Add support for custom username claim

Fixes spring-atticgh-1696

Author: gavingolden

spring-security-oauth2/src/main/java/org/springframework/security/oauth2/provider/token/DefaultUserAuthenticationConverter.java

@@ -42,6 +42,8 @@ public class DefaultUserAuthenticationConverter implements UserAuthenticationCon
 
 private UserDetailsService userDetailsService;
 
+private String userClaimName = USERNAME;
+
 /**
  * Optional {@link UserDetailsService} to use when extracting an {@link Authentication} from the incoming map.
  * 
@@ -51,6 +53,15 @@ public void setUserDetailsService(UserDetailsService userDetailsService) {
 this.userDetailsService = userDetailsService;
 }
 
+/**
+ * Set the name of the user claim to use when extracting an {@link Authentication} from the incoming map
+ * or when converting an {@link Authentication} to a map.
+ * @param claimName the claim name to use (default {@link UserAuthenticationConverter#USERNAME})
+ */
+public void setUserClaimName(String claimName) {
+this.userClaimName = claimName;
+}
+
 /**
  * Default value for authorities if an Authentication is being created and the input has no data for authorities.
  * Note that unless this property is set, the default Authentication created by {@link #extractAuthentication(Map)}
@@ -65,19 +76,19 @@ public void setDefaultAuthorities(String[] defaultAuthorities) {
 
 public Map<String, ?> convertUserAuthentication(Authentication authentication) {
 Map<String, Object> response = new LinkedHashMap<String, Object>();
-response.put(USERNAME, authentication.getName());
+response.put(userClaimName, authentication.getName());
 if (authentication.getAuthorities() != null && !authentication.getAuthorities().isEmpty()) {
 response.put(AUTHORITIES, AuthorityUtils.authorityListToSet(authentication.getAuthorities()));
 }
 return response;
 }
 
 public Authentication extractAuthentication(Map<String, ?> map) {
-if (map.containsKey(USERNAME)) {
-Object principal = map.get(USERNAME);
+if (map.containsKey(userClaimName)) {
+Object principal = map.get(userClaimName);
 Collection<? extends GrantedAuthority> authorities = getAuthorities(map);
 if (userDetailsService != null) {
-UserDetails user = userDetailsService.loadUserByUsername((String) map.get(USERNAME));
+UserDetails user = userDetailsService.loadUserByUsername((String) map.get(userClaimName));
 authorities = user.getAuthorities();
 principal = user;
 }

spring-security-oauth2/src/test/java/org/springframework/security/oauth2/provider/token/DefaultUserAuthenticationConverterTests.java

@@ -8,6 +8,7 @@
 
 import org.junit.Test;
 import org.mockito.Mockito;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.authority.AuthorityUtils;
 import org.springframework.security.core.userdetails.User;
@@ -59,4 +60,50 @@ public void shouldExtractAuthenticationWhenUserDetailsProvided() throws Exceptio
 
 assertEquals("ROLE_SPAM", authentication.getAuthorities().iterator().next().toString());
 }
+
+@Test
+public void shouldExtractWithDefaultUsernameClaimWhenNotSet() throws Exception {
+Map<String, Object> map = new HashMap<String, Object>();
+map.put(UserAuthenticationConverter.USERNAME, "test_user");
+
+Authentication authentication = converter.extractAuthentication(map);
+
+assertEquals("test_user", authentication.getPrincipal());
+}
+
+@Test
+public void shouldConvertUserWithDefaultUsernameClaimWhenNotSet() throws Exception {
+Authentication authentication = new UsernamePasswordAuthenticationToken("test_user", "");
+
+Map<String, ?> map = converter.convertUserAuthentication(authentication);
+
+assertEquals("test_user", map.get(UserAuthenticationConverter.USERNAME));
+}
+
+@Test
+public void shouldExtractWithCustomUsernameClaimWhenSet() throws Exception {
+String customUserClaim = "custom_user_name";
+DefaultUserAuthenticationConverter converter = new DefaultUserAuthenticationConverter();
+converter.setUserClaimName(customUserClaim);
+
+Map<String, Object> map = new HashMap<String, Object>();
+map.put(customUserClaim, "test_user");
+
+Authentication authentication = converter.extractAuthentication(map);
+
+assertEquals("test_user", authentication.getPrincipal());
+}
+
+@Test
+public void shouldConvertUserWithCustomUsernameClaimWhenSet() throws Exception {
+String customUserClaim = "custom_user_name";
+DefaultUserAuthenticationConverter converter = new DefaultUserAuthenticationConverter();
+converter.setUserClaimName(customUserClaim);
+
+Authentication authentication = new UsernamePasswordAuthenticationToken("test_user", "");
+
+Map<String, ?> map = converter.convertUserAuthentication(authentication);
+
+assertEquals("test_user", map.get(customUserClaim));
+}
 }