proxmox-mirrors/pve-access-control
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-access-control synced 2025-10-04 22:29:06 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

openid: fix username-claim fallback

Browse Source 
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
This commit is contained in:
Thomas Lamprecht 2021-11-25 07:57:10 +01:00
parent ebb14277f1
commit aa71c0f0f6
1 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
src/PVE/API2/OpenId.pm
View File

@ -174,19 +174,19 @@ __PACKAGE__->register_method ({
my $subject = $info->{'sub'}; my $subject = $info->{'sub'};
my $unique_name; my $unique_name;
if (defined(my $user_attr = $config->{'username-claim'})) {
if (defined($info->{$user_attr})) { my $user_attr = $config->{'username-claim'} // 'sub';
$unique_name = $info->{$user_attr}; if (defined($info->{$user_attr})) {
} elsif ($user_attr eq 'subject') { # stay compat with old versions $unique_name = $info->{$user_attr};
$unique_name = $subject; } elsif ($user_attr eq 'subject') { # stay compat with old versions
} elsif ($user_attr eq 'username') { # stay compat with old versions $unique_name = $subject;
my $username = $info->{'preferred_username'}; } elsif ($user_attr eq 'username') { # stay compat with old versions
die "missing claim 'preferred_username'\n" if !defined($username); my $username = $info->{'preferred_username'};
$unique_name = $username; die "missing claim 'preferred_username'\n" if !defined($username);
} else { $unique_name = $username;
# neither the attr nor fallback are defined in info.. } else {
die "missing configured claim '$user_attr'\n"; # neither the attr nor fallback are defined in info..
} die "missing configured claim '$user_attr' in returned info object\n";
} }
my $username = "${unique_name}\@${realm}"; my $username = "${unique_name}\@${realm}";