Merge branch 'fix/oidc' into 'release/6.2'

add username in bearer auth info when authenticated

See merge request BC/public/linphone-desktop!1800

.gitlab-ci.yml

@@ -49,7 +49,6 @@ include:
   - '.gitlab-ci-files/windows-desktop.yml'
   - '.gitlab-ci-files/macosx-desktop.yml'
 
-
 stages:
   - build
   - package

Linphone/model/auth/OIDCModel.cpp

@@ -26,6 +26,11 @@
 #include "model/core/CoreModel.hpp"
 #include "tool/Utils.hpp"
 
+#include <QByteArray>
+#include <QJsonDocument>
+#include <QJsonObject>
+#include <QString>
+
 // =============================================================================
 
 static constexpr char OIDCScope[] = "offline_access";
@@ -351,6 +356,17 @@ void OIDCModel::setBearers() {
 
 	auto accessBearer = linphone::Factory::get()->createBearerToken(Utils::appStringToCoreString(idToken()), timeT);
 	mAuthInfo->setAccessToken(accessBearer);
+	auto decoded = Utils::decodeJwtPayload(Utils::coreStringToAppString(accessBearer->getToken()));
+	auto username = decoded["preferred_username"].toString();
+	if (username.isEmpty()) {
+		auto username = decoded["username"].toString();
+	}
+	if (!username.isEmpty()) {
+		qDebug() << "Username found in bearer access token, set in authInfo" << username;
+		mAuthInfo->setUsername(Utils::appStringToCoreString(username));
+	} else {
+		lWarning() << "Username not found in bearer access token, account removal could failed";
+	}
 
 	if (mOidc.refreshToken() != nullptr) {
 

Linphone/tool/Utils.cpp

@@ -2335,3 +2335,19 @@ void Utils::forceCrash() {
 	lInfo() << "throwing segmentation fault for debug";
 	raise(SIGSEGV);
 }
+
+QJsonObject Utils::decodeJwtPayload(const QString &token) {
+	QStringList parts = token.split('.');
+	if (parts.size() < 2) return {};
+
+	// Le payload est la 2ème partie, en base64url
+	QString payload = parts[1];
+	// base64url -> base64 standard
+	payload.replace('-', '+').replace('_', '/');
+	// Padding
+	while (payload.size() % 4 != 0)
+		payload += '=';
+
+	QByteArray decoded = QByteArray::fromBase64(payload.toUtf8());
+	return QJsonDocument::fromJson(decoded).object();
+}

Linphone/tool/Utils.hpp

@@ -199,6 +199,8 @@ public:
 	// Debug
 	Q_INVOKABLE static void forceCrash();
 
+	static QJsonObject decodeJwtPayload(const QString &token);
+
 	//	QDir findDirectoryByName(QString startPath, QString name);
 
 	static QString getApplicationProduct();