From 44c341d42e76b406a39600a916c071ba86096e24 Mon Sep 17 00:00:00 2001
From: Livio Amstutz <livio.a@gmail.com>
Date: Thu, 15 Oct 2020 09:41:50 +0200
Subject: [PATCH] improve userinfo token handling

---
 pkg/op/userinfo.go | 10 ++--------
 1 file changed, 2 insertions(+), 8 deletions(-)

diff --git a/pkg/op/userinfo.go b/pkg/op/userinfo.go
index 0b27a5e..6701eb3 100644
--- a/pkg/op/userinfo.go
+++ b/pkg/op/userinfo.go
@@ -28,20 +28,14 @@ func Userinfo(w http.ResponseWriter, r *http.Request, userinfoProvider UserinfoP
 		http.Error(w, "access token missing", http.StatusUnauthorized)
 		return
 	}
-	var tokenID string
-	if strings.HasPrefix(accessToken, "eyJhbGci") { //TODO: improve
+	tokenID, err := userinfoProvider.Crypto().Decrypt(accessToken)
+	if err != nil {
 		accessTokenClaims, err := VerifyAccessToken(r.Context(), accessToken, userinfoProvider.AccessTokenVerifier())
 		if err != nil {
 			http.Error(w, "access token invalid", http.StatusUnauthorized)
 			return
 		}
 		tokenID = accessTokenClaims.GetTokenID()
-	} else {
-		tokenID, err = userinfoProvider.Crypto().Decrypt(accessToken)
-		if err != nil {
-			http.Error(w, "access token invalid", http.StatusUnauthorized)
-			return
-		}
 	}
 	info, err := userinfoProvider.Storage().GetUserinfoFromToken(r.Context(), tokenID, r.Header.Get("origin"))
 	if err != nil {