(sling-org-apache-sling-auth-oauth-client) branch master updated: SLING-12926 SlingLoginCookieManager hardcodes the idp name to 'oidc' (#30)

Fri, 05 Sep 2025 06:54:32 -0700 

This is an automated email from the ASF dual-hosted git repository.

rombert pushed a commit to branch master
in repository 
https://gitbox.apache.org/repos/asf/sling-org-apache-sling-auth-oauth-client.git


The following commit(s) were added to refs/heads/master by this push:
     new 6795cc2  SLING-12926 SlingLoginCookieManager hardcodes the idp name to 
'oidc' (#30)
6795cc2 is described below

commit 6795cc2c8efcd7def1bafb2bb47d244db7847cc2
Author: Nicola Scendoni <[email protected]>
AuthorDate: Fri Sep 5 15:53:33 2025 +0200

    SLING-12926 SlingLoginCookieManager hardcodes the idp name to 'oidc' (#30)
---
 .../sling/auth/oauth_client/impl/SlingLoginCookieManager.java | 11 ++++++++---
 .../sling/auth/oauth_client/AuthorizationCodeFlowIT.java      |  8 +++++++-
 2 files changed, 15 insertions(+), 4 deletions(-)

diff --git 
a/src/main/java/org/apache/sling/auth/oauth_client/impl/SlingLoginCookieManager.java
 
b/src/main/java/org/apache/sling/auth/oauth_client/impl/SlingLoginCookieManager.java
index b3aa3a0..54ba4a0 100644
--- 
a/src/main/java/org/apache/sling/auth/oauth_client/impl/SlingLoginCookieManager.java
+++ 
b/src/main/java/org/apache/sling/auth/oauth_client/impl/SlingLoginCookieManager.java
@@ -54,6 +54,7 @@ public class SlingLoginCookieManager implements 
LoginCookieManager {
     private final TokenStore tokenStore;
     private final long sessionTimeout;
     private final String cookieName;
+    private final String idpName;
 
     @ObjectClassDefinition(
             name = "Apache Sling Token Update Configuration for OIDC 
Authentication Handler",
@@ -70,6 +71,9 @@ public class SlingLoginCookieManager implements 
LoginCookieManager {
 
         @AttributeDefinition(name = "cookieName", description = "Cookie Name")
         String cookieName() default "sling.oidcauth";
+
+        @AttributeDefinition(name = "idpName", description = "IdP Name")
+        String idpName();
     }
 
     @Activate
@@ -83,6 +87,7 @@ public class SlingLoginCookieManager implements 
LoginCookieManager {
         this.sessionTimeout = config.sessionTimeout();
         this.cookieName = config.cookieName();
         this.tokenStore = new TokenStore(tokenFile, sessionTimeout, fastSeed);
+        this.idpName = config.idpName();
     }
 
     @Override
@@ -134,16 +139,16 @@ public class SlingLoginCookieManager implements 
LoginCookieManager {
         return null;
     }
 
-    private static @Nullable AuthenticationInfo createAuthInfo(@NotNull final 
String authData) {
+    private @Nullable AuthenticationInfo createAuthInfo(@NotNull final String 
authData) {
         final String userId = getUserId(authData);
         if (userId == null) {
             return null;
         }
 
-        OidcAuthCredentials credentials = new OidcAuthCredentials(userId, 
"oidc");
+        OidcAuthCredentials credentials = new OidcAuthCredentials(userId, 
idpName);
         credentials.setAttribute(".token", "");
 
-        AuthenticationInfo authInfo = new AuthenticationInfo("oidc", userId);
+        AuthenticationInfo authInfo = new AuthenticationInfo(idpName, userId);
         authInfo.put(JcrResourceConstants.AUTHENTICATION_INFO_CREDENTIALS, 
credentials);
 
         return authInfo;
diff --git 
a/src/test/java/org/apache/sling/auth/oauth_client/AuthorizationCodeFlowIT.java 
b/src/test/java/org/apache/sling/auth/oauth_client/AuthorizationCodeFlowIT.java
index 4509bc5..732e803 100644
--- 
a/src/test/java/org/apache/sling/auth/oauth_client/AuthorizationCodeFlowIT.java
+++ 
b/src/test/java/org/apache/sling/auth/oauth_client/AuthorizationCodeFlowIT.java
@@ -57,6 +57,7 @@ import 
org.apache.sling.auth.oauth_client.impl.JcrUserHomeOAuthTokenStore;
 import org.apache.sling.auth.oauth_client.impl.OAuthConnectionImpl;
 import org.apache.sling.auth.oauth_client.impl.OAuthCookieValue;
 import org.apache.sling.auth.oauth_client.impl.OidcConnectionImpl;
+import org.apache.sling.auth.oauth_client.impl.SlingLoginCookieManager;
 import org.apache.sling.auth.oauth_client.impl.SlingUserInfoProcessorImpl;
 import org.apache.sling.auth.oauth_client.itbundle.SupportBundle;
 import 
org.apache.sling.commons.crypto.internal.EnvironmentVariablePasswordProvider;
@@ -356,6 +357,10 @@ class AuthorizationCodeFlowIT {
         configPidsToCleanup.add(sling.adaptTo(OsgiConsoleClient.class)
                 .editConfiguration(JcrUserHomeOAuthTokenStore.class.getName(), 
null, Map.of("unused", "unused")));
 
+        // configure login cookie manager
+        configPidsToCleanup.add(sling.adaptTo(OsgiConsoleClient.class)
+                .editConfiguration(SlingLoginCookieManager.class.getName(), 
null, Map.of("idpName", "oidc-idp")));
+
         String oidcConnectionName = "keycloak";
 
         // configure connection to keycloak
@@ -429,7 +434,7 @@ class AuthorizationCodeFlowIT {
                         EXTERNAL_LOGIN_MODULE_FACTORY_PID,
                         Map.of(
                                 "sync.handlerName", "oidc",
-                                "idp.name", "oidc")));
+                                "idp.name", "oidc-idp")));
 
         configPidsToCleanup.add(sling.adaptTo(OsgiConsoleClient.class)
                 .editConfiguration(
@@ -448,6 +453,7 @@ class AuthorizationCodeFlowIT {
                 "callbackUri", "http://localhost:"; + slingPort + TEST_PATH + 
"/j_security_check");
 
         authenticationHandlerConfig.put("pkceEnabled", 
Boolean.toString(withPkce));
+        authenticationHandlerConfig.put("idp", "oidc-idp");
 
         configPidsToCleanup.add(sling.adaptTo(OsgiConsoleClient.class)
                 .editConfiguration(

Reply via email to