Handling User information from home organizations to CILogon through Keycloak #42
Description
CILogon is the federated identity and access management used for Cybershuttle. When Cybershutte users use their selected organization, it could be their academic institution credentials, Google, Git, ORCID, etc. From these organizations, a certain set of information is passed to CILogon, and that gets added to their profiles in Keycloak.
The mandatory details required from Keycloak are username, email, first name, and last name. If any of these are missing, a window would be prompted to users to fill them in.
If users change the username, it can and may cause issues, and it is better to let system administrators change it; to the email.
- Users should not be able to change the username in this Keycloak window
- Only show it to the user if the email, first name and last name are missing.
- If the username is missing, the system should apply the email without prompting the user.
- If the username is not in the required format, with the validation system, the system should change it to the email; please handle it without letting the user know.
- When prompting, either remove the username or make it read-only.
Question: How to handle if both username and email are missing?
Can the system apply a unique string until the email is provided? Then the system can replace it with the email when the email is presented.
This fix needs to be applied and tested.
NOTE: The admin.cybershuttle.org currently has a feature where the existing non-email username can be replaced by the use's email. This feature can be used by administrators to update the username, as long as an email address is associated with it.