Make uid label configurable

.gitignore

@@ -2,6 +2,7 @@
 *.rbc
 .bundle
 .config
+.idea
 .yardoc
 InstalledFiles
 _yardoc

lib/omniauth/strategies/openid_connect.rb

@@ -47,8 +47,16 @@ class OpenIDConnect
       option :send_scope_to_token_endpoint, true
       option :client_auth_method
       option :post_logout_redirect_uri
-
-      uid { user_info.sub }
+      option :uid_field, 'sub'
+
+      uid do
+        begin
+          user_info.public_send(options.uid_field.to_s)
+        rescue NoMethodError => e
+          log :warn, "User sub:#{user_info.sub} missing info field: #{options.uid_field.to_s}"
+          user_info.sub
+        end
+      end
 
       info do
         {

test/lib/omniauth/strategies/openid_connect_test.rb

@@ -114,6 +114,12 @@ def test_request_phase_with_discovery
 
       def test_uid
         assert_equal user_info.sub, strategy.uid
+
+        strategy.options.uid_field = 'preferred_username'
+        assert_equal user_info.preferred_username, strategy.uid
+
+        strategy.options.uid_field = 'something'
+        assert_equal user_info.sub, strategy.uid
       end
 
       def test_callback_phase(session = {}, params = {})
@@ -213,6 +219,18 @@ def test_callback_phase_with_invalid_state
         assert result.first == 401, "Expecting unauthorized"
       end
 
+      def test_callback_phase_without_code
+        state = SecureRandom.hex(16)
+        nonce = SecureRandom.hex(16)
+        request.stubs(:params).returns('state' => state)
+        request.stubs(:path_info).returns('')
+
+        strategy.call!('rack.session' => { 'omniauth.state' => state, 'omniauth.nonce' => nonce })
+
+        strategy.expects(:fail!)
+        result = strategy.callback_phase
+      end
+
       def test_callback_phase_with_timeout
         code = SecureRandom.hex(16)
         state = SecureRandom.hex(16)