Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-14577

OIDCIdentityProvider incorrectly sets firstName and lastName in BrokeredIdentityContext

    Details

    • Steps to Reproduce:
      Hide
      • Set up an OIDC Identity Provider with for example another Keycloak
      • In the other Keycloak, create a user with a lastname containing a space
      • Set a breakpoint at the end OIDCIdentityProvider#extractIdentity
      • Log in via the IDP
      • Check firstName and lastName of "identity"
      Show
      Set up an OIDC Identity Provider with for example another Keycloak In the other Keycloak, create a user with a lastname containing a space Set a breakpoint at the end OIDCIdentityProvider#extractIdentity Log in via the IDP Check firstName and lastName of "identity"
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      OIDCIdentityProvider#extractIdentity calls BrokeredIdentityContext#setName which sets firstName and lastName by splitting name at the last space character. If the family_name claim contains a space, firstName and lastName are incorrectly set in BrokeredIdentityContext.

      When given_name and family_name are available in the token, I believe OIDCIdentityProvider#extractIdentity should use these values in preference over trying to derive firstName and lastName from name.

      When creating "Attribute Importer" mappers for given_name and last_name in the OIDC IDP, the issue is not relevant.

        Gliffy Diagrams

          Attachments

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                dode Torsten Römer
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated: