opendev/gerrit
Code Issues Proposed changes

OAuthRealm should not overwrite custom AuthRequest parameters

Browse Source 
If the incoming AuthRequest already has pre-initialized
email address or display name and it is allowed to customize
these parameters in the account settings, ignore the parameters
coming from the OAuth provider.

Change-Id: I77403a10c68cd6c9306aab32277b5ddd02e2539d
Signed-off-by: Michael Ochmann <michael.ochmann@sap.com>
This commit is contained in:
Michael Ochmann
2016-05-03 13:43:05 +02:00
parent 1703aff9f0
commit c033fa8554
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
gerrit-server/src/main/java/com/google/gerrit/server/auth/oauth/OAuthRealm.java
View File

@@ -104,10 +104,14 @@ public class OAuthRealm extends AbstractRealm {
if (userInfo == null) {
throw new AccountException("Cannot authenticate");
}
if (!Strings.isNullOrEmpty(userInfo.getEmailAddress())) {
if (!Strings.isNullOrEmpty(userInfo.getEmailAddress())
&& (Strings.isNullOrEmpty(who.getUserName())
|| !allowsEdit(FieldName.REGISTER_NEW_EMAIL))) {
who.setEmailAddress(userInfo.getEmailAddress());
}
if (!Strings.isNullOrEmpty(userInfo.getDisplayName())) {
if (!Strings.isNullOrEmpty(userInfo.getDisplayName())
&& (Strings.isNullOrEmpty(who.getDisplayName())
|| !allowsEdit(FieldName.FULL_NAME))) {
who.setDisplayName(userInfo.getDisplayName());
}
return who;