diff --git a/forms-flow-bpm/src/main/java/org/camunda/bpm/extension/keycloak/rest/KeycloakAuthenticationFilter.java b/forms-flow-bpm/src/main/java/org/camunda/bpm/extension/keycloak/rest/KeycloakAuthenticationFilter.java index e96a3b9249..d6fa9d53a1 100644 --- a/forms-flow-bpm/src/main/java/org/camunda/bpm/extension/keycloak/rest/KeycloakAuthenticationFilter.java +++ b/forms-flow-bpm/src/main/java/org/camunda/bpm/extension/keycloak/rest/KeycloakAuthenticationFilter.java @@ -51,10 +51,10 @@ public void doFilter(ServletRequest request, ServletResponse response, FilterCha String userId = null; Map claims; if (authentication instanceof JwtAuthenticationToken) { - userId = ((JwtAuthenticationToken)authentication).getName(); + userId = ((JwtAuthenticationToken) authentication).getToken().getClaimAsString("preferred_username"); claims = ((JwtAuthenticationToken)authentication).getToken().getClaims(); } else if (authentication.getPrincipal() instanceof OidcUser) { - userId = ((OidcUser)authentication.getPrincipal()).getName(); + userId = ((OidcUser)authentication.getPrincipal()).getPreferredUsername(); claims = ((OidcUser)authentication.getPrincipal()).getClaims(); } else { throw new ServletException("Invalid authentication request token"); diff --git a/forms-flow-bpm/src/test/java/org/camunda/bpm/extension/keycloak/rest/KeycloakAuthenticationFilterTest.java b/forms-flow-bpm/src/test/java/org/camunda/bpm/extension/keycloak/rest/KeycloakAuthenticationFilterTest.java index f16912e887..4890d4a48b 100644 --- a/forms-flow-bpm/src/test/java/org/camunda/bpm/extension/keycloak/rest/KeycloakAuthenticationFilterTest.java +++ b/forms-flow-bpm/src/test/java/org/camunda/bpm/extension/keycloak/rest/KeycloakAuthenticationFilterTest.java @@ -75,6 +75,8 @@ public void doFilterTest() throws IOException, ServletException { .thenReturn(oidcUser); when(oidcUser.getName()) .thenReturn(userId); + when(oidcUser.getPreferredUsername()) + .thenReturn(userId); when(oidcUser.getClaims()) .thenReturn(claims);