KEYCLOAK-2292 Broker login: remove identity provider prefix from autogenerated username

services/src/main/java/org/keycloak/services/resources/IdentityBrokerService.java

@@ -299,7 +299,7 @@ public class IdentityBrokerService implements IdentityProvider.AuthenticationCal
                 } else if (context.getUsername() == null) {
                     username = context.getIdpConfig().getAlias() + "." + context.getId();
                 } else {
-                    username = context.getIdpConfig().getAlias() + "." + context.getUsername();
+                    username = context.getUsername();
                 }
             }
             username = username.trim();

testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractIdentityProviderTest.java

@@ -155,7 +155,7 @@ public abstract class AbstractIdentityProviderTest {
         FederatedIdentityModel federatedIdentityModel = federatedIdentities.iterator().next();
 
         assertEquals(getProviderId(), federatedIdentityModel.getIdentityProvider());
-        assertEquals(federatedUser.getUsername(), federatedIdentityModel.getIdentityProvider() + "." + federatedIdentityModel.getUserName());
+        assertEquals(federatedUser.getUsername(), federatedIdentityModel.getUserName());
 
         driver.navigate().to("http://localhost:8081/test-app/logout");
         driver.navigate().to("http://localhost:8081/test-app");

testsuite/integration/src/test/java/org/keycloak/testsuite/broker/AbstractKeycloakIdentityProviderTest.java

@@ -138,7 +138,7 @@ public abstract class AbstractKeycloakIdentityProviderTest extends AbstractIdent
         FederatedIdentityModel federatedIdentityModel = federatedIdentities.iterator().next();
 
         assertEquals(getProviderId(), federatedIdentityModel.getIdentityProvider());
-        assertEquals(federatedUser.getUsername(), federatedIdentityModel.getIdentityProvider() + "." + federatedIdentityModel.getUserName());
+        assertEquals(federatedUser.getUsername(), federatedIdentityModel.getUserName());
 
         driver.navigate().to("http://localhost:8081/test-app/logout");
         driver.navigate().to("http://localhost:8081/test-app");
@@ -485,7 +485,7 @@ public abstract class AbstractKeycloakIdentityProviderTest extends AbstractIdent
         System.out.println("after logout currentUrl: " + currentUrl);
         assertTrue(currentUrl.startsWith("http://localhost:8081/auth/realms/realm-with-broker/protocol/openid-connect/auth"));
 
-        unconfigureUserRetrieveToken(getProviderId() + ".test-user");
+        unconfigureUserRetrieveToken("test-user");
         loginIDP("test-user");
         //authenticateWithIdentityProvider(identityProviderModel, "test-user");
         assertEquals("http://localhost:8081/test-app", driver.getCurrentUrl());

testsuite/integration/src/test/java/org/keycloak/testsuite/broker/PostBrokerFlowTest.java

@@ -122,7 +122,7 @@ public class PostBrokerFlowTest extends AbstractIdentityProviderTest {
         String totpSecret = totpPage.getTotpSecret();
         totpPage.configure(totp.generateTOTP(totpSecret));
 
-        assertFederatedUser(getProviderId() + ".test-user", "test-user@localhost", "test-user", getProviderId());
+        assertFederatedUser("test-user", "test-user@localhost", "test-user", getProviderId());
 
         driver.navigate().to("http://localhost:8081/test-app/logout");
 
@@ -131,7 +131,7 @@ public class PostBrokerFlowTest extends AbstractIdentityProviderTest {
         loginTotpPage.assertCurrent();
         loginTotpPage.login(totp.generateTOTP(totpSecret));
 
-        assertFederatedUser(getProviderId() + ".test-user", "test-user@localhost", "test-user", getProviderId());
+        assertFederatedUser("test-user", "test-user@localhost", "test-user", getProviderId());
 
         driver.navigate().to("http://localhost:8081/test-app/logout");
 
@@ -141,7 +141,7 @@ public class PostBrokerFlowTest extends AbstractIdentityProviderTest {
         this.session = brokerServerRule.startSession();
 
         loginIDP("test-user");
-        assertFederatedUser(getProviderId() + ".test-user", "test-user@localhost", "test-user", getProviderId());
+        assertFederatedUser("test-user", "test-user@localhost", "test-user", getProviderId());
         driver.navigate().to("http://localhost:8081/test-app/logout");
     }
 
@@ -248,7 +248,7 @@ public class PostBrokerFlowTest extends AbstractIdentityProviderTest {
 
         // assert reauthentication with login page. On login page is link to kc-saml-idp-basic as user has it linked already
         Assert.assertEquals("Log in to " + APP_REALM_ID, this.driver.getTitle());
-        Assert.assertEquals("Authenticate as kc-saml-idp-basic.test-user to link your account with " + getProviderId(), this.loginPage.getSuccessMessage());
+        Assert.assertEquals("Authenticate as test-user to link your account with " + getProviderId(), this.loginPage.getSuccessMessage());
 
         // reauthenticate with SAML broker. OTP authentication is required as well
         this.loginPage.clickSocial("kc-saml-idp-basic");
@@ -267,7 +267,7 @@ public class PostBrokerFlowTest extends AbstractIdentityProviderTest {
         }
 
         // authenticated and redirected to app. User is linked with both identity providers
-        assertFederatedUser("kc-saml-idp-basic.test-user", "test-user@localhost", "test-user", getProviderId(), "kc-saml-idp-basic");
+        assertFederatedUser("test-user", "test-user@localhost", "test-user", getProviderId(), "kc-saml-idp-basic");
     }
 
     private void setPostBrokerFlowForProvider(IdentityProviderModel identityProvider, RealmModel realm, boolean enable) {