Repository: cxf Updated Branches: refs/heads/3.1.x-fixes 28e1d781c -> fbaad8165
Updating the way RP OidcSecurityContext sets the principal name given a principal name is typically a single word, and starting from a preferredUserName Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/fbaad816 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/fbaad816 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/fbaad816 Branch: refs/heads/3.1.x-fixes Commit: fbaad816541bef52cc8d8003e27a3762de82acce Parents: 28e1d78 Author: Sergey Beryozkin <sberyoz...@gmail.com> Authored: Tue Feb 23 16:51:03 2016 +0000 Committer: Sergey Beryozkin <sberyoz...@gmail.com> Committed: Tue Feb 23 16:53:56 2016 +0000 ---------------------------------------------------------------------- .../security/oidc/rp/OidcSecurityContext.java | 30 ++++++++++++++------ 1 file changed, 22 insertions(+), 8 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/fbaad816/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java index 2c50bb8..f84ca1c 100644 --- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java +++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java @@ -23,6 +23,7 @@ import javax.ws.rs.core.SecurityContext; import org.apache.cxf.common.security.SimpleSecurityContext; import org.apache.cxf.jaxrs.utils.HttpUtils; import org.apache.cxf.jaxrs.utils.JAXRSUtils; +import org.apache.cxf.rs.security.oidc.common.AbstractUserInfo; import org.apache.cxf.rs.security.oidc.common.IdToken; public class OidcSecurityContext extends SimpleSecurityContext implements SecurityContext { @@ -44,20 +45,33 @@ public class OidcSecurityContext extends SimpleSecurityContext implements Securi protected static String getPrincipalName(OidcClientTokenContext oidcContext) { String name = null; if (oidcContext.getUserInfo() != null) { - name = oidcContext.getUserInfo().getSubject(); - if (name == null) { - name = oidcContext.getUserInfo().getEmail(); - } + name = getPrincipalName(oidcContext.getUserInfo()); } if (name == null && oidcContext.getIdToken() != null) { - name = oidcContext.getIdToken().getSubject(); - if (name == null) { - name = oidcContext.getIdToken().getEmail(); - } + name = getPrincipalName(oidcContext.getIdToken()); } return name; } + protected static String getPrincipalName(AbstractUserInfo info) { + + String name = info.getPreferredUserName(); + if (name == null) { + name = info.getGivenName(); + } + if (name == null) { + name = info.getNickName(); + } + if (name == null) { + name = info.getName(); + } + if (name == null) { + name = info.getSubject(); + } + return name; + + } + @Override public boolean isSecure() { String value = HttpUtils.getEndpointAddress(JAXRSUtils.getCurrentMessage());