-
Notifications
You must be signed in to change notification settings - Fork 7
oidcext:OIDCString
Default functionality of OIDCString encoder is to encode an IdPAttribute with simple string values as a JSON object with string value. If IdPAttribute has multiple string values, the values are catenated to a single string value with space as delimeter. There are several options to alter the encoder behaviour.
Multiple values may be encoded also as JSON array instead of catenating all to a single string. Options allow also presenting values as a JSON integer or as a JSON boolean. When presenting values as a integer, nonparsable values are discarded. If output is set to be presented as a JSON array, all parsable values are placed to array. If array is not used, the first parsable value is treated as the result. When presenting values as boolean all strings matching 'true' (ignoring the case) are considered to be true, others false. If output is set to be presented as a JSON array, all boolean values are placed to array. If array is not used, the first value is treated as the result.
Finally there is also option to parse the string to JSON Object (for instance to form address claim). This option cannot be combined with other formulating options.
This xsi:type is defined by the org.geant.idpextension.oidc.attribute.encoder schema, which is located at https://github.com/CSCfi/shibboleth-idp-oidc-extension/blob/master/idp-oidc-extension-impl/src/main/resources/schema/idp-oidc-extension-attribute-encoder.xsd and used by the reference installation from classpath:/schema/idp-oidc-extension-attribute-encoder.xsd
- asBoolean, present value(s) as a JSON boolean. Default value is "false".
- asInt, present value(s) as a JSON integer. Default value is "false".
- asArray, set value(s) to JSON Array. Default value is "false".
- asObject, parse value to JSON object. Default value is "false".
- stringDelimiter, delimiter used when catenating multiple values to single string. Default is " ".
- setToToken, Default is "false". If set to true the value is to encoded to Authorization Code or to Access Token to ensure availability in Token and Userinfo endpoints.
- placeToIDToken, Default is "false". By default attributes are delivered in userinfo response unless response type is "id_token". Setting the flag true will include attribute in id token regardless of response type.
- denyUserinfo, Default is "false". By default attributes are delivered in userinfo response unless response type is "id_token". Setting the flag true excludes attribute from userinfo response.
Set affiliation value(s) to array instead of single string:
<AttributeEncoder xsi:type="oidcext:OIDCString" name="affiliation" asArray="true"/>
Convert the string value to integer:
<AttributeEncoder xsi:type="oidcext:OIDCString" name="age" asInt="true"/>
Combine 5 attributes to JSON string and parse the result as JSON object:
<AttributeDefinition id="address" xsi:type="ScriptedAttribute">
<Dependency ref="staticAttributes" />
<Script><![CDATA[address.addValue("{\"street_address\":\""+street_address.getValues().get(0) + "\","
+"\"locality\":\""+locality.getValues().get(0) + "\","
+"\"region\":\""+region.getValues().get(0) + "\","
+"\"postal_code\":\""+postal_code.getValues().get(0) + "\","
+"\"country\":\""+country.getValues().get(0) + "\"}");]]></Script>
<AttributeEncoder xsi:type="oidcext:OIDCString" asObject="true" name="address" />
</AttributeDefinition>
Resulting address claim might look like:
"address":{
"street_address":"234 Hollywood Blvd.",
"country":"US",
"locality":"Los Angeles",
"region":"CA",
"postal_code":"90210"
}
(Migrated)