From 16507133454c1ed22c75cff2a13c158ef70e2977 Mon Sep 17 00:00:00 2001
From: Chris Malloy <cjmalloy@gmail.com>
Date: Wed, 10 Apr 2024 20:35:26 -0300
Subject: [PATCH] Put unknown email domains in user tag

---
 src/main/java/jasper/config/Config.java                  | 2 ++
 src/main/java/jasper/security/jwt/TokenProviderImpl.java | 6 +++++-
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/main/java/jasper/config/Config.java b/src/main/java/jasper/config/Config.java
index 7179568b..9272d85d 100644
--- a/src/main/java/jasper/config/Config.java
+++ b/src/main/java/jasper/config/Config.java
@@ -107,6 +107,8 @@ class SecurityConfig implements Serializable {
 		private String tokenEndpoint = "";
 		private String scimEndpoint = "";
 		private String usernameClaim = "sub";
+		private boolean emailDomainInUsername = false;
+		private String rootEmailDomain = "";
 		private String verifiedEmailClaim = "verified_email";
 		private String authoritiesClaim = "auth";
 		private String readAccessClaim = "readAccess";
diff --git a/src/main/java/jasper/security/jwt/TokenProviderImpl.java b/src/main/java/jasper/security/jwt/TokenProviderImpl.java
index c6cb03e5..1fe59ad2 100644
--- a/src/main/java/jasper/security/jwt/TokenProviderImpl.java
+++ b/src/main/java/jasper/security/jwt/TokenProviderImpl.java
@@ -149,8 +149,12 @@ String getUsername(Claims claims, String origin) {
 		}
 		logger.debug("Principal: {}", principal);
 		if (principal.contains("@")) {
-			// TODO: option for: map email host to user tag path
+			var emailDomain = principal.substring(principal.indexOf("@"));
 			principal = principal.substring(0, principal.indexOf("@"));
+			var security = configs.security(origin);
+			if (security.isEmailDomainInUsername() && !emailDomain.equals(security.getRootEmailDomain())) {
+				principal = emailDomain + "/" + principal;
+			}
 		}
 		var authorities = getPartialAuthorities(claims, origin);
 		if (isBlank(principal) ||