Set username from standard claim.

dkocher · dkocher · commit 9d59914a08b6 · 2025-10-23T16:25:26.000+02:00
diff --git a/oauth/pom.xml b/oauth/pom.xml
@@ -50,5 +50,9 @@
             <groupId>com.google.http-client</groupId>
             <artifactId>google-http-client-gson</artifactId>
         </dependency>
+        <dependency>
+            <groupId>com.auth0</groupId>
+            <artifactId>java-jwt</artifactId>
+        </dependency>
     </dependencies>
 </project>
diff --git a/oauth/src/main/java/ch/cyberduck/core/oauth/OAuth2AuthorizationService.java b/oauth/src/main/java/ch/cyberduck/core/oauth/OAuth2AuthorizationService.java
@@ -35,6 +35,9 @@
 import java.util.List;
 import java.util.Map;
 
+import com.auth0.jwt.JWT;
+import com.auth0.jwt.exceptions.JWTDecodeException;
+import com.auth0.jwt.interfaces.DecodedJWT;
 import com.google.api.client.auth.oauth2.AuthorizationCodeFlow;
 import com.google.api.client.auth.oauth2.AuthorizationCodeRequestUrl;
 import com.google.api.client.auth.oauth2.BearerToken;
@@ -157,6 +160,20 @@ public OAuthTokens validate(final OAuthTokens saved) throws BackgroundException
     public OAuthTokens save(final OAuthTokens tokens) throws LocalAccessDeniedException {
         log.debug("Save new tokens {} for {}", tokens, host);
         credentials.setOauth(tokens).setSaved(new LoginOptions().save);
+        try {
+            final DecodedJWT jwt = JWT.decode(tokens.getIdToken());
+            // Standard claims
+            for(String claim : new String[]{"preferred_username", "email", "name", "nickname", "sub"}) {
+                final String value = jwt.getClaim(claim).asString();
+                if(StringUtils.isNotBlank(value)) {
+                    credentials.setUsername(value);
+                    break;
+                }
+            }
+        }
+        catch(JWTDecodeException e) {
+            log.warn("Failure {} decoding JWT {}", e, tokens.getIdToken());
+        }
         if(credentials.isSaved()) {
             store.save(host);
         }
diff --git a/owncloud/pom.xml b/owncloud/pom.xml
@@ -53,10 +53,6 @@
             <groupId>com.fasterxml.jackson.dataformat</groupId>
             <artifactId>jackson-dataformat-xml</artifactId>
         </dependency>
-        <dependency>
-            <groupId>com.auth0</groupId>
-            <artifactId>java-jwt</artifactId>
-        </dependency>
         <dependency>
             <groupId>ch.cyberduck</groupId>
             <artifactId>test</artifactId>
diff --git a/owncloud/src/main/java/ch/cyberduck/core/owncloud/OwncloudSession.java b/owncloud/src/main/java/ch/cyberduck/core/owncloud/OwncloudSession.java
@@ -15,22 +15,18 @@
  * GNU General Public License for more details.
  */
 
-import ch.cyberduck.core.Credentials;
 import ch.cyberduck.core.DefaultIOExceptionMappingService;
 import ch.cyberduck.core.Host;
 import ch.cyberduck.core.HostKeyCallback;
 import ch.cyberduck.core.ListService;
 import ch.cyberduck.core.LoginCallback;
-import ch.cyberduck.core.OAuthTokens;
 import ch.cyberduck.core.UrlProvider;
 import ch.cyberduck.core.dav.DAVClient;
-import ch.cyberduck.core.dav.DAVDirectoryFeature;
 import ch.cyberduck.core.dav.DAVSession;
 import ch.cyberduck.core.dav.DAVTouchFeature;
 import ch.cyberduck.core.exception.BackgroundException;
 import ch.cyberduck.core.features.AttributesFinder;
 import ch.cyberduck.core.features.Delete;
-import ch.cyberduck.core.features.Directory;
 import ch.cyberduck.core.features.Home;
 import ch.cyberduck.core.features.Lock;
 import ch.cyberduck.core.features.Read;
@@ -62,16 +58,12 @@
 import ch.cyberduck.core.tus.TusWriteFeature;
 
 import org.apache.commons.lang3.ArrayUtils;
-import org.apache.commons.lang3.StringUtils;
 import org.apache.http.client.HttpResponseException;
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
 import java.io.IOException;
 
-import com.auth0.jwt.JWT;
-import com.auth0.jwt.exceptions.JWTDecodeException;
-
 import static ch.cyberduck.core.tus.TusCapabilities.TUS_VERSION;
 
 public class OwncloudSession extends DAVSession {
@@ -104,19 +96,6 @@ protected DAVClient connect(final ProxyFinder proxy, final HostKeyCallback key,
     @Override
     public void login(final LoginCallback prompt, final CancelCallback cancel) throws BackgroundException {
         super.login(prompt, cancel);
-        if(host.getProtocol().isOAuthConfigurable()) {
-            final Credentials credentials = host.getCredentials();
-            final OAuthTokens oauth = credentials.getOauth();
-            try {
-                final String username = JWT.decode(oauth.getIdToken()).getClaim("preferred_username").asString();
-                if(StringUtils.isNotBlank(username)) {
-                    credentials.setUsername(username);
-                }
-            }
-            catch(JWTDecodeException e) {
-                log.warn("Failure {} decoding JWT {}", e, oauth.getIdToken());
-            }
-        }
         try {
             client.execute(new OcsCapabilitiesRequest(host), new OcsCapabilitiesResponseHandler(ocs));
         }
