Added check to ensure 'sub' is present in claim before parsing and use token subjact if sub is not present in claims

wassafshahzad · wassafshahzad · commit 03721d11404f · 2024-10-26T02:49:07.000+02:00
diff --git a/filters/auth/oidc_introspection.go b/filters/auth/oidc_introspection.go
@@ -131,8 +131,13 @@ func (filter *oidcIntrospectionFilter) Request(ctx filters.FilterContext) {
 		return
 	}
 
-	sub := token.Claims["sub"].(string)
-	authorized(ctx, sub)
+	sub, ok := token.Claims["sub"]
+	if ok {
+		authorized(ctx, sub.(string))
+	} else {
+		sub := token.Subject
+		authorized(ctx, sub)
+	}
 }
 
 func (filter *oidcIntrospectionFilter) Response(filters.FilterContext) {}

Original file line number	Diff line number	Diff line change
`@@ -131,8 +131,13 @@ func (filter *oidcIntrospectionFilter) Request(ctx filters.FilterContext) {`
`131`	`131`	`return`
`132`	`132`	`}`
`133`	`133`
`134`		`- sub := token.Claims["sub"].(string)`
`135`		`- authorized(ctx, sub)`
	`134`	`+ sub, ok := token.Claims["sub"]`
	`135`	`+ if ok {`
	`136`	`+ authorized(ctx, sub.(string))`
	`137`	`+ } else {`
	`138`	`+ sub := token.Subject`
	`139`	`+ authorized(ctx, sub)`
	`140`	`+ }`
`136`	`141`	`}`
`137`	`142`
`138`	`143`	`func (filter *oidcIntrospectionFilter) Response(filters.FilterContext) {}`