devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

fix: validating id_token

Browse Source
This commit is contained in:
Lakhan Samani 2022-11-23 22:03:08 +05:30
parent 6ddaf88e3f
commit 70bab70ead
2 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
server/env/env.go vendored
View File

@ -332,7 +332,7 @@ func InitAllEnv() error {
envData[constants.EnvKeyJwtRoleClaim] = osJwtRoleClaim envData[constants.EnvKeyJwtRoleClaim] = osJwtRoleClaim
if envData[constants.EnvKeyJwtRoleClaim] == "" { if envData[constants.EnvKeyJwtRoleClaim] == "" {
envData[constants.EnvKeyJwtRoleClaim] = "role" envData[constants.EnvKeyJwtRoleClaim] = "roles"
} }
} }
if osJwtRoleClaim != "" && envData[constants.EnvKeyJwtRoleClaim] != osJwtRoleClaim { if osJwtRoleClaim != "" && envData[constants.EnvKeyJwtRoleClaim] != osJwtRoleClaim {

11
server/resolvers/validate_jwt_token.go
View File

@ -77,7 +77,16 @@ func ValidateJwtTokenResolver(ctx context.Context, params model.ValidateJWTToken
} }
} }
claimRolesInterface := claims["roles"] claimKey := "roles"
if tokenType == constants.TokenTypeIdentityToken {
claimKey, err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtRoleClaim)
if err != nil {
claimKey = "roles"
}
}
claimRolesInterface := claims[claimKey]
roleSlice := utils.ConvertInterfaceToSlice(claimRolesInterface) roleSlice := utils.ConvertInterfaceToSlice(claimRolesInterface)
for _, v := range roleSlice { for _, v := range roleSlice {
claimRoles = append(claimRoles, v.(string)) claimRoles = append(claimRoles, v.(string))