fixed bug in EncryptedUserService:

now allowing to login with real name or email Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
3 months ago · eafea3b4a1
4 changed files with 6 additions and 6 deletions
--- a/build.gradle
+++ b/build.gradle
@ -5,7 +5,7 @@ plugins {
				@@ -5,7 +5,7 @@ plugins {


 group = 'de.srsoftware'
-version = '1.0-SNAPSHOT'
+version = '1.0.1'

 jar.enabled = false
 build.enabled = false
--- a/de.srsoftware.oidc.backend/build.gradle
+++ b/de.srsoftware.oidc.backend/build.gradle
@ -24,4 +24,4 @@ dependencies {
				@@ -24,4 +24,4 @@ dependencies {

 test {
    useJUnitPlatform()
-}
+}
--- a/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/ClientController.java
+++ b/de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/ClientController.java
@ -210,9 +210,9 @@ public class ClientController extends Controller {
				@@ -210,9 +210,9 @@ public class ClientController extends Controller {
 		for (Object o : json.getJSONArray(REDIRECT_URIS)) {
 			if (o instanceof String s) redirects.add(s);
 		}
-		var landingPage = json.has(LANDING_PAGE) ? json.getString(LANDING_PAGE) : null;
+		var landingPage	   = json.has(LANDING_PAGE) ? json.getString(LANDING_PAGE) : null;
 		var token_duration = Duration.ofMinutes(json.has(TOKEN_VALIDITY) ? json.getLong(TOKEN_VALIDITY) : 10);
-		var client	= new Client(json.getString(CLIENT_ID), json.getString(NAME), json.getString(SECRET), redirects).landingPage(landingPage).tokenValidity(token_duration);
+		var client	   = new Client(json.getString(CLIENT_ID), json.getString(NAME), json.getString(SECRET), redirects).landingPage(landingPage).tokenValidity(token_duration);
 		clients.save(client);
 		return sendContent(ex, client);
 	}
--- a/de.srsoftware.oidc.datastore.encrypted/src/main/java/de/srsoftware/oidc/datastore/encrypted/EncryptedUserService.java
+++ b/de.srsoftware.oidc.datastore.encrypted/src/main/java/de/srsoftware/oidc/datastore/encrypted/EncryptedUserService.java
@ -107,8 +107,8 @@ public class EncryptedUserService extends EncryptedConfig implements UserService
				@@ -107,8 +107,8 @@ public class EncryptedUserService extends EncryptedConfig implements UserService
 		}
 		for (var encryptedUser : backend.list()) {
 			var decryptedUser = decrypt(encryptedUser);
-			if (!username.equals(decryptedUser.username())) continue;
-			if (hasher.matches(password, decryptedUser.hashedPassword())) {
+			var match	  = List.of(decryptedUser.username(), decryptedUser.realName(), decryptedUser.email()).contains(username);
+			if (match && hasher.matches(password, decryptedUser.hashedPassword())) {
 				this.unlock(username);
 				return Payload.of(decryptedUser);
 			}