Discord changed their minds on unique usernames, so let's change our …

…implementation to reflect that
vouch · May 3, 2023 · d6c22f9 · d6c22f9
1 parent 053fb7f
commit d6c22f9
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 20 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,7 +4,7 @@
 
 Coming soon! Please document any work in progress here as part of your PR. It will be moved to the next tag when released.
 
-* Implement a Discord provider that uses `Username#Discriminator` as the username to match against in the `whiteList` config
+* Implement a Discord provider that uses `id` as the username to match against in the `whiteList` config
 * Upgrade golang to `v1.19` from `v1.18`
 
 ## v0.39.0

diff --git a/config/config.yml_example_discord b/config/config.yml_example_discord
@@ -5,9 +5,9 @@
 vouch:
   domains:
     - yourdomain.com
-  # whiteList is a list of username#discriminator that will allow a login if allowAllUsers is false
+  # whiteList is a list of user ids that will allow a login if allowAllUsers is false
   whiteList:
-    - loganintech#0001
+    - 12341234123412345
 
   cookie:
     # allow the jwt/cookie to be set into http://yourdomain.com (defaults to true, requiring https://yourdomain.com)

diff --git a/pkg/providers/discord/discord.go b/pkg/providers/discord/discord.go
@@ -12,7 +12,7 @@ package discord
 
 import (
 	"encoding/json"
-	"io/ioutil"
+	"io"
 	"net/http"
 
 	"golang.org/x/oauth2"
@@ -48,7 +48,7 @@ func (Provider) GetUserInfo(r *http.Request, user *structs.User, customClaims *s
 			rerr = err
 		}
 	}()
-	data, _ := ioutil.ReadAll(userinfo.Body)
+	data, _ := io.ReadAll(userinfo.Body)
 	log.Infof("Discord userinfo body: %s", string(data))
 	if err = common.MapClaims(data, customClaims); err != nil {
 		log.Error(err)
@@ -59,8 +59,12 @@ func (Provider) GetUserInfo(r *http.Request, user *structs.User, customClaims *s
 		log.Error(err)
 		return err
 	}
-	discordUser.PrepareUserData()
-	user.Username = discordUser.PreparedUsername
+
+	// The Id is the one thing guaranteed to be unique
+	// Discord is currently transitioning their username#discriminator system to an @username system that makes
+	// each username unique, which is not a constraint they had before. The API will change from them to reflect this
+	// https://support.discord.com/hc/en-us/articles/12620128861463
+	user.Username = discordUser.Id
 	user.Email = discordUser.Email
 	return nil
 }
diff --git a/pkg/structs/structs.go b/pkg/structs/structs.go
@@ -11,7 +11,6 @@ OR CONDITIONS OF ANY KIND, either express or implied.
 package structs
 
 import (
-	"fmt"
 	"strconv"
 )
 
@@ -246,16 +245,9 @@ type PTokens struct {
 
 // DiscordUser deserializes values from the Discord User Object: https://discord.com/developers/docs/resources/user#user-object-user-structure
 type DiscordUser struct {
-	Id               string `json:"id"`
-	Username         string `json:"username"`
-	Discriminator    string `json:"discriminator"`
-	PreparedUsername string
-	Email            string `json:"email"`
-	Verified         bool   `json:"verified"`
-}
-
-// PrepareUserData copies the Username and Discriminator in the format that Discord guarantees to be unique
-// https://support.discord.com/hc/en-us/articles/4407571667351-Law-Enforcement-Guidelines Subheading "How to find usernames and discriminators"
-func (u *DiscordUser) PrepareUserData() {
-	u.PreparedUsername = fmt.Sprintf("%s#%s", u.Username, u.Discriminator)
+	Id            string `json:"id"`
+	Username      string `json:"username"`
+	Discriminator string `json:"discriminator"`
+	Email         string `json:"email"`
+	Verified      bool   `json:"verified"`
 }