From e266335e237de8fb18be4e3a75240972d96a92ee Mon Sep 17 00:00:00 2001 From: Zach <4939037+zacxihu@users.noreply.github.com> Date: Fri, 17 Oct 2025 20:56:26 -0700 Subject: [PATCH] Fix hardcoded OIDC mapping (#1371) --- .../booklore/config/security/filter/CoverJwtFilter.java | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/booklore-api/src/main/java/com/adityachandel/booklore/config/security/filter/CoverJwtFilter.java b/booklore-api/src/main/java/com/adityachandel/booklore/config/security/filter/CoverJwtFilter.java index 19b02196b..84ca1af2c 100644 --- a/booklore-api/src/main/java/com/adityachandel/booklore/config/security/filter/CoverJwtFilter.java +++ b/booklore-api/src/main/java/com/adityachandel/booklore/config/security/filter/CoverJwtFilter.java @@ -5,6 +5,7 @@ import com.adityachandel.booklore.config.security.service.DynamicOidcJwtProcesso import com.adityachandel.booklore.config.security.userdetails.UserAuthenticationDetails; import com.adityachandel.booklore.mapper.custom.BookLoreUserTransformer; import com.adityachandel.booklore.model.dto.BookLoreUser; +import com.adityachandel.booklore.model.dto.settings.OidcProviderDetails; import com.adityachandel.booklore.model.entity.BookLoreUserEntity; import com.adityachandel.booklore.repository.UserRepository; import com.adityachandel.booklore.service.appsettings.AppSettingService; @@ -75,7 +76,9 @@ public class CoverJwtFilter extends OncePerRequestFilter { throw new RuntimeException("OIDC token expired or invalid"); } - String username = claimsSet.getStringClaim("preferred_username"); + OidcProviderDetails providerDetails = appSettingService.getAppSettings().getOidcProviderDetails(); + OidcProviderDetails.ClaimMapping claimMapping = providerDetails.getClaimMapping(); + String username = claimsSet.getStringClaim(claimMapping.getUsername()); BookLoreUserEntity entity = userRepository.findByUsername(username).orElseThrow(() -> new UsernameNotFoundException("OIDC user not found: " + username)); BookLoreUser user = bookLoreUserTransformer.toDTO(entity);