(consent.session.id_token, 'gender') ? consent.session.id_token.gender : null"
|
||||
birthplace:
|
||||
- "property_exists(consent.session.id_token, 'birthplace') ? consent.session.id_token.birthplace : null"
|
||||
birthcountry:
|
||||
- "property_exists(consent.session.id_token, 'birthcountry') ? consent.session.id_token.birthcountry : null"
|
||||
roles:
|
||||
- consent.session.id_token.roles
|
||||
- "property_exists(consent.session.id_token, 'roles') ? consent.session.id_token.roles : []"
|
||||
hydra_ldap_endpoints: []
|
||||
hydra_ldap_bind_dn:
|
||||
hydra_ldap_bind_password:
|
||||
|
Loading…
Reference in New Issue
Block a user