From 5a50f6223f33d2e68ea4b23e9ffae977d8423bbe Mon Sep 17 00:00:00 2001
From: Brian Van Klaveren <bvan@slac.stanford.edu>
Date: Mon, 17 Jun 2019 12:58:40 -0700
Subject: [PATCH] Do not infer username from email

---
 oauthproxy.go | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/oauthproxy.go b/oauthproxy.go
index e0f5e48..9afa991 100644
--- a/oauthproxy.go
+++ b/oauthproxy.go
@@ -917,7 +917,6 @@ func (p *OAuthProxy) GetJwtSession(req *http.Request) (*sessionsapi.SessionState
 		if claims.Verified != nil && !*claims.Verified {
 			return nil, fmt.Errorf("email in id_token (%s) isn't verified", claims.Email)
 		}
-		user := strings.Split(claims.Email, "@")[0]
 
 		session = &sessionsapi.SessionState{
 			AccessToken:  rawBearerToken,
@@ -925,7 +924,7 @@ func (p *OAuthProxy) GetJwtSession(req *http.Request) (*sessionsapi.SessionState
 			RefreshToken: "",
 			ExpiresOn:    bearerToken.Expiry,
 			Email:        claims.Email,
-			User:         user,
+			User:         claims.Email,
 		}
 		return session, nil
 	}