Commit 5292aea8 authored by Daniel Jiang's avatar Daniel Jiang
Browse files

Skip verifying OIDC token for local user



If a user does not have OIDC meta data in DB, it means he's not
onboarded via OIDC authn, hence, we should not check the token.
Signed-off-by: default avatarDaniel Jiang <jiangd@vmware.com>
parent 239b33c5
......@@ -467,9 +467,12 @@ func (s *sessionReqCtxModifier) Modify(ctx *beegoctx.Context) bool {
log.Errorf("Failed to get OIDC user info, error: %v", err)
return false
}
if err := oidc.VerifyAndPersistToken(ctx.Request.Context(), ou); err != nil {
log.Errorf("Failed to verify secret, error: %v", err)
return false
if ou != nil { // If user does not have OIDC metadata, it means he is not onboarded via OIDC authn,
// so we can skip checking the token.
if err := oidc.VerifyAndPersistToken(ctx.Request.Context(), ou); err != nil {
log.Errorf("Failed to verify secret, error: %v", err)
return false
}
}
}
log.Debug("using local database project manager")
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment