IDEMPIERE-5354 Manage use case for microsoft OAuth2 preferred_username (FHCA-3757) (#1483)
* IDEMPIERE-5354 Manage use case for microsoft OAuth2 preferred_username (FHCA-3757) * IDEMPIERE-5354 Manage use case for microsoft OAuth2 preferred_username (FHCA-3757)
This commit is contained in:
parent
acc95a705c
commit
52e5e17fed
|
@ -0,0 +1,70 @@
|
||||||
|
-- IDEMPIERE-5354 Manage use case for microsoft OAuth2 preferred_username (FHCA-3757)
|
||||||
|
SELECT register_migration_script('202209061839_IDEMPIERE-5354.sql') FROM dual;
|
||||||
|
|
||||||
|
SET SQLBLANKLINES ON
|
||||||
|
SET DEFINE OFF
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 6:39:31 PM CEST
|
||||||
|
INSERT INTO AD_Element (AD_Element_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,ColumnName,Name,Description,Help,PrintName,EntityType,AD_Element_UU) VALUES (203652,0,0,'Y',TO_TIMESTAMP('2022-09-06 18:39:05','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2022-09-06 18:39:05','YYYY-MM-DD HH24:MI:SS'),100,'Preferred_UserName','Preferred User Name',NULL,NULL,'Preferred User Name','D','ebd1289c-1990-4830-a692-e25607b68e19')
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 6:39:45 PM CEST
|
||||||
|
INSERT INTO AD_Column (AD_Column_ID,Version,Name,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,IsHtml) VALUES (215284,0,'Preferred User Name',200272,'Preferred_UserName',1000,'N','N','N','N','N',0,'N',10,0,0,'Y',TO_TIMESTAMP('2022-09-06 18:39:45','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2022-09-06 18:39:45','YYYY-MM-DD HH24:MI:SS'),100,203652,'Y','Y','D','N','N','N','Y','fe8b3a07-abd5-45ff-b9a6-29dacc8999e8','Y',10,'N','N','N')
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 6:39:52 PM CEST
|
||||||
|
ALTER TABLE AD_AuthorizationAccount ADD Preferred_UserName VARCHAR2(1000 CHAR) DEFAULT NULL
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:36:38 PM CEST
|
||||||
|
INSERT INTO AD_Field (AD_Field_ID,Name,AD_Tab_ID,AD_Column_ID,IsDisplayed,DisplayLength,SeqNo,IsSameLine,IsHeading,IsFieldOnly,IsEncrypted,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,IsReadOnly,IsCentrallyMaintained,EntityType,AD_Field_UU,IsDisplayedGrid,SeqNoGrid,ColumnSpan) VALUES (207188,'Preferred User Name',200287,215284,'Y',1000,150,'N','N','N','N',0,0,'Y',TO_TIMESTAMP('2022-09-06 19:36:37','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2022-09-06 19:36:37','YYYY-MM-DD HH24:MI:SS'),100,'N','Y','D','5949327f-b53c-4697-9883-1b967de1ba20','Y',120,5)
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET IsDisplayed='Y', SeqNo=50, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, XPosition=4, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206586
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=60, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206585
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET IsDisplayed='Y', SeqNo=70, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, XPosition=4, ColumnSpan=2, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=207188
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=80, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206587
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=90, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206588
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=100, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206589
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=110, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206590
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=120, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206591
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=130, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206592
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=140, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206593
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=150, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206594
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:38:30 PM CEST
|
||||||
|
UPDATE AD_Field SET IsReadOnly='Y', AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:38:30','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=207188
|
||||||
|
;
|
||||||
|
|
|
@ -0,0 +1,67 @@
|
||||||
|
-- IDEMPIERE-5354 Manage use case for microsoft OAuth2 preferred_username (FHCA-3757)
|
||||||
|
SELECT register_migration_script('202209061839_IDEMPIERE-5354.sql') FROM dual;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 6:39:31 PM CEST
|
||||||
|
INSERT INTO AD_Element (AD_Element_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,ColumnName,Name,Description,Help,PrintName,EntityType,AD_Element_UU) VALUES (203652,0,0,'Y',TO_TIMESTAMP('2022-09-06 18:39:05','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2022-09-06 18:39:05','YYYY-MM-DD HH24:MI:SS'),100,'Preferred_UserName','Preferred User Name',NULL,NULL,'Preferred User Name','D','ebd1289c-1990-4830-a692-e25607b68e19')
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 6:39:45 PM CEST
|
||||||
|
INSERT INTO AD_Column (AD_Column_ID,Version,Name,AD_Table_ID,ColumnName,FieldLength,IsKey,IsParent,IsMandatory,IsTranslated,IsIdentifier,SeqNo,IsEncrypted,AD_Reference_ID,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,AD_Element_ID,IsUpdateable,IsSelectionColumn,EntityType,IsSyncDatabase,IsAlwaysUpdateable,IsAutocomplete,IsAllowLogging,AD_Column_UU,IsAllowCopy,SeqNoSelection,IsToolbarButton,IsSecure,IsHtml) VALUES (215284,0,'Preferred User Name',200272,'Preferred_UserName',1000,'N','N','N','N','N',0,'N',10,0,0,'Y',TO_TIMESTAMP('2022-09-06 18:39:45','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2022-09-06 18:39:45','YYYY-MM-DD HH24:MI:SS'),100,203652,'Y','Y','D','N','N','N','Y','fe8b3a07-abd5-45ff-b9a6-29dacc8999e8','Y',10,'N','N','N')
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 6:39:52 PM CEST
|
||||||
|
ALTER TABLE AD_AuthorizationAccount ADD COLUMN Preferred_UserName VARCHAR(1000) DEFAULT NULL
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:36:38 PM CEST
|
||||||
|
INSERT INTO AD_Field (AD_Field_ID,Name,AD_Tab_ID,AD_Column_ID,IsDisplayed,DisplayLength,SeqNo,IsSameLine,IsHeading,IsFieldOnly,IsEncrypted,AD_Client_ID,AD_Org_ID,IsActive,Created,CreatedBy,Updated,UpdatedBy,IsReadOnly,IsCentrallyMaintained,EntityType,AD_Field_UU,IsDisplayedGrid,SeqNoGrid,ColumnSpan) VALUES (207188,'Preferred User Name',200287,215284,'Y',1000,150,'N','N','N','N',0,0,'Y',TO_TIMESTAMP('2022-09-06 19:36:37','YYYY-MM-DD HH24:MI:SS'),100,TO_TIMESTAMP('2022-09-06 19:36:37','YYYY-MM-DD HH24:MI:SS'),100,'N','Y','D','5949327f-b53c-4697-9883-1b967de1ba20','Y',120,5)
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET IsDisplayed='Y', SeqNo=50, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, XPosition=4, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206586
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=60, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206585
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET IsDisplayed='Y', SeqNo=70, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, XPosition=4, ColumnSpan=2, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=207188
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=80, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206587
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=90, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206588
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=100, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206589
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=110, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206590
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=120, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206591
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=130, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206592
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=140, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206593
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:37:20 PM CEST
|
||||||
|
UPDATE AD_Field SET SeqNo=150, AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:37:20','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=206594
|
||||||
|
;
|
||||||
|
|
||||||
|
-- Sep 6, 2022, 7:38:30 PM CEST
|
||||||
|
UPDATE AD_Field SET IsReadOnly='Y', AD_Reference_Value_ID=NULL, AD_Val_Rule_ID=NULL, IsToolbarButton=NULL,Updated=TO_TIMESTAMP('2022-09-06 19:38:30','YYYY-MM-DD HH24:MI:SS'),UpdatedBy=100 WHERE AD_Field_ID=207188
|
||||||
|
;
|
||||||
|
|
|
@ -22,7 +22,7 @@ import org.compiere.util.KeyNamePair;
|
||||||
|
|
||||||
/** Generated Interface for AD_AuthorizationAccount
|
/** Generated Interface for AD_AuthorizationAccount
|
||||||
* @author iDempiere (generated)
|
* @author iDempiere (generated)
|
||||||
* @version Release 9
|
* @version Release 10
|
||||||
*/
|
*/
|
||||||
public interface I_AD_AuthorizationAccount
|
public interface I_AD_AuthorizationAccount
|
||||||
{
|
{
|
||||||
|
@ -100,8 +100,8 @@ public interface I_AD_AuthorizationAccount
|
||||||
/** Column name AD_Client_ID */
|
/** Column name AD_Client_ID */
|
||||||
public static final String COLUMNNAME_AD_Client_ID = "AD_Client_ID";
|
public static final String COLUMNNAME_AD_Client_ID = "AD_Client_ID";
|
||||||
|
|
||||||
/** Get Client.
|
/** Get Tenant.
|
||||||
* Client/Tenant for this installation.
|
* Tenant for this installation.
|
||||||
*/
|
*/
|
||||||
public int getAD_Client_ID();
|
public int getAD_Client_ID();
|
||||||
|
|
||||||
|
@ -109,12 +109,12 @@ public interface I_AD_AuthorizationAccount
|
||||||
public static final String COLUMNNAME_AD_Org_ID = "AD_Org_ID";
|
public static final String COLUMNNAME_AD_Org_ID = "AD_Org_ID";
|
||||||
|
|
||||||
/** Set Organization.
|
/** Set Organization.
|
||||||
* Organizational entity within client
|
* Organizational entity within tenant
|
||||||
*/
|
*/
|
||||||
public void setAD_Org_ID (int AD_Org_ID);
|
public void setAD_Org_ID (int AD_Org_ID);
|
||||||
|
|
||||||
/** Get Organization.
|
/** Get Organization.
|
||||||
* Organizational entity within client
|
* Organizational entity within tenant
|
||||||
*/
|
*/
|
||||||
public int getAD_Org_ID();
|
public int getAD_Org_ID();
|
||||||
|
|
||||||
|
@ -215,6 +215,15 @@ public interface I_AD_AuthorizationAccount
|
||||||
/** Get Authorized */
|
/** Get Authorized */
|
||||||
public boolean isAuthorized();
|
public boolean isAuthorized();
|
||||||
|
|
||||||
|
/** Column name Preferred_UserName */
|
||||||
|
public static final String COLUMNNAME_Preferred_UserName = "Preferred_UserName";
|
||||||
|
|
||||||
|
/** Set Preferred User Name */
|
||||||
|
public void setPreferred_UserName (String Preferred_UserName);
|
||||||
|
|
||||||
|
/** Get Preferred User Name */
|
||||||
|
public String getPreferred_UserName();
|
||||||
|
|
||||||
/** Column name RefreshToken */
|
/** Column name RefreshToken */
|
||||||
public static final String COLUMNNAME_RefreshToken = "RefreshToken";
|
public static final String COLUMNNAME_RefreshToken = "RefreshToken";
|
||||||
|
|
||||||
|
|
|
@ -153,25 +153,28 @@ public class MAuthorizationCredential extends X_AD_AuthorizationCredential {
|
||||||
return msg;
|
return msg;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
String preferred_username = null;
|
||||||
if ( ap.getAD_AuthorizationProvider_ID() == OAUTH2_AUTHORIZATION_PROVIDER_MICROSOFT
|
if ( ap.getAD_AuthorizationProvider_ID() == OAUTH2_AUTHORIZATION_PROVIDER_MICROSOFT
|
||||||
|
&& MSysConfig.getBooleanValue("OAUTH2_USE_ID_TOKEN_PREFERRED_USERNAME_ON_MICROSOFT_PROVIDER", true)) {
|
||||||
|
/* Microsoft send the user email information in the id_token in preferred_username field in some cases */
|
||||||
|
if (id_token != null && id_token instanceof String) {
|
||||||
|
IdToken idtoken = IdToken.parse(tokenResponse.getFactory(), (String) tokenResponse.get("id_token"));
|
||||||
|
preferred_username = (String) idtoken.getPayload().get("preferred_username");
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if ( preferred_username == null
|
||||||
|
&& ap.getAD_AuthorizationProvider_ID() == OAUTH2_AUTHORIZATION_PROVIDER_MICROSOFT
|
||||||
&& MSysConfig.getBooleanValue("OAUTH2_USE_ACCESS_TOKEN_UPN_ON_MICROSOFT_PROVIDER", true)) {
|
&& MSysConfig.getBooleanValue("OAUTH2_USE_ACCESS_TOKEN_UPN_ON_MICROSOFT_PROVIDER", true)) {
|
||||||
/* IDEMPIERE-5354
|
/* Microsoft send the user email information in the access_token in upn field in some cases */
|
||||||
* Microsoft send the user email information in the access_token in upn field in some cases when the login doesn't correspond with the email
|
|
||||||
* for this the upn must take precedence when the email is different than the user for login
|
|
||||||
*/
|
|
||||||
Object access_token = tokenResponse.get("access_token");
|
Object access_token = tokenResponse.get("access_token");
|
||||||
String upn_access = null;
|
|
||||||
if (access_token != null && access_token instanceof String) {
|
if (access_token != null && access_token instanceof String) {
|
||||||
try {
|
try {
|
||||||
IdToken accesstoken = IdToken.parse(tokenResponse.getFactory(), (String) tokenResponse.get("access_token"));
|
IdToken accesstoken = IdToken.parse(tokenResponse.getFactory(), (String) tokenResponse.get("access_token"));
|
||||||
upn_access = (String) accesstoken.getPayload().get("upn");
|
preferred_username = (String) accesstoken.getPayload().get("upn");
|
||||||
} catch (Exception ex) {
|
} catch (Exception ex) {
|
||||||
// accesstoken not valid ... simply ignore
|
// accesstoken not valid ... simply ignore
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (upn_access != null && ! email.toLowerCase().equals(upn_access.toLowerCase()) && EMail.validate(upn_access)) {
|
|
||||||
email = upn_access;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
boolean newAccount = false;
|
boolean newAccount = false;
|
||||||
|
@ -182,6 +185,9 @@ public class MAuthorizationCredential extends X_AD_AuthorizationCredential {
|
||||||
if (account == null) {
|
if (account == null) {
|
||||||
account = new MAuthorizationAccount(ctx, 0, get_TrxName());
|
account = new MAuthorizationAccount(ctx, 0, get_TrxName());
|
||||||
account.setEMail(email);
|
account.setEMail(email);
|
||||||
|
if (preferred_username != null && ! email.toLowerCase().equals(preferred_username.toLowerCase()) && EMail.validate(preferred_username)) {
|
||||||
|
account.setPreferred_UserName(preferred_username);
|
||||||
|
}
|
||||||
account.setAD_AuthorizationCredential_ID(getAD_AuthorizationCredential_ID());
|
account.setAD_AuthorizationCredential_ID(getAD_AuthorizationCredential_ID());
|
||||||
account.setAD_User_ID(Env.getAD_User_ID(ctx));
|
account.setAD_User_ID(Env.getAD_User_ID(ctx));
|
||||||
newAccount = true;
|
newAccount = true;
|
||||||
|
|
|
@ -25,7 +25,7 @@ import org.compiere.util.Env;
|
||||||
|
|
||||||
/** Generated Model for AD_AuthorizationAccount
|
/** Generated Model for AD_AuthorizationAccount
|
||||||
* @author iDempiere (generated)
|
* @author iDempiere (generated)
|
||||||
* @version Release 9 - $Id$ */
|
* @version Release 10 - $Id$ */
|
||||||
@org.adempiere.base.Model(table="AD_AuthorizationAccount")
|
@org.adempiere.base.Model(table="AD_AuthorizationAccount")
|
||||||
public class X_AD_AuthorizationAccount extends PO implements I_AD_AuthorizationAccount, I_Persistent
|
public class X_AD_AuthorizationAccount extends PO implements I_AD_AuthorizationAccount, I_Persistent
|
||||||
{
|
{
|
||||||
|
@ -33,7 +33,7 @@ public class X_AD_AuthorizationAccount extends PO implements I_AD_AuthorizationA
|
||||||
/**
|
/**
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
private static final long serialVersionUID = 20220116L;
|
private static final long serialVersionUID = 20220906L;
|
||||||
|
|
||||||
/** Standard Constructor */
|
/** Standard Constructor */
|
||||||
public X_AD_AuthorizationAccount (Properties ctx, int AD_AuthorizationAccount_ID, String trxName)
|
public X_AD_AuthorizationAccount (Properties ctx, int AD_AuthorizationAccount_ID, String trxName)
|
||||||
|
@ -334,6 +334,21 @@ public class X_AD_AuthorizationAccount extends PO implements I_AD_AuthorizationA
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** Set Preferred User Name.
|
||||||
|
@param Preferred_UserName Preferred User Name
|
||||||
|
*/
|
||||||
|
public void setPreferred_UserName (String Preferred_UserName)
|
||||||
|
{
|
||||||
|
set_Value (COLUMNNAME_Preferred_UserName, Preferred_UserName);
|
||||||
|
}
|
||||||
|
|
||||||
|
/** Get Preferred User Name.
|
||||||
|
@return Preferred User Name */
|
||||||
|
public String getPreferred_UserName()
|
||||||
|
{
|
||||||
|
return (String)get_Value(COLUMNNAME_Preferred_UserName);
|
||||||
|
}
|
||||||
|
|
||||||
/** Set Refresh Token.
|
/** Set Refresh Token.
|
||||||
@param RefreshToken Refresh Token
|
@param RefreshToken Refresh Token
|
||||||
*/
|
*/
|
||||||
|
|
|
@ -46,7 +46,6 @@ import javax.mail.internet.MimeBodyPart;
|
||||||
import javax.mail.internet.MimeMessage;
|
import javax.mail.internet.MimeMessage;
|
||||||
import javax.mail.internet.MimeMultipart;
|
import javax.mail.internet.MimeMultipart;
|
||||||
|
|
||||||
import org.compiere.model.MAuthorizationAccount;
|
|
||||||
import org.compiere.model.MClient;
|
import org.compiere.model.MClient;
|
||||||
import org.compiere.model.MSMTP;
|
import org.compiere.model.MSMTP;
|
||||||
import org.compiere.model.MSysConfig;
|
import org.compiere.model.MSysConfig;
|
||||||
|
@ -313,12 +312,9 @@ public final class EMail implements Serializable
|
||||||
props.put("mail.debug", "true");
|
props.put("mail.debug", "true");
|
||||||
//
|
//
|
||||||
|
|
||||||
MAuthorizationAccount authAccount = null;
|
|
||||||
boolean isOAuth2 = false;
|
boolean isOAuth2 = false;
|
||||||
if (m_auth != null) {
|
if (m_auth != null)
|
||||||
authAccount = MAuthorizationAccount.getEMailAccount(m_auth.getPasswordAuthentication().getUserName());
|
isOAuth2 = m_auth.isOAuth2();
|
||||||
isOAuth2 = (authAccount != null);
|
|
||||||
}
|
|
||||||
|
|
||||||
Session session = null;
|
Session session = null;
|
||||||
try
|
try
|
||||||
|
@ -343,7 +339,7 @@ public final class EMail implements Serializable
|
||||||
props.put("mail.smtp.auth.login.disable","true");
|
props.put("mail.smtp.auth.login.disable","true");
|
||||||
props.put("mail.smtp.auth.plain.disable","true");
|
props.put("mail.smtp.auth.plain.disable","true");
|
||||||
props.put("mail.debug.auth", "true");
|
props.put("mail.debug.auth", "true");
|
||||||
m_auth = new EMailAuthenticator (m_auth.getPasswordAuthentication().getUserName(), authAccount.refreshAndGetAccessToken());
|
m_auth = new EMailAuthenticator (m_auth.getPasswordAuthentication().getUserName(), m_auth.getPasswordAuthentication().getPassword());
|
||||||
}
|
}
|
||||||
session = Session.getInstance(props);
|
session = Session.getInstance(props);
|
||||||
session.setDebug(CLogMgt.isLevelFinest());
|
session.setDebug(CLogMgt.isLevelFinest());
|
||||||
|
|
|
@ -41,18 +41,20 @@ public class EMailAuthenticator extends Authenticator
|
||||||
*/
|
*/
|
||||||
public EMailAuthenticator (String username, String password)
|
public EMailAuthenticator (String username, String password)
|
||||||
{
|
{
|
||||||
MAuthorizationAccount authAccount = MAuthorizationAccount.getEMailAccount(username);
|
m_authAccount = MAuthorizationAccount.getEMailAccount(username);
|
||||||
if (authAccount != null)
|
if (m_authAccount != null)
|
||||||
{
|
{
|
||||||
m_isOAuth2 = true;
|
m_isOAuth2 = true;
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
password = authAccount.refreshAndGetAccessToken();
|
password = m_authAccount.refreshAndGetAccessToken();
|
||||||
}
|
}
|
||||||
catch (GeneralSecurityException | IOException e)
|
catch (GeneralSecurityException | IOException e)
|
||||||
{
|
{
|
||||||
throw new AdempiereException(e);
|
throw new AdempiereException(e);
|
||||||
}
|
}
|
||||||
|
if (m_authAccount.getPreferred_UserName() != null)
|
||||||
|
username = m_authAccount.getPreferred_UserName();
|
||||||
}
|
}
|
||||||
|
|
||||||
m_pass = new PasswordAuthentication (username, password);
|
m_pass = new PasswordAuthentication (username, password);
|
||||||
|
@ -72,6 +74,8 @@ public class EMailAuthenticator extends Authenticator
|
||||||
private PasswordAuthentication m_pass = null;
|
private PasswordAuthentication m_pass = null;
|
||||||
/** Is OAuth2 */
|
/** Is OAuth2 */
|
||||||
private boolean m_isOAuth2 = false;
|
private boolean m_isOAuth2 = false;
|
||||||
|
/** Authorization Account */
|
||||||
|
private MAuthorizationAccount m_authAccount = null;
|
||||||
/** Logger */
|
/** Logger */
|
||||||
private static CLogger log = CLogger.getCLogger(EMailAuthenticator.class);
|
private static CLogger log = CLogger.getCLogger(EMailAuthenticator.class);
|
||||||
|
|
||||||
|
@ -84,6 +88,15 @@ public class EMailAuthenticator extends Authenticator
|
||||||
return m_pass;
|
return m_pass;
|
||||||
} // getPasswordAuthentication
|
} // getPasswordAuthentication
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Get OAuth2 Authorization Account
|
||||||
|
* @return Authorization Account
|
||||||
|
*/
|
||||||
|
protected MAuthorizationAccount getAuthorizationAccount()
|
||||||
|
{
|
||||||
|
return m_authAccount;
|
||||||
|
} // getAuthorizationAccount
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* If the authenticator is using OAuth2 account
|
* If the authenticator is using OAuth2 account
|
||||||
* @return boolean
|
* @return boolean
|
||||||
|
|
Loading…
Reference in New Issue