From aa5ddb396bf90e1e0fddbd47b14b533f10d16001 Mon Sep 17 00:00:00 2001
From: Giuseppe Lo Presti <giuseppe.lopresti@cern.ch>
Date: Fri, 17 Jun 2022 12:28:14 +0200
Subject: [PATCH] Use email as displayname for external users opening WOPI apps

---
 changelog/unreleased/wopi-ext-users.md |  7 +++++++
 pkg/app/provider/wopi/wopi.go          | 18 +++++++++++-------
 2 files changed, 18 insertions(+), 7 deletions(-)
 create mode 100644 changelog/unreleased/wopi-ext-users.md

diff --git a/changelog/unreleased/wopi-ext-users.md b/changelog/unreleased/wopi-ext-users.md
new file mode 100644
index 00000000000..bc76b4ec5a6
--- /dev/null
+++ b/changelog/unreleased/wopi-ext-users.md
@@ -0,0 +1,7 @@
+Enh: use email as display name for external users opening WOPI apps
+
+We use now the email claim for external/federated accounts as the
+`username` that is then passed to the wopiserver and used as
+`displayName` in the WOPI context.
+
+https://github.com/cs3org/reva/pull/2986
diff --git a/pkg/app/provider/wopi/wopi.go b/pkg/app/provider/wopi/wopi.go
index 8d832464c57..0b79e1d439f 100644
--- a/pkg/app/provider/wopi/wopi.go
+++ b/pkg/app/provider/wopi/wopi.go
@@ -147,11 +147,6 @@ func (p *wopiProvider) GetAppURL(ctx context.Context, resource *provider.Resourc
 
 	u, ok := ctxpkg.ContextGetUser(ctx)
 	if ok { // else defaults to "Guest xyz"
-		if u.Id.Type == userpb.UserType_USER_TYPE_LIGHTWEIGHT || u.Id.Type == userpb.UserType_USER_TYPE_FEDERATED {
-			q.Add("userid", resource.Owner.OpaqueId+"@"+resource.Owner.Idp)
-		} else {
-			q.Add("userid", u.Id.OpaqueId+"@"+u.Id.Idp)
-		}
 		var isPublicShare bool
 		if u.Opaque != nil {
 			if _, ok := u.Opaque.Map["public-share-role"]; ok {
@@ -159,8 +154,17 @@ func (p *wopiProvider) GetAppURL(ctx context.Context, resource *provider.Resourc
 			}
 		}
 
-		if !isPublicShare {
-			q.Add("username", u.Username)
+		if u.Id.Type == userpb.UserType_USER_TYPE_LIGHTWEIGHT || u.Id.Type == userpb.UserType_USER_TYPE_FEDERATED {
+			q.Add("userid", resource.Owner.OpaqueId+"@"+resource.Owner.Idp)
+			if !isPublicShare {
+				// for visual display, federated/external accounts are shown with their email but act on behalf of the owner
+				q.Add("username", u.Mail)
+			}
+		} else {
+			q.Add("userid", u.Id.OpaqueId+"@"+u.Id.Idp)
+			if !isPublicShare {
+				q.Add("username", u.Username)
+			}
 		}
 	}