Unverified Commit f5c8ccba authored by Cornelio Hopmann's avatar Cornelio Hopmann Committed by GitHub
Browse files

FIX: email_verified is a string on azure instead of bool (#641)

parent 041cd0f7
......@@ -4,8 +4,10 @@ import (
"context"
"crypto/rand"
"encoding/base64"
"encoding/json"
"fmt"
"net/http"
"strconv"
"time"
"github.com/coreos/go-oidc"
......@@ -40,6 +42,38 @@ type User struct {
UserInfoClaims map[string]interface{} `json:"user_info_claims"`
}
func (u *User) UnmarshalJSON(data []byte) error {
tmp := &struct {
ExternalID string `json:"sub"`
Name string `json:"name"`
Email string `json:"email"`
EmailVerified interface{} `json:"email_verified"`
UserInfoClaims map[string]interface{} `json:"user_info_claims"`
}{}
if err := json.Unmarshal(data, &tmp); err != nil {
return err
}
u.ExternalID = tmp.ExternalID
u.Name = tmp.Name
u.Email = tmp.Email
u.UserInfoClaims = tmp.UserInfoClaims
switch v := tmp.EmailVerified.(type) {
case string:
t, err := strconv.ParseBool(v)
if err != nil {
return err
}
u.EmailVerified = t
case bool:
u.EmailVerified = v
}
return nil
}
// Setup configured the OpenID Connect endpoint handlers.
func Setup(conf config.Config, r *mux.Router) error {
oidcConfig := conf.ApplicationServer.UserAuthentication.OpenIDConnect
......
......@@ -2,6 +2,7 @@ package oidc
import (
"context"
"encoding/json"
"testing"
"github.com/stretchr/testify/require"
......@@ -15,4 +16,56 @@ func TestNewAuthenticator(t *testing.T) {
_, err := newAuthenticator(context.Background())
assert.Equal("openid connect is not properly configured", err.Error())
})
t.Run("Claims Unmarshalling", func(t *testing.T) {
emailVerifiedAsString := `
{
"sub": "chirpstack-oidc",
"name": "brocaar",
"email": "chirpstack@chirpstack.io",
"email_verified": "true",
"user_info_claims": {
"some_key": "some_value",
"some_other": "another_value"
}
}`
var userStr User
err := json.Unmarshal([]byte(emailVerifiedAsString), &userStr)
assert.NoError(err)
assert.Equal(true, userStr.EmailVerified, "string parsing should return true")
emailVerifiedAsBool := `
{
"sub": "chirpstack-oidc",
"name": "brocaar",
"email": "chirpstack@chirpstack.io",
"email_verified": true,
"user_info_claims": {
"some_key": "some_value",
"some_other": "another_value"
}
}`
var userBool User
err = json.Unmarshal([]byte(emailVerifiedAsBool), &userBool)
assert.NoError(err)
assert.Equal(true, userBool.EmailVerified, "bool parsing should return true")
emailVerifiedMissing := `{
"sub": "chirpstack-oidc",
"name": "brocaar",
"email": "chirpstack@chirpstack.io",
"user_info_claims": {
"some_key": "some_value",
"some_other": "another_value"
}
}`
var userMiss User
err = json.Unmarshal([]byte(emailVerifiedMissing), &userMiss)
assert.NoError(err)
assert.Equal(false, userMiss.EmailVerified, "should default to false if missing")
})
}
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment