Skip to content

Commit 9823ae0

Browse files
pi1814ory-bot
pi1814
authored and
ory-bot
committed
chore: update uaepass jsonnet stubs
GitOrigin-RevId: a7105cc75aaea68771fd6d3e1dade7587e9b773a
1 parent 7b18f23 commit 9823ae0

2 files changed

Lines changed: 20 additions & 49 deletions

File tree

selfservice/strategy/oidc/provider_uaepass_test.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,7 +43,7 @@ func TestUAEPassOIDCClaims(t *testing.T) {
4343
"lastnameEN": "Al Rashid",
4444
"lastnameAR": "الراشد",
4545
"uuid": "550e8400-e29b-41d4-a716-446655440000",
46-
"unifiedID": "784-1990-1234567-1",
46+
"unifiedId": "784-1990-1234567-1",
4747
"idn": "784199012345671",
4848
"userType": "SOP1",
4949
"nationalityEN": "ARE",
@@ -80,7 +80,7 @@ func TestUAEPassOIDCClaims(t *testing.T) {
8080
// Verify raw claims contain UAE PASS specific data
8181
require.NotNil(t, claims.RawClaims)
8282
assert.Equal(t, "550e8400-e29b-41d4-a716-446655440000", claims.RawClaims["uuid"])
83-
assert.Equal(t, "784-1990-1234567-1", claims.RawClaims["unifiedID"])
83+
assert.Equal(t, "784-1990-1234567-1", claims.RawClaims["unifiedId"])
8484
assert.Equal(t, "784199012345671", claims.RawClaims["idn"])
8585
assert.Equal(t, "SOP1", claims.RawClaims["userType"])
8686
assert.Equal(t, "ARE", claims.RawClaims["nationalityEN"])

selfservice/strategy/oidc/stub/oidc.uaepass.jsonnet

Lines changed: 18 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -1,61 +1,32 @@
1-
// UAE PASS identity mapper
2-
// Maps UAE PASS claims to Kratos identity traits
3-
//
4-
// UAE PASS provides the following claims (depending on scopes):
5-
// - sub: Subject identifier (unique user ID)
6-
// - email: User's email address
7-
// - fullnameEN / fullnameAR: Full name in English/Arabic
8-
// - firstnameEN / firstnameAR: First name in English/Arabic
9-
// - lastnameEN / lastnameAR: Last name in English/Arabic
10-
// - uuid: UUID identifier
11-
// - unifiedID: UAE unified identifier
12-
// - idn: Identity number
13-
// - userType: Profile type (SOP1=National, SOP2=Resident, SOP3=Visitor)
14-
// - nationalityEN: Nationality
15-
// - gender: Gender
16-
// - dob: Date of birth
17-
// - mobile: Mobile number
18-
191
local claims = std.extVar('claims');
202

21-
// Ensure we have a subject identifier
3+
local raw = claims.raw_claims;
4+
225
if std.length(claims.sub) == 0 then
236
error 'claim sub not set'
247
else
258
{
269
identity: {
2710
traits: {
28-
// Required: subject identifier
2911
subject: claims.sub,
30-
31-
// Email (if available)
32-
[if 'email' in claims && claims.email != '' then 'email' else null]: claims.email,
33-
34-
// Name mapping - prefer English names
35-
[if 'fullnameEN' in claims && claims.fullnameEN != '' then 'name' else null]: {
36-
full: claims.fullnameEN,
37-
[if 'firstnameEN' in claims && claims.firstnameEN != '' then 'first' else null]: claims.firstnameEN,
38-
[if 'lastnameEN' in claims && claims.lastnameEN != '' then 'last' else null]: claims.lastnameEN,
12+
[if "email" in claims && claims.email != '' then "email" else null]: claims.email,
13+
[if "fullnameEN" in raw && raw.fullnameEN != '' then "name" else null]: {
14+
full: raw.fullnameEN,
15+
[if "firstnameEN" in raw && raw.firstnameEN != '' then "first" else null]: raw.firstnameEN,
16+
[if "lastnameEN" in raw && raw.lastnameEN != '' then "last" else null]: raw.lastnameEN,
3917
},
40-
41-
// Arabic name (optional)
42-
[if 'fullnameAR' in claims && claims.fullnameAR != '' then 'name_ar' else null]: {
43-
full: claims.fullnameAR,
44-
[if 'firstnameAR' in claims && claims.firstnameAR != '' then 'first' else null]: claims.firstnameAR,
45-
[if 'lastnameAR' in claims && claims.lastnameAR != '' then 'last' else null]: claims.lastnameAR,
18+
[if "fullnameAR" in raw && raw.fullnameAR != '' then "name_ar" else null]: {
19+
full: raw.fullnameAR,
20+
[if "firstnameAR" in raw && raw.firstnameAR != '' then "first" else null]: raw.firstnameAR,
21+
[if "lastnameAR" in raw && raw.lastnameAR != '' then "last" else null]: raw.lastnameAR,
4622
},
47-
48-
// UAE PASS specific identifiers
49-
[if 'uuid' in claims && claims.uuid != '' then 'uuid' else null]: claims.uuid,
50-
[if 'unifiedID' in claims && claims.unifiedID != '' then 'unified_id' else null]: claims.unifiedID,
51-
[if 'idn' in claims && claims.idn != '' then 'idn' else null]: claims.idn,
52-
53-
// Profile metadata
54-
[if 'userType' in claims && claims.userType != '' then 'user_type' else null]: claims.userType,
55-
[if 'nationalityEN' in claims && claims.nationalityEN != '' then 'nationality' else null]: claims.nationalityEN,
56-
[if 'gender' in claims && claims.gender != '' then 'gender' else null]: claims.gender,
57-
[if 'dob' in claims && claims.dob != '' then 'date_of_birth' else null]: claims.dob,
58-
[if 'mobile' in claims && claims.mobile != '' then 'phone' else null]: claims.mobile,
23+
[if "uuid" in raw && raw.uuid != '' then "uuid" else null]: raw.uuid,
24+
[if "unifiedId" in raw && raw.unifiedId != '' then "unified_id" else null]: raw.unifiedId,
25+
[if "idn" in raw && raw.idn != '' then "idn" else null]: raw.idn,
26+
[if "userType" in raw && raw.userType != '' then "user_type" else null]: raw.userType,
27+
[if "nationalityEN" in raw && raw.nationalityEN != '' then "nationality" else null]: raw.nationalityEN,
28+
[if "gender" in raw && raw.gender != '' then "gender" else null]: raw.gender,
29+
[if "mobile" in raw && raw.mobile != '' then "phone" else null]: raw.mobile,
5930
},
6031
},
6132
}

0 commit comments

Comments
 (0)