Fix OIDC callback if name claim is missing

DasSkelett · Apr 6, 2022 · a66d984 · a66d984
1 parent 1cbe7b1
commit a66d984
Showing 1 changed file with 15 additions and 10 deletions.
diff --git a/pkg/authnz/authconfig/oidc.go b/pkg/authnz/authconfig/oidc.go
@@ -8,12 +8,13 @@ import (
 	"strings"
 	"time"
 
-	"github.com/coreos/go-oidc"
-	"github.com/gorilla/mux"
-	"github.com/pkg/errors"
 	"github.com/freifunkMUC/wg-access-server/pkg/authnz/authruntime"
 	"github.com/freifunkMUC/wg-access-server/pkg/authnz/authsession"
 	"github.com/freifunkMUC/wg-access-server/pkg/authnz/authutil"
+
+	"github.com/coreos/go-oidc"
+	"github.com/gorilla/mux"
+	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"golang.org/x/oauth2"
 	"gopkg.in/Knetic/govaluate.v2"
@@ -138,14 +139,18 @@ func (c *OIDCConfig) callbackHandler(runtime *authruntime.ProviderRuntime, oauth
 			}
 		}
 
+		identity := &authsession.Identity{
+			Provider: c.Name,
+			Subject:  info.Subject,
+			Email:    info.Email,
+			Claims:   *claims,
+		}
+		if name, ok := oidcProfileData["name"].(string); ok {
+			identity.Name = name
+		}
+
 		err = runtime.SetSession(w, r, &authsession.AuthSession{
-			Identity: &authsession.Identity{
-				Provider: c.Name,
-				Subject:  info.Subject,
-				Email:    info.Email,
-				Name:     oidcProfileData["name"].(string),
-				Claims:   *claims,
-			},
+			Identity: identity,
 		})
 		if err != nil {
 			http.Error(w, err.Error(), http.StatusUnauthorized)