Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Comment | File | Size | Author |
---|---|---|---|
#2 | 2962023-2.patch | 514 bytes | jibran |
Comment | File | Size | Author |
---|---|---|---|
#2 | 2962023-2.patch | 514 bytes | jibran |
Comments
Comment #2
jibranHere we go.
Comment #3
Mario SteinitzThe problem with this approach is, that roles are not default OpenID Connect claims provided by all potential IdPs that come into use with the openid_connect module. It would work with your very special IdP only, if done like this.
Once again, I suggest using
hook_openid_connect_userinfo_save()
. It provides the account that either has been created or identified for authentication, as well as your plugin ID and the entire userinfo within the$context
variable.By enabling the property mapping for every login within the OpenID Connect settings, this hook will be fired on every user login.
In your hook implementation you can then add the roles like this:
PS.: For sure a simplified example, as you might also wish to remove roles?
Let me know, if it worked.
Comment #4
Mario SteinitzComment #5
wluisi CreditAttribution: wluisi as a volunteer commentedI’m not able to get the user roles inside the $context[‘userinfo’] array. This is all that is present in the array when I debug inside an implementation of hook_openid_connect_userinfo_save()
My identity provider is a vanilla D7 site using OAuth2 Server module.
Comment #6
wluisi CreditAttribution: wluisi as a volunteer commentedFigured it out. Adding this here, in case someone else is doing something similar.
On the D7 running OAuth2 Server module, had to use a hook to add the Drupal roles to the claims:
Then on the D8 site, using OpenID Connect module, you can use hook_openid_connect_userinfo_save() to grab the roles and do something with them:
Comment #7
rmrossa CreditAttribution: rmrossa commentedI'm way past this, sorry.
I have a lot of it going on.
Is my admittedly small amount of experience with Drupal the issue or doesn't the hook_openid_connect_userinfo_save() hook exist anymore?
I really need the roles.
I've tried hook_openid_connect_userinfo_alter but the roles aren't being passed in.
Thanks
Comment #8
rcbcool CreditAttribution: rcbcool commentedHello @mario-steinitz,
Some how the hook function hook_openid_connect_userinfo_save() is not triggered and unable to proceed with the Drupal roles mapping.
My custom module has this hook, but it is not triggered.
Any help or suggestion would be really helpful. Thanks.
Comment #9
jcnventura CreditAttribution: jcnventura at 1xINTERNET commented@rcbcool (and @rmrossa) This
hook_openid_connect_userinfo_save()
was added after 8.x-1.0-beta5 was released, and is only available in the new 8.x-1.0-beta6Please open a new issue if you need further assistance with that hook. I'm closing this issue as per #6