fix: validating id_token

lakhansamani · lakhansamani · commit 70bab70ead35 · 2022-11-23T22:03:08.000+05:30
diff --git a/server/env/env.go b/server/env/env.go
@@ -332,7 +332,7 @@ func InitAllEnv() error {
 		envData[constants.EnvKeyJwtRoleClaim] = osJwtRoleClaim
 
 		if envData[constants.EnvKeyJwtRoleClaim] == "" {
-			envData[constants.EnvKeyJwtRoleClaim] = "role"
+			envData[constants.EnvKeyJwtRoleClaim] = "roles"
 		}
 	}
 	if osJwtRoleClaim != "" && envData[constants.EnvKeyJwtRoleClaim] != osJwtRoleClaim {
diff --git a/server/resolvers/validate_jwt_token.go b/server/resolvers/validate_jwt_token.go
@@ -77,7 +77,16 @@ func ValidateJwtTokenResolver(ctx context.Context, params model.ValidateJWTToken
 		}
 	}
 
-	claimRolesInterface := claims["roles"]
+	claimKey := "roles"
+
+	if tokenType == constants.TokenTypeIdentityToken {
+		claimKey, err = memorystore.Provider.GetStringStoreEnvVariable(constants.EnvKeyJwtRoleClaim)
+		if err != nil {
+			claimKey = "roles"
+		}
+	}
+
+	claimRolesInterface := claims[claimKey]
 	roleSlice := utils.ConvertInterfaceToSlice(claimRolesInterface)
 	for _, v := range roleSlice {
 		claimRoles = append(claimRoles, v.(string))

Original file line number	Diff line number	Diff line change
`@@ -332,7 +332,7 @@ func InitAllEnv() error {`
`332`	`332`	`envData[constants.EnvKeyJwtRoleClaim] = osJwtRoleClaim`
`333`	`333`
`334`	`334`	`if envData[constants.EnvKeyJwtRoleClaim] == "" {`
`335`		`- envData[constants.EnvKeyJwtRoleClaim] = "role"`
	`335`	`+ envData[constants.EnvKeyJwtRoleClaim] = "roles"`
`336`	`336`	`}`
`337`	`337`	`}`
`338`	`338`	`if osJwtRoleClaim != "" && envData[constants.EnvKeyJwtRoleClaim] != osJwtRoleClaim {`