fixed bug in EncryptedUserService:

now allowing to login with real name or email

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>

build.gradle

@@ -5,7 +5,7 @@ plugins {
 
 
 group = 'de.srsoftware'
-version = '1.0-SNAPSHOT'
+version = '1.0.1'
 
 jar.enabled = false
 build.enabled = false

de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/ClientController.java

@@ -210,9 +210,9 @@ public class ClientController extends Controller {
 		for (Object o : json.getJSONArray(REDIRECT_URIS)) {
 			if (o instanceof String s) redirects.add(s);
 		}
-		var landingPage = json.has(LANDING_PAGE) ? json.getString(LANDING_PAGE) : null;
+		var landingPage	   = json.has(LANDING_PAGE) ? json.getString(LANDING_PAGE) : null;
 		var token_duration = Duration.ofMinutes(json.has(TOKEN_VALIDITY) ? json.getLong(TOKEN_VALIDITY) : 10);
-		var client	= new Client(json.getString(CLIENT_ID), json.getString(NAME), json.getString(SECRET), redirects).landingPage(landingPage).tokenValidity(token_duration);
+		var client	   = new Client(json.getString(CLIENT_ID), json.getString(NAME), json.getString(SECRET), redirects).landingPage(landingPage).tokenValidity(token_duration);
 		clients.save(client);
 		return sendContent(ex, client);
 	}

de.srsoftware.oidc.datastore.encrypted/src/main/java/de/srsoftware/oidc/datastore/encrypted/EncryptedUserService.java

@@ -107,8 +107,8 @@ public class EncryptedUserService extends EncryptedConfig implements UserService
 		}
 		for (var encryptedUser : backend.list()) {
 			var decryptedUser = decrypt(encryptedUser);
-			if (!username.equals(decryptedUser.username())) continue;
-			if (hasher.matches(password, decryptedUser.hashedPassword())) {
+			var match	  = List.of(decryptedUser.username(), decryptedUser.realName(), decryptedUser.email()).contains(username);
+			if (match && hasher.matches(password, decryptedUser.hashedPassword())) {
 				this.unlock(username);
 				return Payload.of(decryptedUser);
 			}