diff --git a/connector/oauth/oauth.go b/connector/oauth/oauth.go index 7bf480cd..74424c2d 100644 --- a/connector/oauth/oauth.go +++ b/connector/oauth/oauth.go @@ -28,6 +28,8 @@ type oauthConnector struct { userInfoURL string scopes []string groupsKey string + userIDKey string + userNameKey string httpClient *http.Client logger log.Logger } @@ -45,6 +47,8 @@ type Config struct { UserInfoURL string `json:"userInfoURL"` Scopes []string `json:"scopes"` GroupsKey string `json:"groupsKey"` + UserIDKey string `json:"userIDKey"` + UserNameKey string `json:"userNameKey"` RootCAs []string `json:"rootCAs"` InsecureSkipVerify bool `json:"insecureSkipVerify"` } @@ -60,6 +64,8 @@ func (c *Config) Open(id string, logger log.Logger) (connector.Connector, error) userInfoURL: c.UserInfoURL, scopes: c.Scopes, groupsKey: c.GroupsKey, + userIDKey: c.UserIDKey, + userNameKey: c.UserNameKey, redirectURI: c.RedirectURI, logger: logger, } @@ -165,17 +171,25 @@ func (c *oauthConnector) HandleCallback(s connector.Scopes, r *http.Request) (id return identity, fmt.Errorf("OAuth Connector: failed to parse userinfo: %v", err) } - identity.UserID, _ = userInfoResult["user_id"].(string) + if c.userIDKey == "" { + c.userIDKey = "user_id" + } + + if c.userNameKey == "" { + c.userNameKey = "user_name" + } + + if c.groupsKey == "" { + c.groupsKey = "groups" + } + + identity.UserID, _ = userInfoResult[c.userIDKey].(string) + identity.Username, _ = userInfoResult[c.userNameKey].(string) identity.Name, _ = userInfoResult["name"].(string) - identity.Username, _ = userInfoResult["user_name"].(string) identity.Email, _ = userInfoResult["email"].(string) identity.EmailVerified, _ = userInfoResult["email_verified"].(bool) if s.Groups { - if c.groupsKey == "" { - c.groupsKey = "groups" - } - groups := map[string]bool{} c.addGroupsFromMap(groups, userInfoResult) diff --git a/connector/oauth/oauth_test.go b/connector/oauth/oauth_test.go index 2a43d72d..cd39d7f9 100644 --- a/connector/oauth/oauth_test.go +++ b/connector/oauth/oauth_test.go @@ -72,8 +72,8 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) { userInfoClaims := map[string]interface{}{ "name": "test-name", - "user_name": "test-username", - "user_id": "test-user-id", + "user_id_key": "test-user-id", + "user_name_key": "test-username", "email": "test-email", "email_verified": true, "groups_key": []string{"admin-group", "user-group"}, @@ -93,6 +93,7 @@ func TestHandleCallBackForGroupsInUserInfo(t *testing.T) { expectEqual(t, identity.Groups[0], "admin-group") expectEqual(t, identity.Groups[1], "user-group") expectEqual(t, identity.Name, "test-name") + expectEqual(t, identity.UserID, "test-user-id") expectEqual(t, identity.Username, "test-username") expectEqual(t, identity.Email, "test-email") expectEqual(t, identity.EmailVerified, true) @@ -106,8 +107,8 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) { userInfoClaims := map[string]interface{}{ "name": "test-name", - "user_name": "test-username", - "user_id": "test-user-id", + "user_id_key": "test-user-id", + "user_name_key": "test-username", "email": "test-email", "email_verified": true, } @@ -124,6 +125,7 @@ func TestHandleCallBackForGroupsInToken(t *testing.T) { expectEqual(t, len(identity.Groups), 1) expectEqual(t, identity.Groups[0], "test-group") expectEqual(t, identity.Name, "test-name") + expectEqual(t, identity.UserID, "test-user-id") expectEqual(t, identity.Username, "test-username") expectEqual(t, identity.Email, "test-email") expectEqual(t, identity.EmailVerified, true) @@ -197,6 +199,8 @@ func newConnector(t *testing.T, serverURL string) *oauthConnector { UserInfoURL: serverURL + "/userinfo", Scopes: []string{"openid", "groups"}, GroupsKey: "groups_key", + UserIDKey: "user_id_key", + UserNameKey: "user_name_key", } log := logrus.New()