How I can change OIDC_CLAIM_email to HTTP_EMAIL?

Back to discussions

Expand all | Collapse all

How I can change OIDC_CLAIM_email to HTTP_EMAIL?

1. How I can change OIDC_CLAIM_email to HTTP_EMAIL?

0 Recommend
Naresh Garg
Posted Sep 08, 2018 08:58 AM

Reply Reply Privately
I am using CA SSO R12.8 and OIDC module with Apache 2.4.x. I am able to generate all these OIDC_Claim successfully. I don't want to install Web Agent/AG and don't want to make any application changes on this environment. I want that application can get HTTP_EMAIL headers to process user request.
Could someone please help me how I can change OIDC_Claim_email to HTTP_EMAIL?

2. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?

Recommend

Legacy User

Posted Sep 09, 2018 01:34 PM

NarGarg

If we see the CA SSO Reponse being sent (as in FWSTrace.log) it is plain "email".

That is the way 'OIDC module with Apache 2.4.x' is coded to present the Responses it received from the OIDC Provider.

It is up to the Client receiving the response to present in the format needed.

Have we asked the question on the "OIDC module with Apache" blog ? GitHub - zmartzone/mod_auth_openidc: OpenID Connect Relying Party and OAuth 2.0 Resource Server for Apache HTTP Server 2…

FWSTrace (CA SSO)
[01/05/2018][21:19:14][30688][140099174143744][1e0e460c-69574e63-e3578943-ab2f10d6-ca5e1a46-42c][UserInfoService.java][sendUserInfoTokenResponse][Sending User Info response: {"sub":"AAAAAA","nonce":"v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes","uid":"AAAAAA","name":"AAAAAA","given_name":"AAAAAA","middle_name":"AAAAAA","family_name":"AAAAAA","email":"AAAAAA@ca.com"}] [01/05/2018][21:19:14][30688][140099174143744][1e0e460c-69574e63-e3578943-ab2f10d6-ca5e1a46-42c][UserInfoService.java][sendUserInfoTokenResponse][Content Type of User Info response:application/json]

FWSTrace (CA SSO)

[01/05/2018][21:19:14][30688][140099174143744][1e0e460c-69574e63-e3578943-ab2f10d6-ca5e1a46-42c][UserInfoService.java][sendUserInfoTokenResponse][Sending User Info response:
{"sub":"AAAAAA","nonce":"v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes","uid":"AAAAAA","name":"AAAAAA","given_name":"AAAAAA","middle_name":"AAAAAA","family_name":"AAAAAA","email":"AAAAAA@ca.com"}]
[01/05/2018][21:19:14][30688][140099174143744][1e0e460c-69574e63-e3578943-ab2f10d6-ca5e1a46-42c][UserInfoService.java][sendUserInfoTokenResponse][Content Type of User Info response:application/json]

OIDC Apache Module
[Fri Jan 05 15:19:14.563635 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/mod_auth_openidc.c(1258): [client 144.229.219.107:50494] oidc_copy_tokens_to_request_state: id_token={"sub":"AAAAAA","aud":"0005dec0-b545-1a00-ac4a-da8e90e5177f","auth_time":1515187148,"iss":"https://server.ca.com:9443","iat":1515187151,"exp":1515187451,"nonce":"v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes"} claims={"sub":"AAAAAA","nonce":"v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes","middle_name":"AAAAAA","family_name":"AAAAAA","email":"AAAAAA@ca.com","uid":"AAAAAA","given_name":"AAAAAA","name":"AAAAAA"} [Fri Jan 05 15:19:14.563657 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_sub: AAAAAA [Fri Jan 05 15:19:14.563661 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_sub: AAAAAA" [Fri Jan 05 15:19:14.563665 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_email: AAAAAA@ca.com [Fri Jan 05 15:19:14.563668 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_email: AAAAAA@ca.com" [Fri Jan 05 15:19:14.563673 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_family_name: AAAAAA [Fri Jan 05 15:19:14.563676 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_family_name: AAAAAA" [Fri Jan 05 15:19:14.563680 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_middle_name: AAAAAA [Fri Jan 05 15:19:14.563683 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_middle_name: AAAAAA" [Fri Jan 05 15:19:14.563686 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_nonce: v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes [Fri Jan 05 15:19:14.563700 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_nonce: v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes" [Fri Jan 05 15:19:14.563706 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_given_name: AAAAAA [Fri Jan 05 15:19:14.563709 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_given_name: AAAAAA" [Fri Jan 05 15:19:14.563713 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_uid: AAAAAA [Fri Jan 05 15:19:14.563716 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_uid: AAAAAA" [Fri Jan 05 15:19:14.563720 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_name: AAAAAA [Fri Jan 05 15:19:14.563723 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_name: AAAAAA" [Fri Jan 05 15:19:14.563738 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_aud: 0005dec0-b545-1a00-ac4a-da8e90e5177f [Fri Jan 05 15:19:14.563742 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_aud: 0005dec0-b545-1a00-ac4a-da8e90e5177f" [Fri Jan 05 15:19:14.563746 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_sub: AAAAAA [Fri Jan 05 15:19:14.563749 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_sub: AAAAAA" [Fri Jan 05 15:19:14.563755 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_auth_time: 1515187148 [Fri Jan 05 15:19:14.563758 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_auth_time: 1515187148" [Fri Jan 05 15:19:14.563763 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_iat: 1515187151 [Fri Jan 05 15:19:14.563766 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_iat: 1515187151" [Fri Jan 05 15:19:14.563770 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_iss: https://server.ca.com:9443 [Fri Jan 05 15:19:14.563773 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_iss: https://server.ca.com:9443" [Fri Jan 05 15:19:14.563778 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_exp: 1515187451 [Fri Jan 05 15:19:14.563781 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_exp: 1515187451" [Fri Jan 05 15:19:14.563785 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_nonce: v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes [Fri Jan 05 15:19:14.563794 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_nonce: v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes" [Fri Jan 05 15:19:14.563801 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_access_token: MThjYzJkOGItYmMwOC00YWM2LThhZjYtMzJjYzNmZTY2MzYyLU9LTkVmS0wvdEgyVTNjMzZmMXVLVkx0TE1xUT0= [Fri Jan 05 15:19:14.563805 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_access_token: MThjYzJkOGItYmMwOC00YWM2LThhZjYtMzJjYzNmZTY2MzYyLU9LTkVmS0wvdEgyVTNjMzZmMXVLVkx0TE1xUT0=" [Fri Jan 05 15:19:14.563810 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_access_token_expires: 1515187454 [Fri Jan 05 15:19:14.563813 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_access_token_expires: 1515187454" [Fri Jan 05 15:19:14.563818 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/mod_auth_openidc.c(900): [client 144.229.219.107:50494] oidc_log_session_expires: session inactivity timeout: Fri, 05 Jan 2018 21:24:14 GMT (in 299 secs from now) [Fri Jan 05 15:19:14.563823 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2191): [client 144.229.219.107:50494] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_session=14a8cd0e-f25e-11e7-9a49-5956742b80a7 [Fri Jan 05 15:19:14.563828 2018] [authz_core:debug] [pid 1805:tid 140597700556544] mod_authz_core.c(809): [client 144.229.219.107:50494] AH01626: authorization result of Require valid-user : granted [Fri Jan 05 15:19:14.563831 2018] [authz_core:debug] [pid 1805:tid 140597700556544] mod_authz_core.c(809): [client 144.229.219.107:50494] AH01626: authorization result of <RequireAny>: granted

OIDC Apache Module

[Fri Jan 05 15:19:14.563635 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/mod_auth_openidc.c(1258): [client 144.229.219.107:50494] oidc_copy_tokens_to_request_state: id_token={"sub":"AAAAAA","aud":"0005dec0-b545-1a00-ac4a-da8e90e5177f","auth_time":1515187148,"iss":"https://server.ca.com:9443","iat":1515187151,"exp":1515187451,"nonce":"v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes"} claims={"sub":"AAAAAA","nonce":"v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes","middle_name":"AAAAAA","family_name":"AAAAAA","email":"AAAAAA@ca.com","uid":"AAAAAA","given_name":"AAAAAA","name":"AAAAAA"}
[Fri Jan 05 15:19:14.563657 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_sub: AAAAAA
[Fri Jan 05 15:19:14.563661 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_sub: AAAAAA"
[Fri Jan 05 15:19:14.563665 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_email: AAAAAA@ca.com
[Fri Jan 05 15:19:14.563668 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_email: AAAAAA@ca.com"
[Fri Jan 05 15:19:14.563673 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_family_name: AAAAAA
[Fri Jan 05 15:19:14.563676 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_family_name: AAAAAA"
[Fri Jan 05 15:19:14.563680 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_middle_name: AAAAAA
[Fri Jan 05 15:19:14.563683 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_middle_name: AAAAAA"
[Fri Jan 05 15:19:14.563686 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_nonce: v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes
[Fri Jan 05 15:19:14.563700 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_nonce: v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes"
[Fri Jan 05 15:19:14.563706 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_given_name: AAAAAA
[Fri Jan 05 15:19:14.563709 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_given_name: AAAAAA"
[Fri Jan 05 15:19:14.563713 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_uid: AAAAAA
[Fri Jan 05 15:19:14.563716 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_uid: AAAAAA"
[Fri Jan 05 15:19:14.563720 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_name: AAAAAA
[Fri Jan 05 15:19:14.563723 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_name: AAAAAA"
[Fri Jan 05 15:19:14.563738 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_aud: 0005dec0-b545-1a00-ac4a-da8e90e5177f
[Fri Jan 05 15:19:14.563742 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_aud: 0005dec0-b545-1a00-ac4a-da8e90e5177f"
[Fri Jan 05 15:19:14.563746 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_sub: AAAAAA
[Fri Jan 05 15:19:14.563749 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_sub: AAAAAA"
[Fri Jan 05 15:19:14.563755 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_auth_time: 1515187148
[Fri Jan 05 15:19:14.563758 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_auth_time: 1515187148"
[Fri Jan 05 15:19:14.563763 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_iat: 1515187151
[Fri Jan 05 15:19:14.563766 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_iat: 1515187151"
[Fri Jan 05 15:19:14.563770 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_iss: https://server.ca.com:9443
[Fri Jan 05 15:19:14.563773 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_iss: https://server.ca.com:9443"
[Fri Jan 05 15:19:14.563778 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_exp: 1515187451
[Fri Jan 05 15:19:14.563781 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_exp: 1515187451"
[Fri Jan 05 15:19:14.563785 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_CLAIM_nonce: v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes
[Fri Jan 05 15:19:14.563794 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_CLAIM_nonce: v-qxwgrm0Xg2hs_LeyM5zO8s8HqKiaYDpXW864HCIes"
[Fri Jan 05 15:19:14.563801 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_access_token: MThjYzJkOGItYmMwOC00YWM2LThhZjYtMzJjYzNmZTY2MzYyLU9LTkVmS0wvdEgyVTNjMzZmMXVLVkx0TE1xUT0=
[Fri Jan 05 15:19:14.563805 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_access_token: MThjYzJkOGItYmMwOC00YWM2LThhZjYtMzJjYzNmZTY2MzYyLU9LTkVmS0wvdEgyVTNjMzZmMXVLVkx0TE1xUT0="
[Fri Jan 05 15:19:14.563810 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2223): [client 144.229.219.107:50494] oidc_util_hdr_table_set: OIDC_access_token_expires: 1515187454
[Fri Jan 05 15:19:14.563813 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(1680): [client 144.229.219.107:50494] oidc_util_set_app_info: setting environment variable "OIDC_access_token_expires: 1515187454"
[Fri Jan 05 15:19:14.563818 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/mod_auth_openidc.c(900): [client 144.229.219.107:50494] oidc_log_session_expires: session inactivity timeout: Fri, 05 Jan 2018 21:24:14 GMT (in 299 secs from now)
[Fri Jan 05 15:19:14.563823 2018] [auth_openidc:debug] [pid 1805:tid 140597700556544] src/util.c(2191): [client 144.229.219.107:50494] oidc_util_hdr_in_get: Cookie=mod_auth_openidc_session=14a8cd0e-f25e-11e7-9a49-5956742b80a7
[Fri Jan 05 15:19:14.563828 2018] [authz_core:debug] [pid 1805:tid 140597700556544] mod_authz_core.c(809): [client 144.229.219.107:50494] AH01626: authorization result of Require valid-user : granted
[Fri Jan 05 15:19:14.563831 2018] [authz_core:debug] [pid 1805:tid 140597700556544] mod_authz_core.c(809): [client 144.229.219.107:50494] AH01626: authorization result of <RequireAny>: granted

3. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?

0 Recommend
Broadcom Employee

Mukund Mallar
Posted Sep 09, 2018 02:56 PM

Reply Reply Privately
GitHub page is a good forum, but as far as my interaction with the author was usually to report issues or enhancements with the Apache module. A more open group (suggested by author as wel for questions/discussion) for discussion is https://groups.google.com/forum/m/#!forum/mod_auth_openidc
Check this out and you will find might some useful tips and insights here.
4. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?

0 Recommend
Broadcom Employee

Mukund Mallar
Posted Sep 09, 2018 02:36 PM

Reply Reply Privately
Have you tried using Apache headers module to set headers? You can pick the value from oidc claim that carries email (response from OP), maybe from Apache’s environment variables and then set http_mail header value as that email. Apache has documentation on how you can achieve this. Again to get the values in Apache’s environment variables , you will need to set the module to write those by specifying the value for OIDCPassClaimsAs parameter.
5. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?

0 Recommend
Kaladhar Brahmanapally
Posted Sep 09, 2018 03:07 PM

Reply Reply Privately
check this out where the claim prefix can be changed from default one https://github.com/zmartzone/mod_auth_openidc/blob/master/auth_openidc.conf#L497

# The prefix to use when setting claims (openid-connect or oauth20) in the HTTP headers/environment variables.
# This prefix should not be set to "" except when combined with OIDCWhiteListedClaims to maintain a secure setup.
# When not defined, the default "OIDC_CLAIM_" is used.
#OIDCClaimPrefix <prefix>
6. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?

0 Recommend
Naresh Garg
Posted Sep 09, 2018 05:38 PM

Reply Reply Privately
Thanks all for your response. I never used mod_write in Apache. I will use those links to find out if I will create these HTTP headers.
7. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?

0 Recommend
Naresh Garg
Posted Sep 09, 2018 06:41 PM

Reply Reply Privately
I tried these options but didn't work.

Symantec Access Management

How I can change OIDC_CLAIM_email to HTTP_EMAIL?

Naresh GargSep 08, 2018 08:58 AM

Legacy UserSep 09, 2018 01:34 PM

Mukund MallarSep 09, 2018 02:56 PM

Mukund MallarSep 09, 2018 02:36 PM

Kaladhar BrahmanapallySep 09, 2018 03:07 PM

Naresh GargSep 09, 2018 05:38 PM

Naresh GargSep 09, 2018 06:41 PM

1. How I can change OIDC_CLAIM_email to HTTP_EMAIL?

2. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?

3. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?

4. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?

5. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?

6. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?

7. Re: How I can change OIDC_CLAIM_email to HTTP_EMAIL?