Merge branch 'master' into 15572-new-install-docs

[arvados.git] / lib / controller / localdb / login.go

diff --git a/lib/controller/localdb/login.go b/lib/controller/localdb/login.go
index df5259a846bbac112c4ee3fa30c7dc5b7f03a60f..b1ebb27e486f91ecda01341d0f09c2e425df5a71 100644 (file)
--- a/lib/controller/localdb/login.go
+++ b/lib/controller/localdb/login.go
@@ -18,10 +18,10 @@ import (
        "text/template"
        "time"
 
-       "git.curoverse.com/arvados.git/lib/controller/rpc"
-       "git.curoverse.com/arvados.git/sdk/go/arvados"
-       "git.curoverse.com/arvados.git/sdk/go/auth"
-       "git.curoverse.com/arvados.git/sdk/go/ctxlog"
+       "git.arvados.org/arvados.git/lib/controller/rpc"
+       "git.arvados.org/arvados.git/sdk/go/arvados"
+       "git.arvados.org/arvados.git/sdk/go/auth"
+       "git.arvados.org/arvados.git/sdk/go/ctxlog"
        "github.com/coreos/go-oidc"
        "golang.org/x/oauth2"
        "google.golang.org/api/option"
@@ -128,7 +128,7 @@ func (ctrl *googleLoginController) Login(ctx context.Context, cluster *arvados.C
 // Google API does not indicate one.
 func (ctrl *googleLoginController) getAuthInfo(ctx context.Context, cluster *arvados.Cluster, conf *oauth2.Config, token *oauth2.Token, idToken *oidc.IDToken) (*rpc.UserSessionAuthInfo, error) {
        var ret rpc.UserSessionAuthInfo
-       defer ctxlog.FromContext(ctx).Infof("ret: %#v", &ret) // debug
+       defer ctxlog.FromContext(ctx).WithField("ret", &ret).Debug("getAuthInfo returned")
 
        var claims struct {
                Name     string `json:"name"`
@@ -164,7 +164,7 @@ func (ctrl *googleLoginController) getAuthInfo(ctx context.Context, cluster *arv
                // Override normal API endpoint (for testing)
                svc.BasePath = p
        }
-       person, err := people.NewPeopleService(svc).Get("people/me").Fields("emailAddresses,names").Do()
+       person, err := people.NewPeopleService(svc).Get("people/me").PersonFields("emailAddresses,names").Do()
        if err != nil {
                if strings.Contains(err.Error(), "Error 403") && strings.Contains(err.Error(), "accessNotConfigured") {
                        // Log the original API error, but display
@@ -176,8 +176,6 @@ func (ctrl *googleLoginController) getAuthInfo(ctx context.Context, cluster *arv
                }
        }
 
-       ctxlog.FromContext(ctx).Infof("people/me response: %#v", person) // debug
-
        // The given/family names returned by the People API and
        // flagged as "primary" (if any) take precedence over the
        // split-by-whitespace result from above.
@@ -195,7 +193,7 @@ func (ctrl *googleLoginController) getAuthInfo(ctx context.Context, cluster *arv
        }
        for _, ea := range person.EmailAddresses {
                if ea.Metadata == nil || !ea.Metadata.Verified {
-                       ctxlog.FromContext(ctx).WithField("address", ea.Value).Debug("skipping unverified email address")
+                       ctxlog.FromContext(ctx).WithField("address", ea.Value).Info("skipping unverified email address")
                        continue
                }
                altEmails[ea.Value] = true
@@ -209,6 +207,9 @@ func (ctrl *googleLoginController) getAuthInfo(ctx context.Context, cluster *arv
        for ae := range altEmails {
                if ae != ret.Email {
                        ret.AlternateEmails = append(ret.AlternateEmails, ae)
+                       if i := strings.Index(ae, "@"); i > 0 && strings.ToLower(ae[i+1:]) == strings.ToLower(cluster.Users.PreferDomainForUsername) {
+                               ret.Username = strings.SplitN(ae[:i], "+", 2)[0]
+                       }
                }
        }
        return &ret, nil