1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/CasApi.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/CasApi.java
index 450549f..27310cd 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/oauth/CasApi.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/CasApi.java
@@ -15,7 +15,7 @@
package com.googlesource.gerrit.plugins.oauth;
import com.github.scribejava.core.builder.api.DefaultApi20;
-import com.github.scribejava.core.extractors.OAuth2AccessTokenExtractor;
+import com.github.scribejava.core.extractors.OAuth2AccessTokenJsonExtractor;
import com.github.scribejava.core.extractors.TokenExtractor;
import com.github.scribejava.core.model.OAuth2AccessToken;
import com.github.scribejava.core.oauth2.bearersignature.BearerSignature;
@@ -47,6 +47,6 @@ public class CasApi extends DefaultApi20 {
@Override
public TokenExtractor<OAuth2AccessToken> getAccessTokenExtractor() {
- return OAuth2AccessTokenExtractor.instance();
+ return OAuth2AccessTokenJsonExtractor.instance();
}
}
diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java
index 5f3e4a1..fc5bc50 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/CasOAuthService.java
@@ -106,36 +106,14 @@ class CasOAuthService implements OAuthServiceProvider {
throw new IOException(String.format("CAS response missing id: %s", response.getBody()));
}
- JsonElement attrListJson = jsonObject.get("attributes");
- if (attrListJson == null) {
- throw new IOException(
- String.format("CAS response missing attributes: %s", response.getBody()));
- }
-
String email = null, name = null, login = null;
- if (attrListJson.isJsonArray()) {
- // It is possible for CAS to be configured to not return any attributes (email, name,
- // login),
- // in which case,
- // CAS returns an empty JSON object "attributes":{}, rather than "null" or an empty JSON
- // array
- // "attributes": []
-
- JsonArray attrJson = attrListJson.getAsJsonArray();
- for (JsonElement elem : attrJson) {
- if (elem == null || !elem.isJsonObject()) {
- throw new IOException(String.format("Invalid JSON '%s': not a JSON Object", elem));
- }
- JsonObject obj = elem.getAsJsonObject();
-
- String property = getStringElement(obj, "email");
- if (property != null) email = property;
- property = getStringElement(obj, "name");
- if (property != null) name = property;
- property = getStringElement(obj, "login");
- if (property != null) login = property;
- }
- }
+
+ String property = getStringElement(jsonObject, "mail");
+ if (property != null) email = property;
+ property = getStringElement(jsonObject, "displayName");
+ if (property != null) name = property;
+ property = getStringElement(jsonObject, "uid");
+ if (property != null) login = property;
return new OAuthUserInfo(
CAS_PROVIDER_PREFIX + id.getAsString(),
|
