Merge branch 'skip-kid-1551' of https://github.com/TykTechnologies/tyk …

…into skip-kid-1551
TykTechnologies · May 16, 2018 · 8262de3 · 8262de3
2 parents 7be5ddb + 84ba095
commit 8262de3
Showing 1 changed file with 3 additions and 17 deletions.
diff --git a/mw_jwt.go b/mw_jwt.go
@@ -239,7 +239,7 @@ func (k *JWTMiddleware) getUserIdFromClaim(token *jwt.Token) (string, error) {
 	if !found {
 		userId, found = token.Claims.(jwt.MapClaims)[SUB].(string)
 		if !found {
-			message := fmt.Sprintf("user id was not found in claims: %s", userId)
+			message := fmt.Sprint("user id was not found in claims")
 			log.Error(message)
 			return "", errors.New(message)
 		}
@@ -252,25 +252,11 @@ func (k *JWTMiddleware) getUserIdFromClaim(token *jwt.Token) (string, error) {
 func (k *JWTMiddleware) processCentralisedJWT(r *http.Request, token *jwt.Token) (error, int) {
 	log.Debug("JWT authority is centralised")
 
-	// Generate a virtual token
-	baseFieldData, baseFound := token.Claims.(jwt.MapClaims)[k.Spec.JWTIdentityBaseField].(string)
-	if !baseFound {
-		log.Warning("Base Field not found, using SUB")
-		var found bool
-		baseFieldData, found = token.Claims.(jwt.MapClaims)["sub"].(string)
-		if !found {
-			log.Error("ID Could not be generated. Failing Request.")
-			k.reportLoginFailure("[NOT FOUND]", r)
-			return errors.New("Key not authorized"), http.StatusForbidden
-		}
-
-
 	var baseFieldData string
-
 	baseFieldData, err := k.getUserIdFromClaim(token)
 	if err != nil {
 		k.reportLoginFailure("[NOT FOUND]", r)
-		return err, 403
+		return err, http.StatusForbidden
 	}
 
 	// Generate a virtual token
@@ -509,7 +495,7 @@ func (k *JWTMiddleware) ProcessRequest(w http.ResponseWriter, r *http.Request, _
 	if err != nil {
 		logEntry.Error("JWT validation error: ", err)
 		return errors.New("Key not authorized:" + err.Error()), http.StatusForbidden
-	} 
+	}
 	return errors.New("Key not authorized"), 403
 }