This issue has been created
 
 
OpenId Connect / cid:jira-generated-image-avatar-fc0088b3-c53f-4e73-8e87-d6fafe73d657 OIDC-203 Open

OIDC Authenticator will try to synchronize groups even if no mapping is defined
 
View issue   ·   Add comment
 

Issue created

 
cid:jira-generated-image-avatar-b69c2095-67ce-47a8-94c1-e49032fe011e Clément Aubin created this issue on 19/Nov/24 09:31
 
Summary: OIDC Authenticator will try to synchronize groups even if no mapping is defined
Issue Type: cid:jira-generated-image-avatar-fc0088b3-c53f-4e73-8e87-d6fafe73d657 Bug
Affects Versions: 2.13.1
Assignee: Unassigned
Components: Authenticator
Created: 19/Nov/24 09:31
Priority: cid:jira-generated-image-static-major-522588cf-8e9a-47e1-9944-418a573f6343 Major
Reporter: Clément Aubin
Description:

This issue comes from the fact that #isGroupSync() will return true as soon as a group claim exists (https://github.com/xwiki-contrib/oidc/blob/8e624ade09a6a10b9e695d16d90762c311504b2a/oidc-authenticator/src/main/java/org/xwiki/contrib/oidc/auth/internal/OIDCClientConfiguration.java#L1261) without checking if the mapping actually exists (https://github.com/xwiki-contrib/oidc/blob/8e624ade09a6a10b9e695d16d90762c311504b2a/oidc-authenticator/src/main/java/org/xwiki/contrib/oidc/auth/internal/OIDCClientConfiguration.java#L1276)
 
 
This message was sent by Atlassian Jira (v9.3.0#930000-sha1:287aeb6) Atlassian logo
If image attachments aren't displayed, see this article.