Fall back to using sub if email is none (as in PR #57)

This commit is contained in:
Brian Van Klaveren 2019-05-01 09:22:25 -07:00
parent 79acef9036
commit 58b06ce761

View File

@ -901,6 +901,7 @@ func (p *OAuthProxy) GetJwtSession(req *http.Request) (*sessionsapi.SessionState
}
var claims struct {
Subject string `json:"sub"`
Email string `json:"email"`
Verified *bool `json:"email_verified"`
}
@ -910,7 +911,7 @@ func (p *OAuthProxy) GetJwtSession(req *http.Request) (*sessionsapi.SessionState
}
if claims.Email == "" {
return nil, fmt.Errorf("id_token did not contain an email")
claims.Email = claims.Subject
}
if claims.Verified != nil && !*claims.Verified {