Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
[management] OAuth2AuthenticationResource doesn't distinguish users by source #1486
If I define a user in the in-memory security provider and I also have an oauth2 security provider that has a user with the same username, when the oauth2 user logs into the Management UI, it may be matched with the wrong user id.
OAuth2AuthenticationResource (and all security providers) should look for a matching user by username and source (and not just by username)
The wrong user may be picked (user from a different source)