I am having the same issue.
[result=Service Access
Granted,service=http://localhost:/login/cas,principal=SimplePrincipal(id=102313159136078677102,
attributes={access_token=[ya29.GlzMBibZB2IIac9qMvpdqQ3ZqOufogMmVCkDFvsSG3-qM88mb_Sa-CgNcK0LLHFxO4TJ_ugz7uiTDFUOW7YTi_PXVgVTmuIGYWSdzt11pPpVoxfc6s66OK1DcTJRvw],
displayName=[Indika Munaweera],
emails=[org.pac4j.oauth.profile.google2.Google2Email@6b8a5964],
image.url=[https://lh3.googleusercontent.com/-r9n1gDd0euo/AAI/Brw/YFvvFzZ25T4/s50/photo.jpg],
language=[en], name.familyName=[Munaweera],
name.givenName=[Indika]}),requiredAttributes={}]
I need emails=[org.pac4j.oauth.profile.google2.Google2Email@6b8a5964]object
in JSON format as the other values.
Any help is highly appreciated.
Thanks,
On Friday, October 27, 2017 at 1:21:50 AM UTC+5:30, leleuj wrote:
>
> Hi,
>
> It should work. The authentication delegation is handled by the
> ClientAction or DelegatedClientAuthenticationAction class (the name has
> changed over versions) which uses the ClientAuthenticationHandler. In this
> handler, the user profile attributes are used to build the SimplePrincipal:
> when you turn on the DEBUG logs on org.jasig/org.apereo, what do you see
> for the built principal?
> Thanks.
> Best regards,
> Jérôme
>
>
> On Thu, Oct 26, 2017 at 6:28 AM, Edward > wrote:
>
>> Hi All,
>> Thank you very much for your response:
>>
>> 1. my scope for google is:
>> cas.authn.pac4j.google.scope=EMAIL_AND_PROFILE
>>
>> 2. after add logging.level.org.pac4j=DEBUG
>> i can see in the log that google return lot of attributes:
>> 2017-10-26 11:56:34,573 INFO
>> [org.pac4j.oauth.profile.creator.OAuth20ProfileCreator] - > "kind": "plus#person",
>> "etag": "\"xx/x\"",
>> "emails": [
>> {
>>"value": "x.x...@gmail.com ",
>>"type": "account"
>> }
>> ],
>> "objectType": "person",
>> "id": "15125125125125",
>> "displayName": "xx",
>> "name": {
>> "familyName": "X",
>> "givenName": "Xxx"
>> },
>> "url": "https://plus.google.com/15125125125125;,
>> "image": {
>> "url": "
>> https://lh4.googleusercontent.com/-XFxyqk/XXX/XXXcv/-XXXasaXX/photo.jpg?sz=50
>> ",
>> "isDefault": false
>> },
>> "isPlusUser": true,
>> "language": "en_GB",
>> "circledByCount": 6,
>> "verified": false
>> }
>> >
>>
>> but the final user profile JSON string i got is still the same, not the
>> full one like above.
>> {
>> "attributes":
>> {
>> "clientName": "Google"
>> },
>> "id": "15125125125125"
>> }
>>
>>
>> 3. this is how i get CAS user profile :
>> HttpClient client = new HttpClient();
>> tring profileUrl = "
>> https://mydomain.dom.com:8443/cas/oauth2.0/profile?access_token=AT-5-BXWqunDZXTVBZT6jSC6bjqfqodO7JStxJUf
>> ";
>> GetMethod method = new GetMethod(profileUrl);
>> client.executeMethod(method);
>> resultStr = method.getResponseBodyAsString();
>> //*resultStr* only contain above JSON string.
>>
>> 4. in the service configuration:
>> {
>> @class: org.apereo.cas.support.oauth.services.OAuthRegisteredService
>> serviceId: ^https://mydomain.dom.com:8443/cas-users-management/.*
>> name: CAS User Management
>> id: 1506918968305
>> description: CAS user management
>> proxyPolicy:
>> {
>> @class: org.apereo.cas.services.RefuseRegisteredServiceProxyPolicy
>> }
>> evaluationOrder: 0
>> usernameAttributeProvider:
>> {
>> @class:
>> org.apereo.cas.services.DefaultRegisteredServiceUsernameProvider
>> canonicalizationMode: NONE
>> encryptUsername: false
>> }
>> attributeReleasePolicy:
>> {
>> @class: org.apereo.cas.services.*ReturnAllAttributeReleasePolicy*
>> principalAttributesRepository:
>> {
>> @class:
>> org.apereo.cas.authentication.principal.DefaultPrincipalAttributesRepository
>> expiration: 2
>> timeUnit: HOURS
>> }
>> authorizedToReleaseCredentialPassword: false
>> authorizedToReleaseProxyGrantingTicket: false
>> excludeDefaultAttributes: f