Hi Stian/Marek, Can you please advise on the following? I used the instructions from this page - http://keycloak.github.io/docs/userguide/html/identity-broker.html#d4e1954. I’m not sure if I have included it in the correct location as it doesn’t work. I need this to debug the JSON response from a custom OpenID Connect backend. Thanks a lot! Eugene > On 13 Jul 2015, at 17:20, Eugene Chow <eugene.chow.ct(a)gmail.com > <mailto:eugene.chow.ct@gmail.com>> wrote: > > Hi, > > i have a Keycloak 1.2.0 installation that authenticates against a > custom OpenID Connect provider. I need to see the JSON response from > the social provider. The documentation says to set > org.keycloak.social.user_profile_dump to DEBUG. > > I’ve added the following to standalone.xml as such, but I don’t see > any JSON output in the log. Is this configuration correct? > > <profile> > <subsystem xmlns="urn:jboss:domain:logging:2.0”> > <logger category="org.keycloak.social.user_profile_dump"> > <level name="DEBUG"/> > </logger> > … > ... > </profile> > > > Thanks! > Eugene _______________________________________________ keycloak-user mailing list keycloak-user(a)lists.jboss.org https://lists.jboss.org/mailman/listinfo/keycloak-user

<subsystem xmlns="urn:jboss:domain:logging:3.0"> <console-handler name="CONSOLE"> <level name="DEBUG"/> <formatter> <named-formatter name="COLOR-PATTERN"/> </formatter> </console-handler> … <logger category="org.keycloak.social.user_profile_dump"> <level name="DEBUG"/> </logger> ...

{"sub":"Christine Chapel","name":"","position":"","preferred_username":"Christine Chapel","address":"Nurse, USS Enterprise"}

On 14 Jul 2015, at 14:59, Eugene Chow <eugene.chow.ct(a)gmail.com&gt; wrote: Hi Marek, Thanks for the heads up. I’ll give it a shot. Eugene > On 14 Jul 2015, at 14:53, Marek Posolda <mposolda(a)redhat.com <mailto:mposolda@redhat.com>> wrote: > > Hi, > > do you have opportunity to upgrade to latest 1.3.1.Final? It seems that this logging was added in this version and is not yet available in 1.2.0. > > Marek > > On 14.7.2015 07:59, Eugene Chow wrote: >> Hi Stian/Marek, >> >> Can you please advise on the following? I used the instructions from this page - http://keycloak.github.io/docs/userguide/html/identity-broker.html#d4e1954 <http://keycloak.github.io/docs/userguide/html/identity-broker.html#d4e195...;. I’m not sure if I have included it in the correct location as it doesn’t work. >> >> I need this to debug the JSON response from a custom OpenID Connect backend. >> >> >> Thanks a lot! >> Eugene >> >>> On 13 Jul 2015, at 17:20, Eugene Chow <eugene.chow.ct(a)gmail.com <mailto:eugene.chow.ct@gmail.com>> wrote: >>> >>> Hi, >>> >>> i have a Keycloak 1.2.0 installation that authenticates against a custom OpenID Connect provider. I need to see the JSON response from the social provider. The documentation says to set org.keycloak.social.user_profile_dump to DEBUG. >>> >>> I’ve added the following to standalone.xml as such, but I don’t see any JSON output in the log. Is this configuration correct? >>> >>> <profile> >>> <subsystem xmlns="urn:jboss:domain:logging:2.0”> >>> <logger category="org.keycloak.social.user_profile_dump"> >>> <level name="DEBUG"/> >>> </logger> >>> … >>> ... >>> </profile> >>> >>> >>> Thanks! >>> Eugene >> >> >> >> _______________________________________________ >> keycloak-user mailing list >> keycloak-user(a)lists.jboss.org <mailto:keycloak-user@lists.jboss.org> >> https://lists.jboss.org/mailman/listinfo/keycloak-user <https://lists.jboss.org/mailman/listinfo/keycloak-user>

COPY idp_mapper_config (idp_mapper_id, value, name) FROM stdin; 9871fac6-80ef-4fed-91d2-01a2fa56fd31 street user.attribute 9871fac6-80ef-4fed-91d2-01a2fa56fd31 address claim 473e55d3-8266-4507-bc1d-cc3c27d49498 lastName user.attribute 49a22d17-4dd5-426b-ba02-cbf6b7de6a84 sub claim 49a22d17-4dd5-426b-ba02-cbf6b7de6a84 firstName user.attribute

*lastName:* preferred_username *firstName: *sub *street:* address

{"sub":"Christine Chapel","name":"","position":"","preferred_username":"Christine Chapel","address":"Nurse, USS Enterprise"}

From looking at the code, it seems that we don't support mapping to UserModel properties (ie. firstName, lastName, email) but just custom attributes. Could you check your database if there is attribute "lastName" in USER_ATTRIBUTE table for this user? If it's the case, then it means that mapper added custom attribute "lastName" instead of the java property "lastName" from user model . Then feel free to create JIRA to support mapping to UserModel properties as well . Marek On 14.7.2015 13:19, Eugene Chow wrote: > Hi Marek, > > I managed to set up the logger. Thanks! This is the configuration to > dump the userinfo JSON response in the log file and the console. >> <subsystem xmlns="urn:jboss:domain:logging:3.0"> >> <console-handler name="CONSOLE"> >> <level name="DEBUG"/> >> <formatter> >> <named-formatter name="COLOR-PATTERN"/> >> </formatter> >> </console-handler> >> … >> <logger category="org.keycloak.social.user_profile_dump"> >> <level name="DEBUG"/> >> </logger> >> ... > > I have another problem, which is to map the *userinfo* from the > custom OpenID Connect backend. Upon login, it returns this JSON response: >> {"sub":"Christine >> Chapel","name":"","position":"","preferred_username":"Christine >> Chapel","address":"Nurse, USS Enterprise"} > > I’m trying to map *preferred_username* to the *Last Name* field. I > tried to map this field, and also *sub* and *address*, but all > without success: > *Name:* Fullname > *Mapper Type:* Attribute Importer > *Claim:* preferred_username > *User Attribute Name:* lastName > > Is there a specific *Claim* or *User Attribute Name* that I need to > use for the mapping to work? > > > Cheers! > >> On 14 Jul 2015, at 14:59, Eugene Chow <eugene.chow.ct(a)gmail.com >> <mailto:eugene.chow.ct@gmail.com>> wrote: >> >> Hi Marek, >> >> Thanks for the heads up. I’ll give it a shot. >> >> Eugene >> >>> On 14 Jul 2015, at 14:53, Marek Posolda <mposolda(a)redhat.com >>> <mailto:mposolda@redhat.com>> wrote: >>> >>> Hi, >>> >>> do you have opportunity to upgrade to latest 1.3.1.Final? It seems >>> that this logging was added in this version and is not yet >>> available in 1.2.0. >>> >>> Marek >>> >>> On 14.7.2015 07:59, Eugene Chow wrote: >>>> Hi Stian/Marek, >>>> >>>> Can you please advise on the following? I used the instructions >>>> from this page - >>>> http://keycloak.github.io/docs/userguide/html/identity-broker.html#d4e1954. >>>> I’m not sure if I have included it in the correct location as it >>>> doesn’t work. >>>> >>>> I need this to debug the JSON response from a custom OpenID >>>> Connect backend. >>>> >>>> >>>> Thanks a lot! >>>> Eugene >>>> >>>>> On 13 Jul 2015, at 17:20, Eugene Chow <eugene.chow.ct(a)gmail.com >>>>> <mailto:eugene.chow.ct@gmail.com>> wrote: >>>>> >>>>> Hi, >>>>> >>>>> i have a Keycloak 1.2.0 installation that authenticates against a >>>>> custom OpenID Connect provider. I need to see the JSON response >>>>> from the social provider. The documentation says to set >>>>> org.keycloak.social.user_profile_dump to DEBUG. >>>>> >>>>> I’ve added the following to standalone.xml as such, but I don’t >>>>> see any JSON output in the log. Is this configuration correct? >>>>> >>>>> <profile> >>>>> <subsystem xmlns="urn:jboss:domain:logging:2.0”> >>>>> <logger category="org.keycloak.social.user_profile_dump"> >>>>> <level name="DEBUG"/> >>>>> </logger> >>>>> … >>>>> ... >>>>> </profile> >>>>> >>>>> >>>>> Thanks! >>>>> Eugene >>>> >>>> >>>> >>>> _______________________________________________ >>>> keycloak-user mailing list >>>> keycloak-user(a)lists.jboss.org >>>> https://lists.jboss.org/mailman/listinfo/keycloak-user >>> >> >