fixed bug in EncryptedUserService:

now allowing to login with real name or email Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
7 months ago · eafea3b4a1
4 changed files with 6 additions and 6 deletions
--- a/build.gradle
+++ b/build.gradle
@ -5,7 +5,7 @@ plugins {
				@@ -5,7 +5,7 @@ plugins {


 group = 'de.srsoftware'
-version = '1.0-SNAPSHOT'
+version = '1.0.1'

 jar.enabled = false
 build.enabled = false
--- a/de.srsoftware.oidc.datastore.encrypted/src/main/java/de/srsoftware/oidc/datastore/encrypted/EncryptedUserService.java
+++ b/de.srsoftware.oidc.datastore.encrypted/src/main/java/de/srsoftware/oidc/datastore/encrypted/EncryptedUserService.java
@ -107,8 +107,8 @@ public class EncryptedUserService extends EncryptedConfig implements UserService
				@@ -107,8 +107,8 @@ public class EncryptedUserService extends EncryptedConfig implements UserService
 		}
 		for (var encryptedUser : backend.list()) {
 			var decryptedUser = decrypt(encryptedUser);
-			if (!username.equals(decryptedUser.username())) continue;
-			if (hasher.matches(password, decryptedUser.hashedPassword())) {
+			var match	  = List.of(decryptedUser.username(), decryptedUser.realName(), decryptedUser.email()).contains(username);
+			if (match && hasher.matches(password, decryptedUser.hashedPassword())) {
 				this.unlock(username);
 				return Payload.of(decryptedUser);
 			}