Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-129986

OpenId Connect fails with Microsoft ADFS

    Details

      Description

      When using OpenId Connect with MS ADFS, the step getting userInfo fails because MS ADFS doesn't deliver any information in response to userInfo request...

      The previous steps of the openId connect protocols are OK : we obtains a valid authentication from ADFS, with all the mandatory tokens.

      The resolution seems to use id_token shipped informations instead of calling userInfo.

      Ref :
      https://docs.microsoft.com/fr-fr/windows-server/identity/ad-fs/overview/ad-fs-faq#i-am-trying-to-get-additional-claims-on-the-user-info-endpoint-but-its-only-returning-subject-how-can-i-get-additional-claims

      The impacted code is around : https://github.com/liferay/liferay-portal/blob/7.2.x/modules/apps/portal-security-sso/portal-security-sso-openid-connect-impl/src/main/java/com/liferay/portal/security/sso/openid/connect/internal/OpenIdConnectServiceHandlerImpl.java#L174

        Attachments

          Activity

            People

            Assignee:
            support-lep@liferay.com SE Support
            Reporter:
            cariou Christophe Cariou
            Participants of an Issue:
            Recent user:
            Christophe Cariou
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Days since last comment:
              6 weeks, 1 day ago

                Packages

                Version Package