Merge pull request #1320 from bverhoeven/rfc7662-sub

Client: Parse 'sub' key to identify resource owner in introspection response (RFC7662)

openid-connect-client/src/main/java/org/mitre/oauth2/introspectingfilter/IntrospectingTokenService.java

@@ -243,9 +243,12 @@ public class IntrospectingTokenService implements ResourceServerTokenServices {
 
 	private Authentication createUserAuthentication(JsonObject token) {
 		JsonElement userId = token.get("user_id");
+		if(userId == null) {
+			userId = token.get("sub");
 			if (userId == null) {
 				return null;
 			}
+		}
 
 		return new PreAuthenticatedAuthenticationToken(userId.getAsString(), token, introspectionAuthorityGranter.getAuthorities(token));
 	}