...
One may, however, use the mod_rewrite module to write additional environment variables based on those set by mod_auth_openidc. For example to map the given_name claim to ENVOIDC_OISCLAIM_NAME_GIVEN, and similarly for family_name and middle_name, one may use the configuration
Code Block |
---|
RewriteEngine On RewriteCond %{ENVRewriteRule .* - [E=OIDC_CLAIM_NAME_GIVEN:%{HTTP:OIDC_CLAIM_given_name}] RewriteRule ^(.+)$.* - [E=OIDC_CLAIM_NAME_FAMILY:%{HTTP:OIDC_CLAIM_family_name}] RewriteRule .* - [E=ENVOIDC_OISCLAIM_NAME_GIVEN:%1MIDDLE:%{HTTP:OIDC_CLAIM_middle_name}] |
Note that the regular expression used in the RewriteCond
must be like that shown and not capable of matching an empty string. Specifically the regular expression ^(.*)$
will not work since it matches an empty string., however, that this approach only works in the ".htaccess" context (outside of that context the rewrite rules run before the mod_auth_openidc module has had a chance to populate the CGI environment variables). You may add that configuration to the existing file .../app/webroot/.htaccess, but be aware that it will be overwritten when you next upgrade COmanage.