cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: possible nil pointer on userinfo

Browse source
This commit is contained in:
Livio Amstutz 2020-10-15 12:42:04 +02:00
parent 9943f20215
commit f40a07feeb
1 changed files with 4 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

4
pkg/op/userinfo.go
View file

@ -33,6 +33,10 @@ func Userinfo(w http.ResponseWriter, r *http.Request, userinfoProvider UserinfoP
return return
} }
splittedToken := strings.Split(tokenIDSubject, ":") splittedToken := strings.Split(tokenIDSubject, ":")
if len(splittedToken) != 2 {
http.Error(w, "access token invalid", http.StatusUnauthorized)
return
}
info, err := userinfoProvider.Storage().GetUserinfoFromToken(r.Context(), splittedToken[0], splittedToken[1], r.Header.Get("origin")) info, err := userinfoProvider.Storage().GetUserinfoFromToken(r.Context(), splittedToken[0], splittedToken[1], r.Header.Get("origin"))
if err != nil { if err != nil {
w.WriteHeader(http.StatusForbidden) w.WriteHeader(http.StatusForbidden)