Use user.FullName in Oauth2 id_token response (#32542)

This makes `/login/oauth/authorize` behave the same way as the
`/login/oauth/userinfo` endpoint.

diff --git a/routers/web/auth/oauth2_provider.go b/routers/web/auth/oauth2_provider.go
index d844d42421330747261eb513f0e719e841fe6eb2..2ccc4a2253742e8f3f47262bab3b9c4e58e214d2 100644 (file)
--- a/routers/web/auth/oauth2_provider.go
+++ b/routers/web/auth/oauth2_provider.go
@@ -98,7 +98,7 @@ func InfoOAuth(ctx *context.Context) {
 
        response := &userInfoResponse{
                Sub:               fmt.Sprint(ctx.Doer.ID),
-               Name:              ctx.Doer.FullName,
+               Name:              ctx.Doer.DisplayName(),
                PreferredUsername: ctx.Doer.Name,
                Email:             ctx.Doer.Email,
                Picture:           ctx.Doer.AvatarLink(ctx),

diff --git a/routers/web/auth/oauth_test.go b/routers/web/auth/oauth_test.go
index 78af97fa9c6693fa86102d214c77a4325759302b..8d9365fab453e337981dd1291629a8a6a5af6faa 100644 (file)
--- a/routers/web/auth/oauth_test.go
+++ b/routers/web/auth/oauth_test.go
@@ -10,7 +10,6 @@ import (
        "code.gitea.io/gitea/models/db"
        "code.gitea.io/gitea/models/unittest"
        user_model "code.gitea.io/gitea/models/user"
-       "code.gitea.io/gitea/modules/setting"
        "code.gitea.io/gitea/services/oauth2_provider"
 
        "github.com/golang-jwt/jwt/v5"
@@ -66,25 +65,7 @@ func TestNewAccessTokenResponse_OIDCToken(t *testing.T) {
 
        // Scopes: openid profile email
        oidcToken = createAndParseToken(t, grants[0])
-       assert.Equal(t, user.Name, oidcToken.Name)
-       assert.Equal(t, user.Name, oidcToken.PreferredUsername)
-       assert.Equal(t, user.HTMLURL(), oidcToken.Profile)
-       assert.Equal(t, user.AvatarLink(db.DefaultContext), oidcToken.Picture)
-       assert.Equal(t, user.Website, oidcToken.Website)
-       assert.Equal(t, user.UpdatedUnix, oidcToken.UpdatedAt)
-       assert.Equal(t, user.Email, oidcToken.Email)
-       assert.Equal(t, user.IsActive, oidcToken.EmailVerified)
-
-       // set DefaultShowFullName to true
-       oldDefaultShowFullName := setting.UI.DefaultShowFullName
-       setting.UI.DefaultShowFullName = true
-       defer func() {
-               setting.UI.DefaultShowFullName = oldDefaultShowFullName
-       }()
-
-       // Scopes: openid profile email
-       oidcToken = createAndParseToken(t, grants[0])
-       assert.Equal(t, user.FullName, oidcToken.Name)
+       assert.Equal(t, user.DisplayName(), oidcToken.Name)
        assert.Equal(t, user.Name, oidcToken.PreferredUsername)
        assert.Equal(t, user.HTMLURL(), oidcToken.Profile)
        assert.Equal(t, user.AvatarLink(db.DefaultContext), oidcToken.Picture)

diff --git a/services/oauth2_provider/access_token.go b/services/oauth2_provider/access_token.go
index f79afa4b301baed1f4eca111897c86ee115ec2c3..dd3f24eeef242110f558c54b0634afe9b7c53026 100644 (file)
--- a/services/oauth2_provider/access_token.go
+++ b/services/oauth2_provider/access_token.go
@@ -148,7 +148,7 @@ func NewAccessTokenResponse(ctx context.Context, grant *auth.OAuth2Grant, server
                        Nonce: grant.Nonce,
                }
                if grant.ScopeContains("profile") {
-                       idToken.Name = user.GetDisplayName()
+                       idToken.Name = user.DisplayName()
                        idToken.PreferredUsername = user.Name
                        idToken.Profile = user.HTMLURL()
                        idToken.Picture = user.AvatarLink(ctx)