FIX: Appropriately assign values when fetching user details

lib/oauth2_basic_authenticator.rb

@@ -84,7 +84,7 @@ def walk_path(fragment, segments, seg_index = 0)
     return nil unless fragment.is_a?(Hash) || fragment.is_a?(Array)
     first_seg = segments[seg_index].scan(/([\d+])/).length > 0 ? first_seg.split("[")[0] : first_seg
     if fragment.is_a?(Hash)
-      deref = fragment[first_seg] || fragment[first_seg.to_sym]
+      deref = fragment[first_seg]
     else
       array_index = 0
       if (seg_index > 0)
@@ -98,7 +98,7 @@ def walk_path(fragment, segments, seg_index = 0)
       end
     end
 
-    if (deref.blank? || seg_index == segments.size - 1)
+    if deref.blank? || seg_index == segments.size - 1
       deref
     else
       seg_index += 1
@@ -113,7 +113,8 @@ def json_walk(result, user_json, prop, custom_path: nil)
       path = path.gsub(".[].", ".").gsub(".[", "[")
       segments = parse_segments(path)
       val = walk_path(user_json, segments)
-      result[prop] = val if val.present?
+      # [] should be nil, false should be false
+      result[prop] = val.presence || (val == [] ? nil : val)
     end
   end
 

spec/plugin_spec.rb

@@ -312,6 +312,21 @@
     expect(result).to eq "http://example.com/1.png"
   end
 
+  it "can walk json and appropriately assign a `false`" do
+    authenticator = OAuth2BasicAuthenticator.new
+    json_string = '{"user":{"id":1234, "data": {"address":"test@example.com", "is_cat": false}}}'
+    SiteSetting.oauth2_json_email_verified_path = "user.data.is_cat"
+    result =
+      authenticator.json_walk(
+        {},
+        JSON.parse(json_string),
+        "extra:user.data.is_cat",
+        custom_path: "user.data.is_cat",
+      )
+
+    expect(result).to eq false
+  end
+
   describe "token_callback" do
     let(:user) { Fabricate(:user) }
     let(:strategy) { OmniAuth::Strategies::Oauth2Basic.new({}) }