Merge pull request mitreid-connect#1320 from bverhoeven/rfc7662-sub

jricher · web-flow · commit 9d6f42b141d3 · 2018-05-03T14:46:49.000-04:00
Client: Parse 'sub' key to identify resource owner in introspection response (RFC7662)
diff --git a/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java b/openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java
@@ -244,7 +244,10 @@ private OAuth2Request createStoredRequest(final JsonObject token) {
 	private Authentication createUserAuthentication(JsonObject token) {
 		JsonElement userId = token.get("user_id");
 		if(userId == null) {
-			return null;
+			userId = token.get("sub");
+			if (userId == null) {
+				return null;
+			}
 		}
 
 		return new PreAuthenticatedAuthenticationToken(userId.getAsString(), token, introspectionAuthorityGranter.getAuthorities(token));
