diff --git a/connector/oauth/oauth.go b/connector/oauth/oauth.go index 056a1715..849db331 100644 --- a/connector/oauth/oauth.go +++ b/connector/oauth/oauth.go @@ -21,18 +21,19 @@ import ( ) type oauthConnector struct { - clientID string - clientSecret string - redirectURI string - tokenURL string - authorizationURL string - userInfoURL string - scopes []string - groupsKey string - userIDKey string - userNameKey string - httpClient *http.Client - logger log.Logger + clientID string + clientSecret string + redirectURI string + tokenURL string + authorizationURL string + userInfoURL string + scopes []string + groupsKey string + userIDKey string + userNameKey string + preferredUsernameKey string + httpClient *http.Client + logger log.Logger } type connectorData struct { @@ -40,18 +41,19 @@ type connectorData struct { } type Config struct { - ClientID string `json:"clientID"` - ClientSecret string `json:"clientSecret"` - RedirectURI string `json:"redirectURI"` - TokenURL string `json:"tokenURL"` - AuthorizationURL string `json:"authorizationURL"` - UserInfoURL string `json:"userInfoURL"` - Scopes []string `json:"scopes"` - GroupsKey string `json:"groupsKey"` - UserIDKey string `json:"userIDKey"` - UserNameKey string `json:"userNameKey"` - RootCAs []string `json:"rootCAs"` - InsecureSkipVerify bool `json:"insecureSkipVerify"` + ClientID string `json:"clientID"` + ClientSecret string `json:"clientSecret"` + RedirectURI string `json:"redirectURI"` + TokenURL string `json:"tokenURL"` + AuthorizationURL string `json:"authorizationURL"` + UserInfoURL string `json:"userInfoURL"` + Scopes []string `json:"scopes"` + GroupsKey string `json:"groupsKey"` + UserIDKey string `json:"userIDKey"` + UserNameKey string `json:"userNameKey"` + PreferredUsernameKey string `json:"preferredUsernameKey"` + RootCAs []string `json:"rootCAs"` + InsecureSkipVerify bool `json:"insecureSkipVerify"` } func (c *Config) Open(id string, logger log.Logger) (connector.Connector, error) { @@ -182,9 +184,13 @@ func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (id c.groupsKey = "groups" } + if c.preferredUsernameKey == "" { + c.preferredUsernameKey = "preferred_username" + } + identity.UserID, _ = userInfoResult[c.userIDKey].(string) identity.Username, _ = userInfoResult[c.userNameKey].(string) - identity.PreferredUsername, _ = userInfoResult["name"].(string) + identity.PreferredUsername, _ = userInfoResult[c.preferredUsernameKey].(string) identity.Email, _ = userInfoResult["email"].(string) identity.EmailVerified, _ = userInfoResult["email_verified"].(bool) diff --git a/connector/oauth/oauth_test.go b/connector/oauth/oauth_test.go index a496bb82..3ee06207 100644 --- a/connector/oauth/oauth_test.go +++ b/connector/oauth/oauth_test.go @@ -71,12 +71,13 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) { tokenClaims := map[string]interface{}{} userInfoClaims := map[string]interface{}{ - "name": "test-name", - "user_id_key": "test-user-id", - "user_name_key": "test-username", - "email": "test-email", - "email_verified": true, - "groups_key": []string{"admin-group", "user-group"}, + "name": "test-name", + "user_id_key": "test-user-id", + "user_name_key": "test-username", + "preferred_username": "test-preferred-username", + "email": "test-email", + "email_verified": true, + "groups_key": []string{"admin-group", "user-group"}, } testServer := testSetup(t, tokenClaims, userInfoClaims) @@ -92,9 +93,9 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) { expectEqual(t, len(identity.Groups), 2) expectEqual(t, identity.Groups[0], "admin-group") expectEqual(t, identity.Groups[1], "user-group") - expectEqual(t, identity.PreferredUsername, "test-name") expectEqual(t, identity.UserID, "test-user-id") expectEqual(t, identity.Username, "test-username") + expectEqual(t, identity.PreferredUsername, "test-preferred-username") expectEqual(t, identity.Email, "test-email") expectEqual(t, identity.EmailVerified, true) } @@ -105,11 +106,12 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) { } userInfoClaims := map[string]interface{}{ - "name": "test-name", - "user_id_key": "test-user-id", - "user_name_key": "test-username", - "email": "test-email", - "email_verified": true, + "name": "test-name", + "user_id_key": "test-user-id", + "user_name_key": "test-username", + "preferred_username": "test-preferred-username", + "email": "test-email", + "email_verified": true, } testServer := testSetup(t, tokenClaims, userInfoClaims) @@ -123,7 +125,7 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) { expectEqual(t, len(identity.Groups), 1) expectEqual(t, identity.Groups[0], "test-group") - expectEqual(t, identity.PreferredUsername, "test-name") + expectEqual(t, identity.PreferredUsername, "test-preferred-username") expectEqual(t, identity.UserID, "test-user-id") expectEqual(t, identity.Username, "test-username") expectEqual(t, identity.Email, "test-email") diff --git a/docs/connectors/oauth.md b/docs/connectors/oauth.md index b4a5e9a5..2092b495 100644 --- a/docs/connectors/oauth.md +++ b/docs/connectors/oauth.md @@ -35,15 +35,15 @@ connectors: # scopes: # - identity - # Optional: Configurable keys for user id field look up + # Optional: Configurable keys for groups claim look up # Default: groups # groupsKey: - # Optional: Configurable keys for name field look up + # Optional: Configurable keys for user ID claim look up # Default: user_id # userIDKey: - # Optional: Configurable keys for username field look up - # Default: user_name - # userNameKey: -``` \ No newline at end of file + # Optional: Configurable keys for preferred username claim look up + # Default: preferred_username + # preferredUsernameKey: +```