meutel/oauth2_proxy
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Do not infer username from email

Browse Source
This commit is contained in:
Brian Van Klaveren 2019-06-17 12:58:40 -07:00
parent 100f126405
commit 5a50f6223f
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
oauthproxy.go
View File

@ -917,7 +917,6 @@ func (p *OAuthProxy) GetJwtSession(req *http.Request) (*sessionsapi.SessionState
if claims.Verified != nil && !*claims.Verified { if claims.Verified != nil && !*claims.Verified {
return nil, fmt.Errorf("email in id_token (%s) isn't verified", claims.Email) return nil, fmt.Errorf("email in id_token (%s) isn't verified", claims.Email)
} }
user := strings.Split(claims.Email, "@")[0]
session = &sessionsapi.SessionState{ session = &sessionsapi.SessionState{
AccessToken: rawBearerToken, AccessToken: rawBearerToken,
@ -925,7 +924,7 @@ func (p *OAuthProxy) GetJwtSession(req *http.Request) (*sessionsapi.SessionState
RefreshToken: "", RefreshToken: "",
ExpiresOn: bearerToken.Expiry, ExpiresOn: bearerToken.Expiry,
Email: claims.Email, Email: claims.Email,
User: user, User: claims.Email,
} }
return session, nil return session, nil
} }