Open
Description
Describe the bug
OneTimeTokenAuthenticationProvider does not set Principal correctly
To Reproduce
Log in via OneTimeToken with custom UserDetails with i.e. email additional field
Expected behavior
OneTimeTokenAuthenticationToken should have email field present in Principal
Bug
By my opinion bug is in line:
authenticated.setDetails(otpAuthenticationToken.getDetails());
otpAuthenticationToken is unathenticated token and does not have details!
line should probably be:
authenticated.setDetails(user);