OIDC: Add configurable user id (between sub and preferred_username)

2026-01-31 00:48:15 +00:00 · 2025-04-16 17:26:12 +02:00
parent fc147c388a
commit 90606092ed
2 changed files with 23 additions and 5 deletions
--- a/crates/frontend/src/oidc/mod.rs
+++ b/crates/frontend/src/oidc/mod.rs
@@ -1,4 +1,7 @@
-use crate::{FrontendConfig, config::OidcConfig};
+use crate::{
+    FrontendConfig,
+    config::{OidcConfig, UserIdClaim},
+};
 use actix_session::Session;
 use actix_web::{
    HttpRequest, HttpResponse, Responder,
@@ -194,10 +197,13 @@ pub async fn route_get_oidc_callback<AP: AuthenticationProvider>(
        }
    }

-    let user_id = user_info_claims
-        .preferred_username()
-        .ok_or(OidcError::Other("Missing preferred_username claim"))?
-        .to_string();
+    let user_id = match oidc_config.userid_claim {
+        UserIdClaim::Sub => user_info_claims.subject().to_string(),
+        UserIdClaim::PreferredUsername => user_info_claims
+            .preferred_username()
+            .ok_or(OidcError::Other("Missing preferred_username claim"))?
+            .to_string(),
+    };

    let mut user = auth_provider.get_principal(&user_id).await?;
    if user.is_none() {