ci: bump version to v4.47.0

CHANGELOG.md

@@ -418,3 +418,13 @@
 ### Features
 
 * Add logging for OpenID authentication process in OpenIDController ([b729344](https://git.janis-eccarius.de/KnockOutWhist/KnockOutWhist-Web/commit/b729344d1e79c631146dd988248d033d97e12d93))
+##  (2026-01-20)
+
+### Features
+
+* Add error logging for user info retrieval in OpenIDConnectService ([861f2f1](https://git.janis-eccarius.de/KnockOutWhist/KnockOutWhist-Web/commit/861f2f1184e860fdd164481167f941c11accfedd))
+##  (2026-01-20)
+
+### Features
+
+* Add idClaimName parameter to OpenIDConnectService for flexible ID claim mapping ([2f38855](https://git.janis-eccarius.de/KnockOutWhist/KnockOutWhist-Web/commit/2f388554495d8bd44b4c533baa0f2fc27eea22c2))

knockoutwhistweb/app/services/OpenIDConnectService.scala

@@ -2,7 +2,7 @@ package services
 
 import com.typesafe.config.Config
 import play.api.libs.ws.WSClient
-import play.api.Configuration
+import play.api.{Configuration, Logger}
 import play.api.libs.json.*
 
 import java.net.URI
@@ -11,7 +11,6 @@ import scala.concurrent.{ExecutionContext, Future}
 import com.nimbusds.oauth2.sdk.*
 import com.nimbusds.oauth2.sdk.id.*
 import com.nimbusds.openid.connect.sdk.*
-
 import play.api.libs.ws.DefaultBodyWritables.*
 
 case class OpenIDUserInfo(
@@ -36,7 +35,8 @@ case class OpenIDProvider(
   authorizationEndpoint: String,
   tokenEndpoint: String,
   userInfoEndpoint: String,
-  scopes: Set[String] = Set("openid", "profile", "email")
+  scopes: Set[String] = Set("openid", "profile", "email"),
+  idClaimName: String = "id"
 )
 
 case class TokenResponse(
@@ -50,6 +50,8 @@ case class TokenResponse(
 @Singleton
 class OpenIDConnectService@Inject(ws: WSClient, config: Configuration)(implicit ec: ExecutionContext) {
 
+  private val logger = Logger(this.getClass)
+
   private val providers = Map(
     "discord" -> OpenIDProvider(
       name = "Discord",
@@ -69,7 +71,8 @@ class OpenIDConnectService@Inject(ws: WSClient, config: Configuration)(implicit
       authorizationEndpoint = config.get[String]("openid.keycloak.authUrl") + "/protocol/openid-connect/auth",
       tokenEndpoint = config.get[String]("openid.keycloak.authUrl") + "/protocol/openid-connect/token",
       userInfoEndpoint = config.get[String]("openid.keycloak.authUrl") + "/protocol/openid-connect/userinfo",
-      scopes = Set("openid", "profile", "email")
+      scopes = Set("openid", "profile", "email"),
+      idClaimName = "sub"
     )
   )
 
@@ -135,7 +138,7 @@ class OpenIDConnectService@Inject(ws: WSClient, config: Configuration)(implicit
             if (response.status == 200) {
               val json = response.json
               Some(OpenIDUserInfo(
-                id = (json \ "id").as[String],
+                id = (json \ provider.idClaimName).as[String],
                 email = (json \ "email").asOpt[String],
                 name = (json \ "name").asOpt[String].orElse((json \ "login").asOpt[String]),
                 picture = (json \ "picture").asOpt[String].orElse((json \ "avatar_url").asOpt[String]),
@@ -143,10 +146,15 @@ class OpenIDConnectService@Inject(ws: WSClient, config: Configuration)(implicit
                 providerName = provider.name
               ))
             } else {
+              logger.error(s"Failed to retrieve user info from ${provider.userInfoEndpoint}, status code ${response.status}")
               None
             }
           }
-          .recover { case _ => None }
+          .recover { case e => {
+            logger.error(s"Failed to retrieve user info from ${provider.userInfoEndpoint}", e)
+            None
+          }
+          }
       case None => Future.successful(None)
     }
   }

versions.env

@@ -1,3 +1,3 @@
 MAJOR=4
-MINOR=45
+MINOR=47
 PATCH=0