From a66d984a9576b44fca88cacc2d204de2a9998231 Mon Sep 17 00:00:00 2001 From: DasSkelett Date: Wed, 6 Apr 2022 11:22:47 +0200 Subject: [PATCH] Fix OIDC callback if name claim is missing --- pkg/authnz/authconfig/oidc.go | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/pkg/authnz/authconfig/oidc.go b/pkg/authnz/authconfig/oidc.go index eb839b69..54adbb08 100644 --- a/pkg/authnz/authconfig/oidc.go +++ b/pkg/authnz/authconfig/oidc.go @@ -8,12 +8,13 @@ import ( "strings" "time" - "github.com/coreos/go-oidc" - "github.com/gorilla/mux" - "github.com/pkg/errors" "github.com/freifunkMUC/wg-access-server/pkg/authnz/authruntime" "github.com/freifunkMUC/wg-access-server/pkg/authnz/authsession" "github.com/freifunkMUC/wg-access-server/pkg/authnz/authutil" + + "github.com/coreos/go-oidc" + "github.com/gorilla/mux" + "github.com/pkg/errors" "github.com/sirupsen/logrus" "golang.org/x/oauth2" "gopkg.in/Knetic/govaluate.v2" @@ -138,14 +139,18 @@ func (c *OIDCConfig) callbackHandler(runtime *authruntime.ProviderRuntime, oauth } } + identity := &authsession.Identity{ + Provider: c.Name, + Subject: info.Subject, + Email: info.Email, + Claims: *claims, + } + if name, ok := oidcProfileData["name"].(string); ok { + identity.Name = name + } + err = runtime.SetSession(w, r, &authsession.AuthSession{ - Identity: &authsession.Identity{ - Provider: c.Name, - Subject: info.Subject, - Email: info.Email, - Name: oidcProfileData["name"].(string), - Claims: *claims, - }, + Identity: identity, }) if err != nil { http.Error(w, err.Error(), http.StatusUnauthorized)