From 58b06ce761e0b706c9ba7e3081aa0441e75527de Mon Sep 17 00:00:00 2001
From: Brian Van Klaveren <bvan@slac.stanford.edu>
Date: Wed, 1 May 2019 09:22:25 -0700
Subject: [PATCH] Fall back to using sub if email is none (as in PR #57)

---
 oauthproxy.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/oauthproxy.go b/oauthproxy.go
index 714c7a3..e79793b 100644
--- a/oauthproxy.go
+++ b/oauthproxy.go
@@ -901,6 +901,7 @@ func (p *OAuthProxy) GetJwtSession(req *http.Request) (*sessionsapi.SessionState
 		}
 
 		var claims struct {
+			Subject  string `json:"sub"`
 			Email    string `json:"email"`
 			Verified *bool  `json:"email_verified"`
 		}
@@ -910,7 +911,7 @@ func (p *OAuthProxy) GetJwtSession(req *http.Request) (*sessionsapi.SessionState
 		}
 
 		if claims.Email == "" {
-			return nil, fmt.Errorf("id_token did not contain an email")
+			claims.Email = claims.Subject
 		}
 
 		if claims.Verified != nil && !*claims.Verified {