From 488901dd4e17544c88dff95e1b41b6fd23e5bcf3 Mon Sep 17 00:00:00 2001
From: Daniel Shuy <daniel_shuy@hotmail.com>
Date: Thu, 24 Nov 2022 11:47:52 +0800
Subject: [PATCH] Fix Delegation-based Strategy examples

Fix examples not copying userNameAttributeName

Issue gh-12275
Issue gh-12282
Issue gh-14672
---
 .../pages/reactive/oauth2/login/advanced.adoc    | 15 +++++++++++++--
 .../pages/servlet/oauth2/login/advanced.adoc     | 16 ++++++++++++++--
 2 files changed, 27 insertions(+), 4 deletions(-)

diff --git a/docs/modules/ROOT/pages/reactive/oauth2/login/advanced.adoc b/docs/modules/ROOT/pages/reactive/oauth2/login/advanced.adoc
index 319cba192b..e623b58559 100644
--- a/docs/modules/ROOT/pages/reactive/oauth2/login/advanced.adoc
+++ b/docs/modules/ROOT/pages/reactive/oauth2/login/advanced.adoc
@@ -472,7 +472,13 @@ public class OAuth2LoginSecurityConfig {
 						// 2) Map the authority information to one or more GrantedAuthority's and add it to mappedAuthorities
 
 						// 3) Create a copy of oidcUser but use the mappedAuthorities instead
-						oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo());
+						ProviderDetails providerDetails = userRequest.getClientRegistration().getProviderDetails();
+						String userNameAttributeName = providerDetails.getUserInfoEndpoint().getUserNameAttributeName();
+						if (StringUtils.hasText(userNameAttributeName)) {
+							oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo(), userNameAttributeName);
+						} else {
+							oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo());
+						}
 
 						return Mono.just(oidcUser);
 					});
@@ -513,7 +519,12 @@ class OAuth2LoginSecurityConfig {
                     // 1) Fetch the authority information from the protected resource using accessToken
                     // 2) Map the authority information to one or more GrantedAuthority's and add it to mappedAuthorities
                     // 3) Create a copy of oidcUser but use the mappedAuthorities instead
-                    val mappedOidcUser = DefaultOidcUser(mappedAuthorities, oidcUser.idToken, oidcUser.userInfo)
+                    val providerDetails = userRequest.getClientRegistration().getProviderDetails()
+                    val userNameAttributeName = providerDetails.getUserInfoEndpoint().getUserNameAttributeName()
+                    val mappedOidcUser = when (StringUtils.hasText(userNameAttributeName)) {
+                        true -> DefaultOidcUser(mappedAuthorities, oidcUser.idToken, oidcUser.userInfo, userNameAttributeName)
+                        false -> DefaultOidcUser(mappedAuthorities, oidcUser.idToken, oidcUser.userInfo)
+                    }
 
                     Mono.just(mappedOidcUser)
                 }
diff --git a/docs/modules/ROOT/pages/servlet/oauth2/login/advanced.adoc b/docs/modules/ROOT/pages/servlet/oauth2/login/advanced.adoc
index 5fff29302d..fe7d4b373c 100644
--- a/docs/modules/ROOT/pages/servlet/oauth2/login/advanced.adoc
+++ b/docs/modules/ROOT/pages/servlet/oauth2/login/advanced.adoc
@@ -660,7 +660,13 @@ public class OAuth2LoginSecurityConfig {
 			// 2) Map the authority information to one or more GrantedAuthority's and add it to mappedAuthorities
 
 			// 3) Create a copy of oidcUser but use the mappedAuthorities instead
-			oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo());
+			ProviderDetails providerDetails = userRequest.getClientRegistration().getProviderDetails();
+			String userNameAttributeName = providerDetails.getUserInfoEndpoint().getUserNameAttributeName();
+			if (StringUtils.hasText(userNameAttributeName)) {
+				oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo(), userNameAttributeName);
+			} else {
+				oidcUser = new DefaultOidcUser(mappedAuthorities, oidcUser.getIdToken(), oidcUser.getUserInfo());
+			}
 
 			return oidcUser;
 		};
@@ -703,7 +709,13 @@ class OAuth2LoginSecurityConfig  {
             // 1) Fetch the authority information from the protected resource using accessToken
             // 2) Map the authority information to one or more GrantedAuthority's and add it to mappedAuthorities
             // 3) Create a copy of oidcUser but use the mappedAuthorities instead
-            oidcUser = DefaultOidcUser(mappedAuthorities, oidcUser.idToken, oidcUser.userInfo)
+            val providerDetails = userRequest.getClientRegistration().getProviderDetails()
+            val userNameAttributeName = providerDetails.getUserInfoEndpoint().getUserNameAttributeName()
+            if (StringUtils.hasText(userNameAttributeName)) {
+                oidcUser = DefaultOidcUser(mappedAuthorities, oidcUser.idToken, oidcUser.userInfo, userNameAttributeName)
+            else {
+                oidcUser = DefaultOidcUser(mappedAuthorities, oidcUser.idToken, oidcUser.userInfo)
+            }
 
             oidcUser
         }