From 52c39fb130caa887bb658055c53e5d07d60e7c3b Mon Sep 17 00:00:00 2001
From: Rui Yang <ryang@pivotal.io>
Date: Wed, 5 Aug 2020 21:50:33 -0400
Subject: [PATCH] check if upstream contains preferrend username claim first

Signed-off-by: Rui Yang <ryang@pivotal.io>
Signed-off-by: Rui Yang <ruiya@vmware.com>
---
 connector/oidc/oidc.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/connector/oidc/oidc.go b/connector/oidc/oidc.go
index 4ec86a05..c8172811 100644
--- a/connector/oidc/oidc.go
+++ b/connector/oidc/oidc.go
@@ -301,10 +301,10 @@ func (c *oidcConnector) createIdentity(ctx context.Context, identity connector.I
 	}
 	hostedDomain, _ := claims["hd"].(string)
 
-	if c.preferredUsernameKey == "" {
-		c.preferredUsernameKey = "preferred_username"
+	preferredUsername, found := claims["preferred_username"].(string)
+	if !found {
+		preferredUsername, _ = claims[c.preferredUsernameKey].(string)
 	}
-	preferredUsername, _ := claims[c.preferredUsernameKey].(string)
 
 	if len(c.hostedDomains) > 0 {
 		found := false
-- 
GitLab