AnsweredAssumed Answered

sample to extract users group information for OIDC userinfo

Question asked by shinoy.cherayil on Apr 26, 2017
Latest reply on Apr 26, 2017 by Stephen_Hughes

I have a requirement to pass the users group information as a part of claims in the userinfo endpoint of the OpenID Connect implementation. If I just extract the groups information from CA SSO, I get it as

{

   "sub": "XnGo6hjvm6PK1fUJU6gnRKvy0d63eosOwNSIlI4Qo2E",
   "name": "Shinoy Cherayil",
   "family_name": "Cherayil",
   "nickname": "Shinoy",
   "preferred_username": "xxxxx",
   "groups": "CN=CVTrials,OU=VDS,ou=groups,DC=acmecorp,DC=com, CN=DL All Users,ou=groups,DC=acmecorp,DC=com, CN=DL ZL CP G1 Mgrs,ou=groups,DC=acmecorp,DC=com,CN=EPFellowsInternal,OU=VDS,ou=groups,DC=acmecorp,DC=com, CN=FACSalesAdminExceptions,OU=VDS,ou=groups,DC=acmecorp,DC=com,  CN=bousers,OU=VDS,ou=groups,DC=acmecorp,DC=com"
}

 

Any idea on how i can transform that into this format as arrays when the groups element length could vary based on the number of groups the user belongs to.

 

{

 

   "sub": "XnGo6hjvm6PK1fUJU6gnRKvy0d63eosOwNSIlI4Qo2E",
   "name": "Shinoy Cherayil",
   "family_name": "Cherayil",
   "nickname": "Shinoy",
   "preferred_username": "xxxxx",
   "groups": ["CN=CVTrials,OU=VDS,ou=groups,DC=acmecorp,DC=com", "CN=DL All Users,ou=groups,DC=acmecorp,DC=com", "CN=DL ZL CP G1 Mgrs,ou=groups,DC=acmecorp,DC=com","CN=EPFellowsInternal,OU=VDS,ou=groups,DC=acmecorp,DC=com", "CN=FACSalesAdminExceptions,OU=VDS,ou=groups,DC=acmecorp,DC=com", "CN=bousers,OU=VDS,ou=groups,DC=acmecorp,DC=com"]
}

Outcomes