Add Getter/Setter for USERNAME

spring-attic / spring-security-oauth

Support for adding OAuth1(a) and OAuth2 features (consumer and provider) for Spring web applications.

http://github.com/spring-projects/spring-security-oauth

Apache License 2.0

4.7k stars 4.04k forks source link

Add Getter/Setter for USERNAME #1167

Open basketcasey opened 7 years ago

basketcasey commented 7 years ago

Please add getters/setters and change modifiers for: final String USERNAME = "user_name"; in public interface UserAuthenticationConverter Different Token servers user different field names to represent the user's name.

duergner commented 7 years ago

Can't you just implement your own UserAuthenticationConverter in this case?

DeCaMil commented 5 years ago

The definition of USERNAME and AUTHORITIES are final.

They describe part of the UserAuthenticationConverter contract.

The map returned by convertUserAuthentication and consumed by extractAuthentication will always reference the user name by USERNAME and the authorities by AUTHORITIES.

basketcasey commented 5 years ago

Right, and that is problematic when the OAuth Provider doesn't use 'user_name' as the user name attribute like UAA does. When I posted this I wanted to change it to 'upn' (user principal name for Azure AD). I didn't want to add custom security code which we ultimately did anyways.