fix(oidc): return correct extra claims (#7071)

The GetExtraClaims function is called during introspection which doesn't need the extra claims from the ID Token Session. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
authelia · Apr 3, 2024 · a9021aa · a9021aa
1 parent 11328cd
commit a9021aa
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 6 deletions.
diff --git a/internal/oidc/session.go b/internal/oidc/session.go
@@ -167,10 +167,6 @@ func (s *Session) GetIDTokenClaims() *jwt.IDTokenClaims {
 
 // GetExtraClaims returns the Extra/Unregistered claims for this session.
 func (s *Session) GetExtraClaims() map[string]any {
-	if s.DefaultSession != nil && s.DefaultSession.Claims != nil {
-		return s.DefaultSession.Claims.Extra
-	}
-
 	return s.Extra
 }
 

diff --git a/internal/oidc/session_test.go b/internal/oidc/session_test.go
@@ -48,7 +48,7 @@ func TestOpenIDSession_GetExtraClaims(t *testing.T) {
 			},
 		},
 		{
-			"ShouldReturnIDTokenClaimsExtra",
+			"ShouldNotReturnIDTokenClaimsExtra",
 			&oidc.Session{
 				DefaultSession: &openid.DefaultSession{
 					Claims: &jwt.IDTokenClaims{
@@ -62,7 +62,7 @@ func TestOpenIDSession_GetExtraClaims(t *testing.T) {
 				},
 			},
 			map[string]any{
-				"b": 2,
+				"a": 1,
 			},
 		},
 	}