From f775859e6a341a0f745c9ecaffcbee3753593774 Mon Sep 17 00:00:00 2001
From: josedev-union <70741025+josedev-union@users.noreply.github.com>
Date: Mon, 9 Nov 2020 06:36:45 +0100
Subject: [PATCH] Consider the authentication with email-like username

---
 .../plugin/internal/NexusKeycloakClient.java       | 14 +++++++++++---
 1 file changed, 11 insertions(+), 3 deletions(-)

diff --git a/src/main/java/org/github/flytreeleft/nexus3/keycloak/plugin/internal/NexusKeycloakClient.java b/src/main/java/org/github/flytreeleft/nexus3/keycloak/plugin/internal/NexusKeycloakClient.java
index a13db9c..d1b9757 100644
--- a/src/main/java/org/github/flytreeleft/nexus3/keycloak/plugin/internal/NexusKeycloakClient.java
+++ b/src/main/java/org/github/flytreeleft/nexus3/keycloak/plugin/internal/NexusKeycloakClient.java
@@ -66,18 +66,26 @@ public boolean authenticate(UsernamePasswordToken token) {
     public boolean authenticate(KeycloakHttpHeaderAuthToken token) {
         String principal = token.getPrincipal();
         String credentials = token.getCredentials().toString();
+        boolean authenticated = false;
 
         UserInfo userInfo = this.keycloakAdminClient.obtainUserInfo(credentials);
         if (userInfo == null) {
             return false;
         }
-
+        authenticated = userInfo.getPreferredUsername().equals(principal);
+        this.logger.info("principal is {} while pun is {}, so auth result is {}",
+                             principal,
+                             userInfo.getPreferredUsername(),
+                             authenticated);
+
+        if (authenticated) {
+            return authenticated;
+        }
         boolean isEmail = this.keycloakAdminClient.isEmail(principal);
         if (isEmail) {
             return userInfo.getEmailVerified() && principal.equals(userInfo.getEmail());
         }
-
-        return userInfo.getPreferredUsername().equals(principal);
+        return authenticated;
     }
 
     public Set<String> findRoleIdsByUserId(String userId) {