Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC with azure ad failed #6958

Closed
jkl0898 opened this issue Jan 5, 2023 · 3 comments
Closed

OIDC with azure ad failed #6958

jkl0898 opened this issue Jan 5, 2023 · 3 comments
Labels
bug Bug report

Comments

@jkl0898
Copy link

jkl0898 commented Jan 5, 2023
edited
Loading

Describe the bug
can't login with sso used azure ad.

refence to this docs: Configuring Azure Authentication for React App

To Reproduce
Steps to reproduce the behavior:

  1. login with azure ad, username/password is correct.
  2. wait for a while , failed to login.
  3. screen as follow:
    image

image

  1. it seems to loop for a while, then failed.

check the datahub-frontend logs:
2023-01-05 18:07:12 10:07:12 [application-akka.actor.default-dispatcher-32] ERROR auth.sso.oidc.OidcCallbackLogic - Unable to renew the session. The session store may not support this feature
2023-01-05 18:07:12 10:07:12 [application-akka.actor.default-dispatcher-32] ERROR controllers.SsoCallbackController - Caught exception while attempting to handle SSO callback! It's likely that SSO integration is mis-configured.
2023-01-05 18:07:12 java.util.concurrent.CompletionException: java.lang.RuntimeException: Failed to resolve user name claim from profile provided by Identity Provider. Missing attribute. Attribute: 'email', Regex: '(.)', Profile: {sub=_zYaLC_t6q8ys7Tt1Ut17RVWuxm7Tku5ye-dWBY1ASs, ver=2.0, id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiJlMDgyY2UzMi1mNWI5LTQ5NzEtODE0MS0wNDg4NWQ3OGNhMzAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vMWI1ZWQzMWYtN2Q3NC00ZmNlLWEzYzItM2U5YTMyMDY1MjkzL3YyLjAiLCJpYXQiOjE2NzI5MTI5MzIsIm5iZiI6MTY3MjkxMjkzMiwiZXhwIjoxNjcyOTE2ODMyLCJuYW1lIjoieGlleWFvIiwib2lkIjoiZDg0ZThkNGQtZTVlZS00NGM5LTk2ZmItMTE0YWZkYWVkY2U5IiwicHJlZmVycmVkX3VzZXJuYW1lIjoieGlleWFvQGdyb3R0Lm9ubWljcm9zb2Z0LmNvbSIsInJoIjoiMC5BVkFBSDlOZUczUjl6ay1qd2o2YU1nWlNrekxPZ3VDNTlYRkpnVUVFaUYxNHlqQlFBRDQuIiwic3ViIjoiX3pZYUxDX3Q2cTh5czdUdDFVdDE3UlZXdXhtN1RrdTV5ZS1kV0JZMUFTcyIsInRpZCI6IjFiNWVkMzFmLTdkNzQtNGZjZS1hM2MyLTNlOWEzMjA2NTI5MyIsInV0aSI6IlNIR1lfaHplTTBLTnRYa2taMHRFQWciLCJ2ZXIiOiIyLjAifQ.c1dPiy14mbxRDzPkHcSnVNBMqzw8RHNXhc00dihgjcIl8JxI6bdFv4gLCOdEEfZ520KzOT_OurHWteibMfQFQ-Ywizaj15T8Aoz48tVpjh1IDVTkM0yoJFqT60b4-yGdPHDySNRRIP3fnK8WHIU6toqW0_NtOq1-EPqINU2OB_Xn6CwGXAtnWm7PnRgszv8Pd4gm1wgMY3FFNS2d9_n1FqLdWiOwrkVOUaLEExxJHDLJVcGKlm4-4oLc7jYeMcBVaoMoq1M_xOF5KhqNBj-m5Tq_1LDE86003Fl2DHoNFyqNseuS8_eTHhCRzIkrWWvj--4OGPvGlDzJOxGjEz-lQA, iss=https://login.microsoftonline.com/1b5ed31f-7d74-4fce-a3c2-3e9a32065293/v2.0, oid=d84e8d4d-e5ee-44c9-96fb-114afdaedce9, preferred_username=[email protected], uti=SHGY_hzeM0KNtXkkZ0tEAg, picture=https://graph.microsoft.com/v1.0/me/photo/$value, tid=1b5ed31f-7d74-4fce-a3c2-3e9a32065293, access_token=eyJ0eXAiOiJKV1QiLCJub25jZSI6ImFfOVNmcHJXUXY4Z3dTaVl4M01YNk13N1VUcWNIZkEtZ1NvX1JwR3RWeGsiLCJhbGciOiJSUzI1NiIsIng1dCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTAwMDAtYzAwMC0wMDAwMDAwMDAwMDAiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8xYjVlZDMxZi03ZDc0LTRmY2UtYTNjMi0zZTlhMzIwNjUyOTMvIiwiaWF0IjoxNjcyOTEyOTMyLCJuYmYiOjE2NzI5MTI5MzIsImV4cCI6MTY3MjkxNzEwMSwiYWNjdCI6MCwiYWNyIjoiMSIsImFpbyI6IkFUUUF5LzhUQUFBQXJOWCt6QzA5bUZzeWl3Rm91bUV1QWJERHkvbHlxdnUyRjNvNUFXbGkzYTAxdGMzWDJoazU3K3NXQ2RPYWZDMm0iLCJhbXIiOlsicHdkIl0sImFwcF9kaXNwbGF5bmFtZSI6ImRhdGFodWItdGVzdCIsImFwcGlkIjoiZTA4MmNlMzItZjViOS00OTcxLTgxNDEtMDQ4ODVkNzhjYTMwIiwiYXBwaWRhY3IiOiIxIiwiaWR0eXAiOiJ1c2VyIiwiaXBhZGRyIjoiMTAzLjExMy4xNTYuNTgiLCJuYW1lIjoieGlleWFvIiwib2lkIjoiZDg0ZThkNGQtZTVlZS00NGM5LTk2ZmItMTE0YWZkYWVkY2U5IiwicGxhdGYiOiIzIiwicHVpZCI6IjEwMDMyMDAxNzY1NjZBMzciLCJyaCI6IjAuQVZBQUg5TmVHM1I5emstandqNmFNZ1pTa3dNQUFBQUFBQUFBd0FBQUFBQUFBQUJRQUQ0LiIsInNjcCI6ImVtYWlsIG9wZW5pZCBwcm9maWxlIiwic2lnbmluX3N0YXRlIjpbImttc2kiXSwic3ViIjoidnRDRGl6OGRtc3JVdDkyTmhQZ0gwLTBDWWJhN0wyLVBKb09qXzNKb05HTSIsInRlbmFudF9yZWdpb25fc2NvcGUiOiJOQSIsInRpZCI6IjFiNWVkMzFmLTdkNzQtNGZjZS1hM2MyLTNlOWEzMjA2NTI5MyIsInVuaXF1ZV9uYW1lIjoieGlleWFvQGdyb3R0Lm9ubWljcm9zb2Z0LmNvbSIsInVwbiI6InhpZXlhb0Bncm90dC5vbm1pY3Jvc29mdC5jb20iLCJ1dGkiOiJTSEdZX2h6ZU0wS050WGtrWjB0RUFnIiwidmVyIjoiMS4wIiwid2lkcyI6WyI2MmU5MDM5NC02OWY1LTQyMzctOTE5MC0wMTIxNzcxNDVlMTAiLCJiNzlmYmY0ZC0zZWY5LTQ2ODktODE0My03NmIxOTRlODU1MDkiXSwieG1zX3N0Ijp7InN1YiI6Il96WWFMQ190NnE4eXM3VHQxVXQxN1JWV3V4bTdUa3U1eWUtZFdCWTFBU3MifSwieG1zX3RjZHQiOjE2MjkyNjcxMTZ9.dphwbsMwaXY-6_KELSJENbyaQag9SXIkATPkjA4cjBD6ldmGHWFalJoRLZryzx9Fs0MbC5u3-3VCixstvZn0Hx4NqvatevEWGIyFhglbtXPrzMphdyXCiD3yWsNeHfrU_i4PWdpmAKl0fkQgdTb9aTmGUEHzPdLVa8IaWtxHofgXAx46ZCeC1xhPDA-Ksyv-TP50n2NqZEsbyrmcl6Hzo8Q3dwYgMOL8tm0zSNOL1i8toO--4Y6Zyd5vH2m9EJjzgWJMveddwGOhyj-KjxzROB7SmNjMJsSLPPFweulFW6yv9smrGdakISDlyY5Ibp4SY67DlO42Qq9RkqxaZhqjMQ, token_expiration_advance=-1, aud=[e082ce32-f5b9-4971-8141-04885d78ca30], nbf=Thu Jan 05 10:02:12 GMT 2023, rh=0.AVAAH9NeG3R9zk-jwj6aMgZSkzLOguC59XFJgUEEiF14yjBQAD4., name=test, exp=Thu Jan 05 11:07:12 GMT 2023, iat=Thu Jan 05 10:02:12 GMT 2023}
2023-01-05 18:07:12 at java.base/java.util.concurrent.CompletableFuture.encodeThrowable(CompletableFuture.java:314)
2023-01-05 18:07:12 at java.base/java.util.concurrent.CompletableFuture.completeThrowable(CompletableFuture.java:319)
2023-01-05 18:07:12 at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1702)
2023-01-05 18:07:12 at play.core.j.HttpExecutionContext$$anon$2.run(HttpExecutionContext.scala:77)
2023-01-05 18:07:12 at akka.dispatch.TaskInvocation.run(AbstractDispatcher.scala:41)
2023-01-05 18:07:12 at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(ForkJoinExecutorConfigurator.scala:49)
2023-01-05 18:07:12 at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
2023-01-05 18:07:12 at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
2023-01-05 18:07:12 at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
2023-01-05 18:07:12 at akka.dispatch.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)
2023-01-05 18:07:12 Caused by: java.lang.RuntimeException: Failed to resolve user name claim from profile provided by Identity Provider. Missing attribute. Attribute: 'email', Regex: '(.)', Profile: {sub=_zYaLC_t6q8ys7Tt1Ut17RVWuxm7Tku5ye-dWBY1ASs, ver=2.0, id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiJlMDgyY2UzMi1mNWI5LTQ5NzEtODE0MS0wNDg4NWQ3OGNhMzAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vMWI1ZWQzMWYtN2Q3NC00ZmNlLWEzYzItM2U5YTMyMDY1MjkzL3YyLjAiLCJpYXQiOjE2NzI5MTI5MzIsIm5iZiI6MTY3MjkxMjkzMiwiZXhwIjoxNjcyOTE2ODMyLCJuYW1lIjoieGlleWFvIiwib2lkIjoiZDg0ZThkNGQtZTVlZS00NGM5LTk2ZmItMTE0YWZkYWVkY2U5IiwicHJlZmVycmVkX3VzZXJuYW1lIjoieGlleWFvQGdyb3R0Lm9ubWljcm9zb2Z0LmNvbSIsInJoIjoiMC5BVkFBSDlOZUczUjl6ay1qd2o2YU1nWlNrekxPZ3VDNTlYRkpnVUVFaUYxNHlqQlFBRDQuIiwic3ViIjoiX3pZYUxDX3Q2cTh5czdUdDFVdDE3UlZXdXhtN1RrdTV5ZS1kV0JZMUFTcyIsInRpZCI6IjFiNWVkMzFmLTdkNzQtNGZjZS1hM2MyLTNlOWEzMjA2NTI5MyIsInV0aSI6IlNIR1lfaHplTTBLTnRYa2taMHRFQWciLCJ2ZXIiOiIyLjAifQ.c1dPiy14mbxRDzPkHcSnVNBMqzw8RHNXhc00dihgjcIl8JxI6bdFv4gLCOdEEfZ520KzOT_OurHWteibMfQFQ-Ywizaj15T8Aoz48tVpjh1IDVTkM0yoJFqT60b4-yGdPHDySNRRIP3fnK8WHIU6toqW0_NtOq1-EPqINU2OB_Xn6CwGXAtnWm7PnRgszv8Pd4gm1wgMY3FFNS2d9_n1FqLdWiOwrkVOUaLEExxJHDLJVcGKlm4-4oLc7jYeMcBVaoMoq1M_xOF5KhqNBj-m5Tq_1LDE86003Fl2DHoNFyqNseuS8_eTHhCRzIkrWWvj--4OGPvGlDzJOxGjEz-lQA, iss=https://login.microsoftonline.com/1b5ed31f-7d74-4fce-a3c2-3e9a32065293/v2.0, oid=d84e8d4d-e5ee-44c9-96fb-114afdaedce9, preferred_username=[email protected], uti=SHGY_hzeM0KNtXkkZ0tEAg, picture=https://graph.microsoft.com/v1.0/me/photo/$value, tid=1b5ed31f-7d74-4fce-a3c2-3e9a32065293, access_token=eyJ0eXAiOiJKV1QiLCJub25jZSI6ImFfOVNmcHJXUXY4Z3dTaVl4M01YNk13N1VUcWNIZkEtZ1NvX1JwR3RWeGsiLCJhbGciOiJSUzI1NiIsIng1dCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTAwMDAtYzAwMC0wMDAwMDAwMDAwMDAiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8xYjVlZDMxZi03ZDc0LTRmY2UtYTNjMi0zZTlhMzIwNjUyOTMvIiwiaWF0IjoxNjcyOTEyOTMyLCJuYmYiOjE2NzI5MTI5MzIsImV4cCI6MTY3MjkxNzEwMSwiYWNjdCI6MCwiYWNyIjoiMSIsImFpbyI6IkFUUUF5LzhUQUFBQXJOWCt6QzA5bUZzeWl3Rm91bUV1QWJERHkvbHlxdnUyRjNvNUFXbGkzYTAxdGMzWDJoazU3K3NXQ2RPYWZDMm0iLCJhbXIiOlsicHdkIl0sImFwcF9kaXNwbGF5bmFtZSI6ImRhdGFodWItdGVzdCIsImFwcGlkIjoiZTA4MmNlMzItZjViOS00OTcxLTgxNDEtMDQ4ODVkNzhjYTMwIiwiYXBwaWRhY3IiOiIxIiwiaWR0eXAiOiJ1c2VyIiwiaXBhZGRyIjoiMTAzLjExMy4xNTYuNTgiLCJuYW1lIjoieGlleWFvIiwib2lkIjoiZDg0ZThkNGQtZTVlZS00NGM5LTk2ZmItMTE0YWZkYWVkY2U5IiwicGxhdGYiOiIzIiwicHVpZCI6IjEwMDMyMDAxNzY1NjZBMzciLCJyaCI6IjAuQVZBQUg5TmVHM1I5emstandqNmFNZ1pTa3dNQUFBQUFBQUFBd0FBQUFBQUFBQUJRQUQ0LiIsInNjcCI6ImVtYWlsIG9wZW5pZCBwcm9maWxlIiwic2lnbmluX3N0YXRlIjpbImttc2kiXSwic3ViIjoidnRDRGl6OGRtc3JVdDkyTmhQZ0gwLTBDWWJhN0wyLVBKb09qXzNKb05HTSIsInRlbmFudF9yZWdpb25fc2NvcGUiOiJOQSIsInRpZCI6IjFiNWVkMzFmLTdkNzQtNGZjZS1hM2MyLTNlOWEzMjA2NTI5MyIsInVuaXF1ZV9uYW1lIjoieGlleWFvQGdyb3R0Lm9ubWljcm9zb2Z0LmNvbSIsInVwbiI6InhpZXlhb0Bncm90dC5vbm1pY3Jvc29mdC5jb20iLCJ1dGkiOiJTSEdZX2h6ZU0wS050WGtrWjB0RUFnIiwidmVyIjoiMS4wIiwid2lkcyI6WyI2MmU5MDM5NC02OWY1LTQyMzctOTE5MC0wMTIxNzcxNDVlMTAiLCJiNzlmYmY0ZC0zZWY5LTQ2ODktODE0My03NmIxOTRlODU1MDkiXSwieG1zX3N0Ijp7InN1YiI6Il96WWFMQ190NnE4eXM3VHQxVXQxN1JWV3V4bTdUa3U1eWUtZFdCWTFBU3MifSwieG1zX3RjZHQiOjE2MjkyNjcxMTZ9.dphwbsMwaXY-6_KELSJENbyaQag9SXIkATPkjA4cjBD6ldmGHWFalJoRLZryzx9Fs0MbC5u3-3VCixstvZn0Hx4NqvatevEWGIyFhglbtXPrzMphdyXCiD3yWsNeHfrU_i4PWdpmAKl0fkQgdTb9aTmGUEHzPdLVa8IaWtxHofgXAx46ZCeC1xhPDA-Ksyv-TP50n2NqZEsbyrmcl6Hzo8Q3dwYgMOL8tm0zSNOL1i8toO--4Y6Zyd5vH2m9EJjzgWJMveddwGOhyj-KjxzROB7SmNjMJsSLPPFweulFW6yv9smrGdakISDlyY5Ibp4SY67DlO42Qq9RkqxaZhqjMQ, token_expiration_advance=-1, aud=[e082ce32-f5b9-4971-8141-04885d78ca30], nbf=Thu Jan 05 10:02:12 GMT 2023, rh=0.AVAAH9NeG3R9zk-jwj6aMgZSkzLOguC59XFJgUEEiF14yjBQAD4., name=test, exp=Thu Jan 05 11:07:12 GMT 2023, iat=Thu Jan 05 10:02:12 GMT 2023}
2023-01-05 18:07:12 at auth.sso.oidc.OidcCallbackLogic.extractUserNameOrThrow(OidcCallbackLogic.java:163)
2023-01-05 18:07:12 at auth.sso.oidc.OidcCallbackLogic.handleOidcCallback(OidcCallbackLogic.java:118)
2023-01-05 18:07:12 at auth.sso.oidc.OidcCallbackLogic.perform(OidcCallbackLogic.java:104)
2023-01-05 18:07:12 at controllers.SsoCallbackController$SsoCallbackLogic.perform(SsoCallbackController.java:83)
2023-01-05 18:07:12 at controllers.SsoCallbackController$SsoCallbackLogic.perform(SsoCallbackController.java:69)
2023-01-05 18:07:12 at org.pac4j.play.CallbackController.lambda$callback$0(CallbackController.java:56)
2023-01-05 18:07:12 at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1700)
2023-01-05 18:07:12 ... 7 common frames omitted
2023-01-05 18:07:14 10:07:14 [application-akka.actor.default-dispatcher-20] ERROR auth.sso.oidc.OidcCallbackLogic - Unable to renew the session. The session store may not support this feature
2023-01-05 18:07:14 10:07:14 [application-akka.actor.default-dispatcher-20] ERROR controllers.SsoCallbackController - Caught exception while attempting to handle SSO callback! It's likely that SSO integration is mis-configured.
2023-01-05 18:07:14 java.util.concurrent.CompletionException: java.lang.RuntimeException: Failed to resolve user name claim from profile provided by Identity Provider. Missing attribute. Attribute: 'email', Regex: '(.)', Profile: {sub=zYaLC_t6q8ys7Tt1Ut17RVWuxm7Tku5ye-dWBY1ASs, ver=2.0, id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiJlMDgyY2UzMi1mNWI5LTQ5NzEtODE0MS0wNDg4NWQ3OGNhMzAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vMWI1ZWQzMWYtN2Q3NC00ZmNlLWEzYzItM2U5YTMyMDY1MjkzL3YyLjAiLCJpYXQiOjE2NzI5MTI5MzMsIm5iZiI6MTY3MjkxMjkzMywiZXhwIjoxNjcyOTE2ODMzLCJuYW1lIjoieGlleWFvIiwib2lkIjoiZDg0ZThkNGQtZTVlZS00NGM5LTk2ZmItMTE0YWZkYWVkY2U5IiwicHJlZmVycmVkX3VzZXJuYW1lIjoieGlleWFvQGdyb3R0Lm9ubWljcm9zb2Z0LmNvbSIsInJoIjoiMC5BVkFBSDlOZUczUjl6ay1qd2o2YU1nWlNrekxPZ3VDNTlYRkpnVUVFaUYxNHlqQlFBRDQuIiwic3ViIjoiX3pZYUxDX3Q2cTh5czdUdDFVdDE3UlZXdXhtN1RrdTV5ZS1kV0JZMUFTcyIsInRpZCI6IjFiNWVkMzFmLTdkNzQtNGZjZS1hM2MyLTNlOWEzMjA2NTI5MyIsInV0aSI6IlF1dVF4OWJXaVUtdG9qdkpBTWtGQkEiLCJ2ZXIiOiIyLjAifQ.socX7LVobCcwsFt39GnLXc-BbjKa7uFHEsQ_C76n5Jeo7gB1aLmfuaKljQBwg4B6eMfg-v7HaH3gdGHl5U7c-ZUBwvB1JQMDOlsLsC9V6H0QWZOMlAhHkXc0v7vOiLfIF7MWFFFXiQHgVNio9rQB4Fn0uCCFE-xDXeS1XZsUBedEkgXXeCmqpXPM5NSEO45UnRwxxkmCrthU07H9RYv0-A32HfVH9-FLUngaukZ4mX21Ql_90370VHbxSi2ihYk-_Q6_Xwjq2gRjS2-Yh6EvDwFQlfpetLg2VLbk1INm1sekjIyVH3EZCuiXRyLMOx4DrFMsj9_BYwtSes0XFqX9w, iss=https://login.microsoftonline.com/1b5ed31f-7d74-4fce-a3c2-3e9a32065293/v2.0, oid=d84e8d4d-e5ee-44c9-96fb-114afdaedce9, preferred_username=[email protected], uti=QuuQx9bWiU-tojvJAMkFBA, picture=https://graph.microsoft.com/v1.0/me/photo/$value, tid=1b5ed31f-7d74-4fce-a3c2-3e9a32065293, access_token=eyJ0eXAiOiJKV1QiLCJub25jZSI6Ii1IZkNDVktVelhIa0NyQTE3cGZQZFgxYzdQQ2Nxdjk1aHBNRTA1X2hMbzgiLCJhbGciOiJSUzI1NiIsIng1dCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTAwMDAtYzAwMC0wMDAwMDAwMDAwMDAiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8xYjVlZDMxZi03ZDc0LTRmY2UtYTNjMi0zZTlhMzIwNjUyOTMvIiwiaWF0IjoxNjcyOTEyOTMzLCJuYmYiOjE2NzI5MTI5MzMsImV4cCI6MTY3MjkxNzg4NSwiYWNjdCI6MCwiYWNyIjoiMSIsImFpbyI6IkFUUUF5LzhUQUFBQTBNc01vc0NtZXlXZjl1N1ZRKzgzUml6UzhZWWM0SHNzRDJMaFFtSkI1MXYzMUVCR3p2cHNVdXNWM0tMYXFzZkMiLCJhbXIiOlsicHdkIl0sImFwcF9kaXNwbGF5bmFtZSI6ImRhdGFodWItdGVzdCIsImFwcGlkIjoiZTA4MmNlMzItZjViOS00OTcxLTgxNDEtMDQ4ODVkNzhjYTMwIiwiYXBwaWRhY3IiOiIxIiwiaWR0eXAiOiJ1c2VyIiwiaXBhZGRyIjoiMTAzLjExMy4xNTYuNTgiLCJuYW1lIjoieGlleWFvIiwib2lkIjoiZDg0ZThkNGQtZTVlZS00NGM5LTk2ZmItMTE0YWZkYWVkY2U5IiwicGxhdGYiOiIzIiwicHVpZCI6IjEwMDMyMDAxNzY1NjZBMzciLCJyaCI6IjAuQVZBQUg5TmVHM1I5emstandqNmFNZ1pTa3dNQUFBQUFBQUFBd0FBQUFBQUFBQUJRQUQ0LiIsInNjcCI6ImVtYWlsIG9wZW5pZCBwcm9maWxlIiwic2lnbmluX3N0YXRlIjpbImttc2kiXSwic3ViIjoidnRDRGl6OGRtc3JVdDkyTmhQZ0gwLTBDWWJhN0wyLVBKb09qXzNKb05HTSIsInRlbmFudF9yZWdpb25fc2NvcGUiOiJOQSIsInRpZCI6IjFiNWVkMzFmLTdkNzQtNGZjZS1hM2MyLTNlOWEzMjA2NTI5MyIsInVuaXF1ZV9uYW1lIjoieGlleWFvQGdyb3R0Lm9ubWljcm9zb2Z0LmNvbSIsInVwbiI6InhpZXlhb0Bncm90dC5vbm1pY3Jvc29mdC5jb20iLCJ1dGkiOiJRdXVReDliV2lVLXRvanZKQU1rRkJBIiwidmVyIjoiMS4wIiwid2lkcyI6WyI2MmU5MDM5NC02OWY1LTQyMzctOTE5MC0wMTIxNzcxNDVlMTAiLCJiNzlmYmY0ZC0zZWY5LTQ2ODktODE0My03NmIxOTRlODU1MDkiXSwieG1zX3N0Ijp7InN1YiI6Il96WWFMQ190NnE4eXM3VHQxVXQxN1JWV3V4bTdUa3U1eWUtZFdCWTFBU3MifSwieG1zX3RjZHQiOjE2MjkyNjcxMTZ9.sr2TcExYheHCzIoyUzYxOtWD2Z14fKMSG3_9kmzxImKQAuOX23T_dWRHPCWTSi1BgHAph-N7Ax3vZuwmc6U9KPY1c9hyw_bMqzSe-pgXmxhHABN3-RpFPslz6wMOqF5Wf0IGnjTSG2bz3lrCr8oEa_SOH4omspZy8eLXxmnoRlAvptIJ7h46Oj_grBUT6PuAeaFe9Q8QV_0-9-xOag0G1-ukYRjgZgklrBt4uAkN94vKKBJetjay3CKtrrNTCoehA0hv5UOLyXAniDSroUCBR8kgtt2yKaK1kiQP6T8uzFI514g24LPXrOiSIYXsjMA-HYNW9UWDgKxQojRpt7mlDw, token_expiration_advance=-1, aud=[e082ce32-f5b9-4971-8141-04885d78ca30], nbf=Thu Jan 05 10:02:13 GMT 2023, rh=0.AVAAH9NeG3R9zk-jwj6aMgZSkzLOguC59XFJgUEEiF14yjBQAD4., name=test, exp=Thu Jan 05 11:07:13 GMT 2023, iat=Thu Jan 05 10:02:13 GMT 2023}
2023-01-05 18:07:14 at java.base/java.util.concurrent.CompletableFuture.encodeThrowable(CompletableFuture.java:314)
2023-01-05 18:07:14 at java.base/java.util.concurrent.CompletableFuture.completeThrowable(CompletableFuture.java:319)
2023-01-05 18:07:14 at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1702)
2023-01-05 18:07:14 at play.core.j.HttpExecutionContext$$anon$2.run(HttpExecutionContext.scala:77)
2023-01-05 18:07:14 at akka.dispatch.TaskInvocation.run(AbstractDispatcher.scala:41)
2023-01-05 18:07:14 at akka.dispatch.ForkJoinExecutorConfigurator$AkkaForkJoinTask.exec(ForkJoinExecutorConfigurator.scala:49)
2023-01-05 18:07:14 at akka.dispatch.forkjoin.ForkJoinTask.doExec(ForkJoinTask.java:260)
2023-01-05 18:07:14 at akka.dispatch.forkjoin.ForkJoinPool$WorkQueue.runTask(ForkJoinPool.java:1339)
2023-01-05 18:07:14 at akka.dispatch.forkjoin.ForkJoinPool.runWorker(ForkJoinPool.java:1979)
2023-01-05 18:07:14 at akka.dispatch.forkjoin.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:107)
2023-01-05 18:07:14 Caused by: java.lang.RuntimeException: Failed to resolve user name claim from profile provided by Identity Provider. Missing attribute. Attribute: 'email', Regex: '(.)', Profile: {sub=zYaLC_t6q8ys7Tt1Ut17RVWuxm7Tku5ye-dWBY1ASs, ver=2.0, id_token=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiJlMDgyY2UzMi1mNWI5LTQ5NzEtODE0MS0wNDg4NWQ3OGNhMzAiLCJpc3MiOiJodHRwczovL2xvZ2luLm1pY3Jvc29mdG9ubGluZS5jb20vMWI1ZWQzMWYtN2Q3NC00ZmNlLWEzYzItM2U5YTMyMDY1MjkzL3YyLjAiLCJpYXQiOjE2NzI5MTI5MzMsIm5iZiI6MTY3MjkxMjkzMywiZXhwIjoxNjcyOTE2ODMzLCJuYW1lIjoieGlleWFvIiwib2lkIjoiZDg0ZThkNGQtZTVlZS00NGM5LTk2ZmItMTE0YWZkYWVkY2U5IiwicHJlZmVycmVkX3VzZXJuYW1lIjoieGlleWFvQGdyb3R0Lm9ubWljcm9zb2Z0LmNvbSIsInJoIjoiMC5BVkFBSDlOZUczUjl6ay1qd2o2YU1nWlNrekxPZ3VDNTlYRkpnVUVFaUYxNHlqQlFBRDQuIiwic3ViIjoiX3pZYUxDX3Q2cTh5czdUdDFVdDE3UlZXdXhtN1RrdTV5ZS1kV0JZMUFTcyIsInRpZCI6IjFiNWVkMzFmLTdkNzQtNGZjZS1hM2MyLTNlOWEzMjA2NTI5MyIsInV0aSI6IlF1dVF4OWJXaVUtdG9qdkpBTWtGQkEiLCJ2ZXIiOiIyLjAifQ.socX7LVobCcwsFt39GnLXc-BbjKa7uFHEsQ_C76n5Jeo7gB1aLmfuaKljQBwg4B6eMfg-v7HaH3gdGHl5U7c-ZUBwvB1JQMDOlsLsC9V6H0QWZOMlAhHkXc0v7vOiLfIF7MWFFFXiQHgVNio9rQB4Fn0uCCFE-xDXeS1XZsUBedEkgXXeCmqpXPM5NSEO45UnRwxxkmCrthU07H9RYv0-A32HfVH9-FLUngaukZ4mX21Ql_90370VHbxSi2ihYk-_Q6_Xwjq2gRjS2-Yh6EvDwFQlfpetLg2VLbk1INm1sekjIyVH3EZCuiXRyLMOx4DrFMsj9_BYwtSes0XFqX9w, iss=https://login.microsoftonline.com/1b5ed31f-7d74-4fce-a3c2-3e9a32065293/v2.0, oid=d84e8d4d-e5ee-44c9-96fb-114afdaedce9, preferred_username=[email protected], uti=QuuQx9bWiU-tojvJAMkFBA, picture=https://graph.microsoft.com/v1.0/me/photo/$value, tid=1b5ed31f-7d74-4fce-a3c2-3e9a32065293, access_token=eyJ0eXAiOiJKV1QiLCJub25jZSI6Ii1IZkNDVktVelhIa0NyQTE3cGZQZFgxYzdQQ2Nxdjk1aHBNRTA1X2hMbzgiLCJhbGciOiJSUzI1NiIsIng1dCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyIsImtpZCI6Ii1LSTNROW5OUjdiUm9meG1lWm9YcWJIWkdldyJ9.eyJhdWQiOiIwMDAwMDAwMy0wMDAwLTAwMDAtYzAwMC0wMDAwMDAwMDAwMDAiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC8xYjVlZDMxZi03ZDc0LTRmY2UtYTNjMi0zZTlhMzIwNjUyOTMvIiwiaWF0IjoxNjcyOTEyOTMzLCJuYmYiOjE2NzI5MTI5MzMsImV4cCI6MTY3MjkxNzg4NSwiYWNjdCI6MCwiYWNyIjoiMSIsImFpbyI6IkFUUUF5LzhUQUFBQTBNc01vc0NtZXlXZjl1N1ZRKzgzUml6UzhZWWM0SHNzRDJMaFFtSkI1MXYzMUVCR3p2cHNVdXNWM0tMYXFzZkMiLCJhbXIiOlsicHdkIl0sImFwcF9kaXNwbGF5bmFtZSI6ImRhdGFodWItdGVzdCIsImFwcGlkIjoiZTA4MmNlMzItZjViOS00OTcxLTgxNDEtMDQ4ODVkNzhjYTMwIiwiYXBwaWRhY3IiOiIxIiwiaWR0eXAiOiJ1c2VyIiwiaXBhZGRyIjoiMTAzLjExMy4xNTYuNTgiLCJuYW1lIjoieGlleWFvIiwib2lkIjoiZDg0ZThkNGQtZTVlZS00NGM5LTk2ZmItMTE0YWZkYWVkY2U5IiwicGxhdGYiOiIzIiwicHVpZCI6IjEwMDMyMDAxNzY1NjZBMzciLCJyaCI6IjAuQVZBQUg5TmVHM1I5emstandqNmFNZ1pTa3dNQUFBQUFBQUFBd0FBQUFBQUFBQUJRQUQ0LiIsInNjcCI6ImVtYWlsIG9wZW5pZCBwcm9maWxlIiwic2lnbmluX3N0YXRlIjpbImttc2kiXSwic3ViIjoidnRDRGl6OGRtc3JVdDkyTmhQZ0gwLTBDWWJhN0wyLVBKb09qXzNKb05HTSIsInRlbmFudF9yZWdpb25fc2NvcGUiOiJOQSIsInRpZCI6IjFiNWVkMzFmLTdkNzQtNGZjZS1hM2MyLTNlOWEzMjA2NTI5MyIsInVuaXF1ZV9uYW1lIjoieGlleWFvQGdyb3R0Lm9ubWljcm9zb2Z0LmNvbSIsInVwbiI6InhpZXlhb0Bncm90dC5vbm1pY3Jvc29mdC5jb20iLCJ1dGkiOiJRdXVReDliV2lVLXRvanZKQU1rRkJBIiwidmVyIjoiMS4wIiwid2lkcyI6WyI2MmU5MDM5NC02OWY1LTQyMzctOTE5MC0wMTIxNzcxNDVlMTAiLCJiNzlmYmY0ZC0zZWY5LTQ2ODktODE0My03NmIxOTRlODU1MDkiXSwieG1zX3N0Ijp7InN1YiI6Il96WWFMQ190NnE4eXM3VHQxVXQxN1JWV3V4bTdUa3U1eWUtZFdCWTFBU3MifSwieG1zX3RjZHQiOjE2MjkyNjcxMTZ9.sr2TcExYheHCzIoyUzYxOtWD2Z14fKMSG3_9kmzxImKQAuOX23T_dWRHPCWTSi1BgHAph-N7Ax3vZuwmc6U9KPY1c9hyw_bMqzSe-pgXmxhHABN3-RpFPslz6wMOqF5Wf0IGnjTSG2bz3lrCr8oEa_SOH4omspZy8eLXxmnoRlAvptIJ7h46Oj_grBUT6PuAeaFe9Q8QV_0-9-xOag0G1-ukYRjgZgklrBt4uAkN94vKKBJetjay3CKtrrNTCoehA0hv5UOLyXAniDSroUCBR8kgtt2yKaK1kiQP6T8uzFI514g24LPXrOiSIYXsjMA-HYNW9UWDgKxQojRpt7mlDw, token_expiration_advance=-1, aud=[e082ce32-f5b9-4971-8141-04885d78ca30], nbf=Thu Jan 05 10:02:13 GMT 2023, rh=0.AVAAH9NeG3R9zk-jwj6aMgZSkzLOguC59XFJgUEEiF14yjBQAD4., name=test, exp=Thu Jan 05 11:07:13 GMT 2023, iat=Thu Jan 05 10:02:13 GMT 2023}
2023-01-05 18:07:14 at auth.sso.oidc.OidcCallbackLogic.extractUserNameOrThrow(OidcCallbackLogic.java:163)
2023-01-05 18:07:14 at auth.sso.oidc.OidcCallbackLogic.handleOidcCallback(OidcCallbackLogic.java:118)
2023-01-05 18:07:14 at auth.sso.oidc.OidcCallbackLogic.perform(OidcCallbackLogic.java:104)
2023-01-05 18:07:14 at controllers.SsoCallbackController$SsoCallbackLogic.perform(SsoCallbackController.java:83)
2023-01-05 18:07:14 at controllers.SsoCallbackController$SsoCallbackLogic.perform(SsoCallbackController.java:69)
2023-01-05 18:07:14 at org.pac4j.play.CallbackController.lambda$callback$0(CallbackController.java:56)
2023-01-05 18:07:14 at java.base/java.util.concurrent.CompletableFuture$AsyncSupply.run(CompletableFuture.java:1700)

Expected behavior
login successfully by sso with azure.

Desktop (please complete the following information):

  • OS: windows
  • Browser : chrome
  • Version : v0.9.3
@jkl0898 jkl0898 added the bug Bug report label Jan 5, 2023
@adamhowardprice
Copy link

I had a similar issue with #6846 and I believe it was resolved in 0.9.5

@adamhowardprice
Copy link

#6848

@jkl0898
Copy link
Author

jkl0898 commented Jan 6, 2023

I had a similar issue with #6846 and I believe it was resolved in 0.9.5

@adamhowardprice hi, I sloved this by configure this :

  • AUTH_OIDC_USER_NAME_CLAIM=email
    changed to =>
  • AUTH_OIDC_USER_NAME_CLAIM=name

thanks again! hope it will helpful for others who met the same problem.

@jkl0898 jkl0898 closed this as completed Jan 6, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Bug report
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@adamhowardprice @jkl0898