Merge branch 'stable-3.1'

* stable-3.1:
  LemonLDAP::NG: Remove getBearerSignature() override
  LemonLDAP::NG: Fix default scope name
  LemonLDAP::NG: Set username claim name in accordance with specs

Change-Id: I04446c560f68a53b68921c6b7e8d9e697b57071d
diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/LemonLDAPApi.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/LemonLDAPApi.java
index 7b66c25..55ebf38 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/oauth/LemonLDAPApi.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/LemonLDAPApi.java
@@ -15,8 +15,6 @@
 package com.googlesource.gerrit.plugins.oauth;
 
 import com.github.scribejava.core.builder.api.DefaultApi20;
-import com.github.scribejava.core.oauth2.bearersignature.BearerSignature;
-import com.github.scribejava.core.oauth2.bearersignature.BearerSignatureURIQueryParameter;
 import com.github.scribejava.core.oauth2.clientauthentication.ClientAuthentication;
 import com.github.scribejava.core.oauth2.clientauthentication.RequestBodyAuthenticationScheme;
 
@@ -45,11 +43,4 @@
   public ClientAuthentication getClientAuthentication() {
     return RequestBodyAuthenticationScheme.instance();
   }
-
-  // TODO(davido): Remove this override, if BearerSignatureAuthorization
-  // request header field is supported.
-  @Override
-  public BearerSignature getBearerSignature() {
-    return BearerSignatureURIQueryParameter.instance();
-  }
 }
diff --git a/src/main/java/com/googlesource/gerrit/plugins/oauth/LemonLDAPOAuthService.java b/src/main/java/com/googlesource/gerrit/plugins/oauth/LemonLDAPOAuthService.java
index f1a0dbe..e213cc3 100644
--- a/src/main/java/com/googlesource/gerrit/plugins/oauth/LemonLDAPOAuthService.java
+++ b/src/main/java/com/googlesource/gerrit/plugins/oauth/LemonLDAPOAuthService.java
@@ -62,7 +62,7 @@
     service =
         new ServiceBuilder(cfg.getString(InitOAuth.CLIENT_ID))
             .apiSecret(cfg.getString(InitOAuth.CLIENT_SECRET))
-            .defaultScope("openid+email+profile")
+            .defaultScope("openid profile email")
             .callback(canonicalWebUrl + "oauth")
             .build(new LemonLDAPApi(rootUrl));
   }
@@ -90,7 +90,7 @@
         throw new IOException("Response doesn't contain 'user' field" + jsonObject);
       }
       JsonElement id = jsonObject.get("sub");
-      JsonElement username = jsonObject.get("username");
+      JsonElement username = jsonObject.get("preferred_username");
       JsonElement email = jsonObject.get("email");
       JsonElement name = jsonObject.get("name");
       return new OAuthUserInfo(