Return-Path: 
 <commits-return-39647-apmail-cxf-commits-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-commits-archive@www.apache.org
Delivered-To: apmail-cxf-commits-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 5FB10183DA
	for <apmail-cxf-commits-archive@www.apache.org>;
 Mon, 14 Dec 2015 15:22:20 +0000 (UTC)
Received: (qmail 4297 invoked by uid 500); 14 Dec 2015 15:22:20 -0000
Delivered-To: apmail-cxf-commits-archive@cxf.apache.org
Received: (qmail 4169 invoked by uid 500); 14 Dec 2015 15:22:20 -0000
Mailing-List: contact commits-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:commits-help@cxf.apache.org>
List-Unsubscribe: <mailto:commits-unsubscribe@cxf.apache.org>
List-Post: <mailto:commits@cxf.apache.org>
List-Id: <commits.cxf.apache.org>
Reply-To: dev@cxf.apache.org
Delivered-To: mailing list commits@cxf.apache.org
Received: (qmail 2042 invoked by uid 99); 14 Dec 2015 15:22:18 -0000
Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org)
 (140.211.11.23)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 14 Dec 2015 15:22:18 +0000
Received: by git1-us-west.apache.org (ASF Mail Server at
 git1-us-west.apache.org, from userid 33)
	id 476C6E07F6; Mon, 14 Dec 2015 15:22:18 +0000 (UTC)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: jbernhardt@apache.org
To: commits@cxf.apache.org
Message-Id: <33ae8ed17f0a489cabe727ed0affe0d7@git.apache.org>
X-Mailer: ASF-Git Admin Mailer
Subject: cxf git commit: Prefer Subject Name over E-Mail address when creating
 the users principal
Date: Mon, 14 Dec 2015 15:22:18 +0000 (UTC)

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes f6a96430b -> 1a5708e21


Prefer Subject Name over E-Mail address when creating the users principal


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/1a5708e2
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/1a5708e2
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/1a5708e2

Branch: refs/heads/3.1.x-fixes
Commit: 1a5708e21708a9ed96991cd56ff89b3fd4eac15a
Parents: f6a9643
Author: Jan Bernhardt <jbernhardt@talend.com>
Authored: Mon Dec 14 16:16:45 2015 +0100
Committer: Jan Bernhardt <jbernhardt@talend.com>
Committed: Mon Dec 14 16:21:44 2015 +0100

----------------------------------------------------------------------
 .../security/oidc/rp/OidcSecurityContext.java   | 24 ++++++++++++++------
 1 file changed, 17 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/1a5708e2/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java
index d31c189..2c50bb8 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/rp/OidcSecurityContext.java
@@ -27,33 +27,43 @@ import org.apache.cxf.rs.security.oidc.common.IdToken;
 
 public class OidcSecurityContext extends SimpleSecurityContext implements SecurityContext {
     private OidcClientTokenContext oidcContext;
+
     public OidcSecurityContext(IdToken token) {
         this(new OidcClientTokenContextImpl(token));
     }
+
     public OidcSecurityContext(OidcClientTokenContext oidcContext) {
         super(getPrincipalName(oidcContext));
         this.oidcContext = oidcContext;
     }
+
     public OidcClientTokenContext getOidcContext() {
         return oidcContext;
     }
-    private static String getPrincipalName(OidcClientTokenContext oidcContext) {
+
+    protected static String getPrincipalName(OidcClientTokenContext oidcContext) {
+        String name = null;
         if (oidcContext.getUserInfo() != null) {
-            return oidcContext.getUserInfo().getEmail();
-        } else {
-            IdToken token = oidcContext.getIdToken();
-            String name = token.getEmail();
+            name = oidcContext.getUserInfo().getSubject();
             if (name == null) {
-                name = token.getSubject();
+                name = oidcContext.getUserInfo().getEmail();
             }
-            return name;
         }
+        if (name == null && oidcContext.getIdToken() != null) {
+            name = oidcContext.getIdToken().getSubject();
+            if (name == null) {
+                name = oidcContext.getIdToken().getEmail();
+            }
+        }
+        return name;
     }
+
     @Override
     public boolean isSecure() {
         String value = HttpUtils.getEndpointAddress(JAXRSUtils.getCurrentMessage());
         return value.startsWith("https://");
     }
+
     @Override
     public String getAuthenticationScheme() {
         return "OIDC";