From be3cc13c27aad3a778bb46258b84293836b70e90 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20M=C3=B6hlmann?= Date: Mon, 27 Mar 2023 16:41:09 +0300 Subject: [PATCH] fix: merge user info claims into id token claims (#349) oidc IDTokenClaims.SetUserInfo did not set the claims map from user info. This fix merges the claims map into the IDToken Claims map. --- pkg/oidc/token.go | 8 +++++++- pkg/oidc/token_test.go | 2 ++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/pkg/oidc/token.go b/pkg/oidc/token.go index 127db97..776e758 100644 --- a/pkg/oidc/token.go +++ b/pkg/oidc/token.go @@ -8,6 +8,7 @@ import ( "golang.org/x/oauth2" "gopkg.in/square/go-jose.v2" + "github.com/muhlemmer/gu" "github.com/zitadel/oidc/v2/pkg/crypto" ) @@ -157,6 +158,11 @@ func (t *IDTokenClaims) SetUserInfo(i *UserInfo) { t.UserInfoEmail = i.UserInfoEmail t.UserInfoPhone = i.UserInfoPhone t.Address = i.Address + + if t.Claims == nil { + t.Claims = make(map[string]any, len(t.Claims)) + } + gu.MapMerge(i.Claims, t.Claims) } func (t *IDTokenClaims) GetUserInfo() *UserInfo { @@ -166,7 +172,7 @@ func (t *IDTokenClaims) GetUserInfo() *UserInfo { UserInfoEmail: t.UserInfoEmail, UserInfoPhone: t.UserInfoPhone, Address: t.Address, - Claims: t.Claims, + Claims: gu.MapCopy(t.Claims), } } diff --git a/pkg/oidc/token_test.go b/pkg/oidc/token_test.go index 8dcfc7e..7377a84 100644 --- a/pkg/oidc/token_test.go +++ b/pkg/oidc/token_test.go @@ -4,6 +4,7 @@ import ( "testing" "time" + "github.com/muhlemmer/gu" "github.com/stretchr/testify/assert" "golang.org/x/text/language" "gopkg.in/square/go-jose.v2" @@ -181,6 +182,7 @@ func TestIDTokenClaims_SetUserInfo(t *testing.T) { UserInfoEmail: userInfoData.UserInfoEmail, UserInfoPhone: userInfoData.UserInfoPhone, Address: userInfoData.Address, + Claims: gu.MapCopy(userInfoData.Claims), } var got IDTokenClaims