in src/main/java/com/googlesource/gerrit/plugins/oauth/KeycloakOAuthService.java [88:135]
public OAuthUserInfo getUserInfo(OAuthToken token) throws IOException {
JsonElement tokenJson = JSON.newGson().fromJson(token.getRaw(), JsonElement.class);
JsonObject tokenObject = tokenJson.getAsJsonObject();
JsonElement id_token = tokenObject.get("id_token");
String jwt;
try {
jwt = parseJwt(id_token.getAsString());
} catch (UnsupportedEncodingException e) {
throw new IOException(
String.format(
"%s support is required to interact with JWTs", StandardCharsets.UTF_8.name()),
e);
}
JsonElement claimJson = JSON.newGson().fromJson(jwt, JsonElement.class);
JsonObject claimObject = claimJson.getAsJsonObject();
if (log.isDebugEnabled()) {
log.debug("Claim object: {}", claimObject);
}
JsonElement usernameElement = claimObject.get("preferred_username");
JsonElement emailElement = claimObject.get("email");
JsonElement nameElement = claimObject.get("name");
if (usernameElement == null || usernameElement.isJsonNull()) {
throw new IOException("Response doesn't contain preferred_username field");
}
if (emailElement == null || emailElement.isJsonNull()) {
throw new IOException("Response doesn't contain email field");
}
if (nameElement == null || nameElement.isJsonNull()) {
throw new IOException("Response doesn't contain name field");
}
String usernameAsString = usernameElement.getAsString();
String username = null;
if (usePreferredUsername) {
username = usernameAsString;
}
String externalId = KEYCLOAK_PROVIDER_PREFIX + usernameAsString;
String email = emailElement.getAsString();
String name = nameElement.getAsString();
return new OAuthUserInfo(
externalId /*externalId*/,
username /*username*/,
email /*email*/,
name /*displayName*/,
null /*claimedIdentity*/);
}