Skip to content

Expose user name attribute name in OAuth2UserAuthority #15012

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Expose user name attribute name in OAuth2UserAuthority #15012

wants to merge 1 commit into from

Conversation

filiphr
Copy link
Contributor

@filiphr filiphr commented May 6, 2024

We are using custom GrantedAuthoritiesMapper that is doing some custom loading of attributes based on the OAuth2UserAuthority. We've had some request to do something based on the user name. Currently, there is no easy way to access the configured username attribute name.

The goal of this PR is to expose this information directly in the OAuth2UserAuthority and this make it easy to get the username from the attributes.

An alternative could also be to expose getUserName and just use the userNameAttributeName in the OAuth2UserAuthority.

I hope that you'll consider this PR, if there is anything that you think should be added or done better please let me know

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label May 6, 2024
@filiphr
Copy link
Contributor Author

filiphr commented May 28, 2024

Can someone from the Spring Security team have a look at this? If this is something that you are not interested in then let me know and we can close it.

@sjohnr sjohnr self-assigned this May 30, 2024
@sjohnr sjohnr added type: enhancement A general enhancement in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) and removed status: waiting-for-triage An issue we've not yet triaged labels May 30, 2024
@sjohnr
Copy link
Contributor

sjohnr commented May 30, 2024

Thanks @filiphr! I'll be taking a look at this and send any feedback in the next few days. Overall it seems reasonable and a nice enhancement so I think we should be able to accept it.

sjohnr added a commit that referenced this pull request Jun 3, 2024
@sjohnr
Polish gh-15012
7c45ebd
@sjohnr
Copy link
Contributor

sjohnr commented Jun 3, 2024

Thanks @filiphr! This is now merged as 99aee99 with minor polish 7c45ebd.

@sjohnr sjohnr closed this Jun 3, 2024
@sjohnr sjohnr modified the milestone: 6.4.0-M1 Jun 3, 2024
sjohnr added a commit that referenced this pull request Jun 4, 2024
@sjohnr
Add since 6.4
3acd2c6 
Issue gh-15012
@filiphr
Copy link
Contributor Author

filiphr commented Jun 10, 2024

Thanks a lot for merging this @sjohnr

@filiphr filiphr deleted the expose-username-attribute-name branch December 11, 2024 10:33
@rwinch rwinch mentioned this pull request Jun 23, 2025
Open
yybmion added a commit to yybmion/spring-security that referenced this pull request Jun 25, 2025
@yybmion
Add SpEL support for nested username extraction in OAuth2
8854409 
- Add usernameExpression property with SpEL evaluation support
- Auto-convert userNameAttributeName to SpEL for backward compatibility
- Use SimpleEvaluationContext for secure expression evaluation
- Pass evaluated username to OAuth2UserAuthority for spring-projectsgh-15012 compatibility
- Add Builder pattern to DefaultOAuth2User
- Support nested property access (e.g., "data.username")

Fixes spring-projectsgh-16390

Signed-off-by: yybmion <yunyubin54@gmail.com>
yybmion added a commit to yybmion/spring-security that referenced this pull request Jun 25, 2025
@yybmion
Add SpEL support for nested username extraction in OAuth2
7ca25b8 
- Add usernameExpression property with SpEL evaluation support
- Auto-convert userNameAttributeName to SpEL for backward compatibility
- Use SimpleEvaluationContext for secure expression evaluation
- Pass evaluated username to OAuth2UserAuthority for spring-projectsgh-15012 compatibility
- Add Builder pattern to DefaultOAuth2User
- Support nested property access (e.g., "data.username")

Fixes spring-projectsgh-16390

Signed-off-by: yybmion <yunyubin54@gmail.com>
yybmion added a commit to yybmion/spring-security that referenced this pull request Jun 25, 2025
@yybmion
Add SpEL support for nested username extraction in OAuth2
0f6d3ce 
- Add usernameExpression property with SpEL evaluation support
- Auto-convert userNameAttributeName to SpEL for backward compatibility
- Use SimpleEvaluationContext for secure expression evaluation
- Pass evaluated username to OAuth2UserAuthority for spring-projectsgh-15012 compatibility
- Add Builder pattern to DefaultOAuth2User
- Support nested property access (e.g., "data.username")

Fixes spring-projectsgh-16390

Signed-off-by: yybmion <yunyubin54@gmail.com>
yybmion added a commit to yybmion/spring-security that referenced this pull request Jun 25, 2025
@yybmion
Add SpEL support for nested username extraction in OAuth2
5798e87 
- Add usernameExpression property with SpEL evaluation support
- Auto-convert userNameAttributeName to SpEL for backward compatibility
- Use SimpleEvaluationContext for secure expression evaluation
- Pass evaluated username to OAuth2UserAuthority for spring-projectsgh-15012 compatibility
- Add Builder pattern to DefaultOAuth2User
- Support nested property access (e.g., "data.username")

Fixes spring-projectsgh-16390

Signed-off-by: yybmion <yunyubin54@gmail.com>
yybmion added a commit to yybmion/spring-security that referenced this pull request Jun 26, 2025
@yybmion
Add SpEL support for nested username extraction in OAuth2
adb119d 
- Add usernameExpression property with SpEL evaluation support
- Auto-convert userNameAttributeName to SpEL for backward compatibility
- Use SimpleEvaluationContext for secure expression evaluation
- Pass evaluated username to OAuth2UserAuthority for spring-projectsgh-15012 compatibility
- Add Builder pattern to DefaultOAuth2User
- Support nested property access (e.g., "data.username")

Fixes spring-projectsgh-16390

Signed-off-by: yybmion <yunyubin54@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@sjohnr sjohnr

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: enhancement A general enhancement
Projects
None yet
Milestone
6.4.0-M1
Development

Successfully merging this pull request may close these issues.
3 participants
@filiphr @sjohnr @spring-projects-issues