Add email to JWT

GitOrigin-RevId: d3140dd2744b458157f291e69550e790e019004b
CentraleSupelec · Dec 4, 2024 · 23ac684 · 23ac684
1 parent 0966ef1
commit 23ac684
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 4 deletions.
diff --git a/back/CHANGELOG.md b/back/CHANGELOG.md
@@ -5,6 +5,10 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0.html).
 
 ## Unreleased
+## 2.30.0
+- Add email and enabbled fields in user CRUD
+- Add email in generated JWT
+
 ## 2.29.0
 ### Added
 - Add OIDC

diff --git a/back/src/main/java/fr/centralesupelec/thuv/lti/LtiController.java b/back/src/main/java/fr/centralesupelec/thuv/lti/LtiController.java
@@ -154,7 +154,7 @@ public ResponseEntity<String> launch(
 
         String localToken = jwtTokenProvider
                 .generateToken(
-                        user.getEmail(), TokenOrigin.LTI
+                        user.getUsername(), user.getEmail(), TokenOrigin.LTI
                 );
 
         activityLogger.log(LogAction.USER_LOGIN_LTI, user);

diff --git a/back/src/main/java/fr/centralesupelec/thuv/security/JwtTokenProvider.java b/back/src/main/java/fr/centralesupelec/thuv/security/JwtTokenProvider.java
@@ -33,7 +33,7 @@ public JwtTokenProvider(
         verifier = JWT.require(algorithmHS256).build();
     }
 
-    public String generateToken(String username, TokenOrigin tokenOrigin) {
+    public String generateToken(String username, String email, TokenOrigin tokenOrigin) {
 
         Date now = new Date();
         Date expiryDate = new Date(now.getTime() + jwtExpirationInMs);
@@ -45,6 +45,7 @@ public String generateToken(String username, TokenOrigin tokenOrigin) {
                 .withExpiresAt(expiryDate)
                 .withIssuedAt(now)
                 .withSubject(username)
+                .withClaim("email", email)
                 .withClaim("origin", tokenOrigin.toString())
                 .sign(algorithmHS256);
     }

diff --git a/back/src/main/java/fr/centralesupelec/thuv/security/OIDCService.java b/back/src/main/java/fr/centralesupelec/thuv/security/OIDCService.java
@@ -58,7 +58,7 @@ public String getLocalTokenFromOIDCToken(String oidcToken) {
                 myUserDetailsService.ensureTeacher(user);
             }
 
-            String jwtToken = jwtTokenProvider.generateToken(user.getEmail(), TokenOrigin.OIDC);
+            String jwtToken = jwtTokenProvider.generateToken(user.getUsername(), user.getEmail(), TokenOrigin.OIDC);
             logger.debug("JWT token: " + jwtToken);
             activityLogger.log(LogAction.USER_LOGIN_OIDC, user);
             return jwtToken;

diff --git a/back/src/main/java/fr/centralesupelec/thuv/security/controllers/CasController.java b/back/src/main/java/fr/centralesupelec/thuv/security/controllers/CasController.java
@@ -126,7 +126,7 @@ public ResponseEntity<?> login(
 
             String jwtToken = jwtTokenProvider
                     .generateToken(
-                            user.getEmail(), TokenOrigin.CAS
+                            user.getUsername(), user.getEmail(), TokenOrigin.CAS
                     );
             logger.debug("JWT token: " + jwtToken);
             activityLogger.log(LogAction.USER_LOGIN_CAS, user);