]> BookStack Code Mirror - bookstack/blobdiff - app/Access/Oidc/OidcService.php
projects / bookstack / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
ExportFormatter: Add book description and check for empty book and chapter descriptio...
[bookstack] / app / Access / Oidc / OidcService.php
diff --git a/app/Access/Oidc/OidcService.php b/app/Access/Oidc/OidcService.php
index fba6dc9a8f34bc5189a2dbce0b3b19c13dc17868..7c1760649b5bb5bfc8600cb38fe56fe98282df18 100644 (file)
--- a/app/Access/Oidc/OidcService.php
+++ b/app/Access/Oidc/OidcService.php
@@ -201,6 +201,9 @@ class OidcService
         if (empty($userDetails->email)) {
             throw new OidcException(trans('errors.oidc_no_email_address'));
         }
+        if (empty($userDetails->name)) {
+            $userDetails->name = $userDetails->externalId;
+        }
 
         $isLoggedIn = auth()->check();
         if ($isLoggedIn) {
@@ -243,10 +246,14 @@ class OidcService
         if (!$userDetails->isFullyPopulated($this->shouldSyncGroups()) && !empty($settings->userinfoEndpoint)) {
             $provider = $this->getProvider($settings);
             $request = $provider->getAuthenticatedRequest('GET', $settings->userinfoEndpoint, $accessToken->getToken());
-            $response = new OidcUserinfoResponse($provider->getResponse($request));
+            $response = new OidcUserinfoResponse(
+                $provider->getResponse($request),
+                $settings->issuer,
+                $settings->keys,
+            );
 
             try {
-                $response->validate($idToken->getClaim('sub'));
+                $response->validate($idToken->getClaim('sub'), $settings->clientId);
             } catch (OidcInvalidTokenException $exception) {
                 throw new OidcException("Userinfo endpoint response validation failed with error: {$exception->getMessage()}");
             }
The core source code for the BookStack project.