From 5db3ae6b169557d8d29cde0eb4c4e6ebc62fa690 Mon Sep 17 00:00:00 2001 From: wid Date: Thu, 28 Sep 2023 22:36:19 +0700 Subject: [PATCH] fix(oidc): use fallback to get prefered username (#517) function `getPreferredUsername()` is failed to fetch prefered username when using Google as OpenID provider because the payload inside the JWT does not contains exact "preferred_username" key Signed-off-by: widnyana --- .../src/services/UserService.ts | 26 ++++++++++++++++++- 1 file changed, 25 insertions(+), 1 deletion(-) diff --git a/spiffworkflow-frontend/src/services/UserService.ts b/spiffworkflow-frontend/src/services/UserService.ts index f0a4f5ddb..9f50c10ca 100644 --- a/spiffworkflow-frontend/src/services/UserService.ts +++ b/spiffworkflow-frontend/src/services/UserService.ts @@ -100,12 +100,36 @@ const onlyGuestTaskCompletion = () => { return false; }; +/** + * Return prefered username + * Somehow if using Google as the OpenID provider, the field `preferred_username` is not returned + * therefore a special handling is added to cover the issue. + * Please refer to following link, section 5.1 Standard Claims to find the details: + * https://openid.net/specs/openid-connect-core-1_0.html + * @returns string + */ const getPreferredUsername = () => { const idToken = getIdToken(); if (idToken) { const idObject = jwt(idToken); - return (idObject as any).preferred_username; + + if (idToken === undefined || idToken === 'undefined') { + return null; + } + + if ((idObject as any).preferred_username !== undefined) { + return (idObject as any).preferred_username; + } + + if ((idObject as any).name !== undefined) { + // note: handling response if OpenID is using Google SSO as the provider + return (idObject as any).name; + } + + // fallback to `given_name` as the default value. + return (idObject as any).given_name; } + return null; };