From 3508407706fa5819e012d66e4567415ca6d4c3e9 Mon Sep 17 00:00:00 2001
From: loi <loi@ipac.caltech.edu>
Date: Fri, 5 Sep 2025 10:51:15 -0700
Subject: [PATCH] FIREFLY-1791: Fix username display issue - Refactor
 RequestOwner to minimize stale user info

---
 .../ipac/lsst/LsstWebDAVWorkspaceManager.java |  2 +-
 .../ipac/lsst/security/LsstSsoAdapter.java    | 23 +++++++++++++------
 2 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/src/suit/java/edu/caltech/ipac/lsst/LsstWebDAVWorkspaceManager.java b/src/suit/java/edu/caltech/ipac/lsst/LsstWebDAVWorkspaceManager.java
index 78d817d..f1583bb 100644
--- a/src/suit/java/edu/caltech/ipac/lsst/LsstWebDAVWorkspaceManager.java
+++ b/src/suit/java/edu/caltech/ipac/lsst/LsstWebDAVWorkspaceManager.java
@@ -22,7 +22,7 @@ public class LsstWebDAVWorkspaceManager extends WebDAVWorkspaceManagerBase {
 
     public LsstWebDAVWorkspaceManager(String wsId) {
 
-        Map<String, String> cookies = HttpServiceInput.createWithCredential(getWsHostUrl()).getCookies();          // should look at this again.
+        Map<String, String> cookies = new HttpServiceInput(getWsHostUrl()).getCookies();          // should look at this again.
         // for development from a local machine, set wsId to your user name
         // if (wsId == null || wsId.equals("Guest")) wsId = "tatianag";
         this.creds = new WsCredentials(wsId, cookies);
diff --git a/src/suit/java/edu/caltech/ipac/lsst/security/LsstSsoAdapter.java b/src/suit/java/edu/caltech/ipac/lsst/security/LsstSsoAdapter.java
index a0dd0e1..9df86e4 100644
--- a/src/suit/java/edu/caltech/ipac/lsst/security/LsstSsoAdapter.java
+++ b/src/suit/java/edu/caltech/ipac/lsst/security/LsstSsoAdapter.java
@@ -26,10 +26,10 @@
  * @author loi
  */
 public class LsstSsoAdapter implements SsoAdapter {
-    private static Logger.LoggerImpl LOGGER = Logger.getLogger();
-    private static String LOGIN_URL         = AppProperties.getProperty("sso.login.url", "/login?rd=/portal/suit/");
-    private static String LOGOUT_URL        = AppProperties.getProperty("sso.logout.url", "/logout");
-    private static String REQ_AUTH_HOSTS    = AppProperties.getProperty("sso.req.auth.hosts", ".ncsa.illinois.edu,.lsst.cloud");
+    private static final Logger.LoggerImpl LOGGER = Logger.getLogger();
+    private static final String LOGIN_URL         = AppProperties.getProperty("sso.login.url", "/login?rd=/portal/suit/");
+    private static final String LOGOUT_URL        = AppProperties.getProperty("sso.logout.url", "/logout");
+    private static final String REQ_AUTH_HOSTS    = AppProperties.getProperty("sso.req.auth.hosts", ".ncsa.illinois.edu,.lsst.cloud");
 
     private static final String GROUPS_HEADER = "X-Auth-Request-Groups";
     private static final String EMAIL_HEADER = "X-Auth-Request-Email";
@@ -43,7 +43,7 @@ public class LsstSsoAdapter implements SsoAdapter {
     private static final String NAME = "name";
     private static final String EMAIL = "email";
     private static final String EXPIRES = "exp";
-    private static final String ID_TOKEN = "X-Auth-Request-Token";
+    private static final String ID_TOKEN = "id_token";
     private static final String[] reqAuthHosts = REQ_AUTH_HOSTS.split(",");
 
     private Token token = null;
@@ -52,8 +52,13 @@ public Token getAuthToken() {
         if (token == null) {
             try {
                 RequestAgent ra = ServerContext.getRequestOwner().getRequestAgent();
+                if (ra == null) {
+                    LOGGER.warn("Should not happen: RequestAgent is null");
+                    return null;
+                }
                 String id_token = getString(ra, TOKEN_HEADER, "");      // this is a 3-parts base64 encoded JWT token
                 if (isEmpty(id_token)) {
+                    LOGGER.warn("%s not found in the header".formatted(TOKEN_HEADER));
                     return null;
                 }
                 String[] parts = id_token.split("\\.");
@@ -72,7 +77,10 @@ public Token getAuthToken() {
                 } else {
                     String email = getString(ra, EMAIL_HEADER, null);
                     String username = getString(ra, USERNAME_HEADER, email);
-                    if (isEmpty(username))  username = UUID.randomUUID().toString();       // all fail, use a random unique id
+                    if (isEmpty(username))  {
+                        username = UUID.randomUUID().toString();       // all fail, use a random unique id
+                        LOGGER.warn("No username nor email found in the header, using a random id: " + username);
+                    }
                     token = new Token(username);
                     token.setExpiresOn(0);
                     token.set(EMAIL, email);
@@ -83,7 +91,8 @@ public Token getAuthToken() {
                     return token;
                 }
             } catch (Exception e) {
-                LOGGER.error(e);
+                LOGGER.error("Error parsing token: " + e.getMessage());
+                token = null;
             }
         }
         return token;