Having a task to get the details of password last update date to calculate remaining days for expiring.
I tried using Claim uri http://wso2.org/claims/identity/failedLoginAttempts and http://wso2.org/claims/identity/accountLocked to get the details on failed attempts and status of the account. which worked as expected, but to get the password last updated date, i require a claim uri and the attribute to fetch the field value.
Could you please help in understanding this?
There is claim uri that is defined as http://wso2.org/claims/passwordTimestamp But i do not think it has been used in Identity Server. This is latest code of identity management listener that implements these functions. I can not find usage of this claim
Related
I'm using the delivery endpoints of the Facebook Marketing API (v3.2)
I've successfully got this one working:
/{AD_ACCOUNT}/delivery_estimate
(Note, as usual the docs are misleading and you have to use the prefix act_ for it to work)
I can't get this to work:
/{AD_SET}/delivery_estimate
(Ad sets are groups of ads within a campaign).
If you just supply the number on its own, it fails, as you'd expect, with:
Cannot determine the target object for this request. Currently
supported objects include ad account, business account and associated
object.
I've tried a few variations - ad_, adset_, ad-set_, ad_set, adsetid_ etc. - none of which work.
Anybody know what it is? I've not found anything in the API docs, so if anyone does have a Facebook URL that explains it…
Answer - there's no prefix or special way to write ad set IDs. I'm unclear why it wasn't working before.
You can use this to get a list of adsets for the account (as an array in 'data'):
https://graph.facebook.com/v3.3/act_0000000000/adsets
Then you just supply the ID on it's own after the API version number:
https://graph.facebook.com/v3.3/12345678901234567/delivery_estimate?targeting_spec...
After processing the payment, control is not directing back to our site(x_relay_url) from https://test.authorize.net/gateway/transact.dll.
The URL mentioned in the x_relay_url cannot be accessed directly it requires session id and other details to access it which was passed to Authorize net page using merchantDefinedData variables.
I checked the following article also but our URL seems to be fine and we checked our code there is nothing wrong in that.
I tried multiple URLs in "x_relay_url" but nothing seems to be working.
Any help is appreciated.
Error Message:
An error occurred while trying to report this transaction to the
merchant. An e-mail has been sent to the merchant informing them of
the error. The following is the result of the attempt to charge your
credit card.
This transaction has been approved.
It is advisable for you to contact the merchant to verify that you will receive the product or service.
I have added a local custom claim namely http://wso2.org/claims/fg_imprenditore to http://wso2.org/claims dialect and mapped it on a custom primary user store attribute (JDBC user store).
The custom claim appears in the user profile and I can set/update the value correctly.
I have defined a new service provider and added the custom claim in Claim Configuration -> Use Local Claim Dialect.
In addition I have edited /_system/config/oidc and modified the openid property to include the new claim as follows: sub,...,street,http://wso2.org/claims/fg_imprenditore
Now the issues.
I ask a JWT Token from a javascript client with the following request:
http://**********/?response_type=id_token&client_id=" + "f8SatEWpyi1qvPLVspsDfTbefm0a" + "&scope=openid&redirect_uri=http://localhost:3000/oauth_callback.html&nonce=" + nonce
After login the WSO2is server prompts the following message (even if the attribute is already present in the profile): You are trying to login to **** application, but it needs following information filled in the user profile. You can fill those below and proceed with the authentication. But it is advised to fill these information in your Identity Provider profile in order to avoid this step every time you login.
If I fill the field (correctly) labeled "http://wso2.org/claims/fg_imprenditore" I can proceed. In any case the claim is not returned in the JWT Token.
In addition if I go in the user profile the attribute is set correctly (with the new value!) but if I try to authenticate again I need to fill the attribute again..
Many thanks for the support.
If you don't mark the claim as mandatory on your Service Provider it shouldn't request it when you try to log in. Also, in order for the jwt to contain your custom claim you need to map the custom claim to a new custom claim under the oauth dialect, and then map the new oauth claim under the oidc scope you use. It took me a while to get it too as there isn't sufficient documentation describing these steps. Hope this solves your issue.
This happens because "http://wso2.org/claims/fg_imprenditore" claim is not mapped to any oidc claims in WSO2 IS. Do the following in get rid of the issue.
Go to List under Claims in IS Management Console Main tab.
Click on http://wso2.org/oidc/claim
Add new claim with the name fg_imprenditore in oidc claim dialect. You will see a drop down to select "Mapped Local Claim". Map it to http://wso2.org/claims/fg_imprenditore. (Check "Add External Claim" section in this)
Save new oidc claim and try again.
I am just following what is on the guide
I've already populated the user's profile information but so far I only get sub. I want to get something same like in the guide:
{
"sub":"admin",
"email":"admin#wso2.com",
"website":"https://wso2.com",
"name":"admin",
"family_name":"admin",
"preferred_username":"admin",
"given_name":"admin",
"profile":"https://wso2.com",
"country":"Sri Lanka"
}
CONFIG
Identity Server - AWS Cloud with Domain and SSL + Nginx Proxy
Sample Web App - local machine
UPDATE:
It is an open bug. What
is the workaround to get the other fields? Based on that jira, only
the password grant is not fix, where to get the fix for code and
impilict grant?
I tried hosting the IS also locally, same results
To retrieve OIDC claim attributes to id_token or userinfo endpoint, the following steps needs to be done correctly(assuming you are working on IS 5.2.0).
1. Update relevant claims' Mapped Attribute with your underlying user store's matching attributes.
2. Update requested claims to Service provider [1].
3. Update missing attributes in '/_system/config/oidc' for scope 'openid' (Configuration changes in IS 5.2.0 [2]).
We are using WSO2 in a project and i need to get the number of days left for password expiry for a given user, via some web service interface, so that a warning could be displayed upon login.
Didn't find any operation in the web service endpoints i know about. Could any one help? Thanks.
As I understand, there is no out of box service for doing this.We had somewhat similar requirement which we accomplished by creating a custom operation in User Management Web Service. Below is the way by which you may achieve this:
In case you are using LDAP as user store then you may configure the password expiration policy there. And then you may create a custom operation which will check the applicable password policy for the given user and fetch password expiration interval and then calculate the number of days left by comparing the last password changed time from LDAP. Hope it helps.