fix: set Logto display name from email during onboarding

Email-registered users have no name field in Logto, causing empty OIDC name claims. After adding user to org, derive display name from email local part (john.doe@acme.com -> john.doe) if name is not already set. Also adds updateUserProfile() to LogtoManagementClient. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-26 12:31:12 +02:00
parent 484a388b62
commit 5754b0ca81
2 changed files with 24 additions and 0 deletions
--- a/src/main/java/net/siegeln/cameleer/saas/identity/LogtoManagementClient.java
+++ b/src/main/java/net/siegeln/cameleer/saas/identity/LogtoManagementClient.java
@@ -526,6 +526,18 @@ public class LogtoManagementClient {
            .toBodilessEntity();
    }

+    /** Update a user's profile fields (e.g. name). */
+    public void updateUserProfile(String userId, Map<String, Object> profile) {
+        if (!isAvailable()) throw new IllegalStateException("Logto not configured");
+        restClient.patch()
+            .uri(config.getLogtoEndpoint() + "/api/users/" + userId)
+            .header("Authorization", "Bearer " + getAccessToken())
+            .contentType(MediaType.APPLICATION_JSON)
+            .body(profile)
+            .retrieve()
+            .toBodilessEntity();
+    }
+
    /** Get a user by ID. Returns username, primaryEmail, name. */
    @SuppressWarnings("unchecked")
    public Map<String, Object> getUser(String userId) {
--- a/src/main/java/net/siegeln/cameleer/saas/onboarding/OnboardingService.java
+++ b/src/main/java/net/siegeln/cameleer/saas/onboarding/OnboardingService.java
@@ -8,6 +8,7 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;

+import java.util.Map;
 import java.util.UUID;

 /**
@@ -52,6 +53,17 @@ public class OnboardingService {
                    logtoClient.assignOrganizationRole(tenant.getLogtoOrgId(), logtoUserId, ownerRoleId);
                }
                log.info("Added user {} as owner of tenant {}", logtoUserId, slug);
+
+                // Set display name from email if not already set (email-registered users have no name)
+                var user = logtoClient.getUser(logtoUserId);
+                if (user != null && (user.get("name") == null || String.valueOf(user.get("name")).isBlank())) {
+                    String email = String.valueOf(user.getOrDefault("primaryEmail", ""));
+                    if (!email.isBlank() && email.contains("@")) {
+                        String displayName = email.substring(0, email.indexOf('@'));
+                        logtoClient.updateUserProfile(logtoUserId, Map.of("name", displayName));
+                        log.info("Set display name '{}' for user {}", displayName, logtoUserId);
+                    }
+                }
            } catch (Exception e) {
                log.warn("Failed to add user {} to org for tenant {}: {}", logtoUserId, slug, e.getMessage());
            }