root
/
spring-boot
mirror of https://github.com/spring-projects/spring-boot.git
1
0
Fork 0
Code Issues Actions Packages Projects Releases Wiki Activity

Make UserInfoTokenServices.getPrincipal protected 

Update UserInfoTokenServices.getPrincipal() so that it can be overridden
by subclasses to allow a custom authenticated principal to be returned
from the authorized request parameters.

Fixes gh-5053
This commit is contained in:
Sergey Pauk 2016-01-30 04:17:25 +02:00 committed by Phillip Webb
parent b1656be3d0
commit 8542f4f481
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
spring-boot-autoconfigure/src/main/java/org/springframework/boot/autoconfigure/security/oauth2/resource/UserInfoTokenServices.java
View File

@ -99,7 +99,13 @@ public class UserInfoTokenServices implements ResourceServerTokenServices {
return new OAuth2Authentication(request, token);
}
private Object getPrincipal(Map<String, Object> map) {
/**
* Return the principal that should be used for the token. The default implementation
* looks for well know {@code user*} keys in the map.
* @param map the source map
* @return the principal or {@literal "unknown"}
*/
protected Object getPrincipal(Map<String, Object> map) {
for (String key : PRINCIPAL_KEYS) {
if (map.containsKey(key)) {
return map.get(key);