From 0c29403f3ac53a220a0b6e66f5d115b910ec549f Mon Sep 17 00:00:00 2001
From: Patrick Dowler <pdowler.cadc@gmail.com>
Date: Tue, 20 Feb 2024 12:34:36 -0800
Subject: [PATCH] bug fix: TokenValidator not keeping all bearer token
 principals

---
 cadc-util/build.gradle                                       | 2 +-
 cadc-util/src/main/java/ca/nrc/cadc/auth/TokenValidator.java | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/cadc-util/build.gradle b/cadc-util/build.gradle
index 04e27d08..ed7ca73a 100644
--- a/cadc-util/build.gradle
+++ b/cadc-util/build.gradle
@@ -16,7 +16,7 @@ sourceCompatibility = 1.8
 
 group = 'org.opencadc'
 
-version = '1.10.6'
+version = '1.10.7'
 
 description = 'OpenCADC core utility library'
 def git_url = 'https://github.com/opencadc/core'
diff --git a/cadc-util/src/main/java/ca/nrc/cadc/auth/TokenValidator.java b/cadc-util/src/main/java/ca/nrc/cadc/auth/TokenValidator.java
index 27aa6909..f04e53b5 100644
--- a/cadc-util/src/main/java/ca/nrc/cadc/auth/TokenValidator.java
+++ b/cadc-util/src/main/java/ca/nrc/cadc/auth/TokenValidator.java
@@ -150,7 +150,7 @@ public static Subject validateTokens(Subject subject) throws NotAuthenticatedExc
 
                 try {
                     SignedToken validatedToken = SignedToken.parse(credentials);
-                    subject.getPrincipals().add(validatedToken.getUser());
+                    subject.getPrincipals().addAll(validatedToken.getIdentityPrincipals());
 
                     AuthorizationToken authToken = new AuthorizationToken(
                         challengeType, credentials, validatedToken.getDomains(), validatedToken.getScope());