Closed sberyozkin closed 1 month ago
Given that JsonWebToken#getName
is coming from Principal#getName
which does not have a uniqueness constraint, simplest can be fix the JavaDocs not to require a unique name - it is impossible to enforce given that preferred_username
fallback exists. Removing to enforce the uniqueness constraint does not seem reasonable as it would change the message of Principal#getName
marking it as resolved by #332 for now
@FroMage has noticed an obvious conflict in the
JsonWebToken#getName()
Java Docs, wherepreferred_username
is mentioned as a fallback:https://github.com/eclipse/microprofile-jwt-auth/blob/master/api/src/main/java/org/eclipse/microprofile/jwt/JsonWebToken.java#L40
(Also, that JavaDoc needs to be synced with the spec text which mentions
sub
as the final fallback).However the very same OIDC docs for
preferred_username
to which MP JWT links to says:which conflicts with the
Returns the unique name of this principal.
message inJsonWebToken#getName()
Java Docs.My proposal would be to deprecate
preferred_username
as a possible fallback fromupn
.Or, given how long
preferred_username
has been around as a fallback fromupn
, instead fix the java docs and explain the principal name is not guaranteed to be unique and advise users get eitherupn
orsub
claims directly