inteligr8/alfresco-keycloak
1
0
Fork 0
mirror of https://github.com/bmlong137/alfresco-keycloak.git synced 2025-09-17 14:21:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Translate input to preferred user name

Browse Source
This commit is contained in:
AFaust
2020-05-10 15:04:57 +02:00
parent d10ff3ddd5
commit 390ca566a3
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
repository/src/main/java/de/acosix/alfresco/keycloak/repo/authentication/KeycloakAuthenticationComponent.java
View File

@@ -313,11 +313,14 @@ public class KeycloakAuthenticationComponent extends AbstractAuthenticationCompo
final AccessTokenResponse response; final AccessTokenResponse response;
final VerifiedTokens tokens; final VerifiedTokens tokens;
String realUserName = userName;
try try
{ {
response = this.getAccessTokenImpl(userName, new String(password)); response = this.getAccessTokenImpl(userName, new String(password));
tokens = AdapterTokenVerifier.verifyTokens(response.getToken(), response.getIdToken(), this.deployment); tokens = AdapterTokenVerifier.verifyTokens(response.getToken(), response.getIdToken(), this.deployment);
realUserName = tokens.getAccessToken().getPreferredUsername();
// for potential one-off authentication, we do not care particularly about the token TTL - so no validation here // for potential one-off authentication, we do not care particularly about the token TTL - so no validation here
if (Boolean.TRUE.equals(this.lastTokenResponseStoreEnabled.get())) if (Boolean.TRUE.equals(this.lastTokenResponseStoreEnabled.get()))
@@ -336,7 +339,9 @@ public class KeycloakAuthenticationComponent extends AbstractAuthenticationCompo
throw new AuthenticationException("Failed to authenticate against Keycloak", ioex); throw new AuthenticationException("Failed to authenticate against Keycloak", ioex);
} }
this.setCurrentUser(userName); // TODO Override setCurrentUser to perform user existence validation and role retrieval for non-Keycloak logins (e.g. via public API
// setCurrentUser)
this.setCurrentUser(realUserName);
this.handleUserTokens(tokens.getAccessToken(), tokens.getIdToken(), true); this.handleUserTokens(tokens.getAccessToken(), tokens.getIdToken(), true);
} }