From bb1c8cc25d338095d6bfd57926028b20948b07fb Mon Sep 17 00:00:00 2001
From: Jan Eitzinger <jan@moebiusband.org>
Date: Fri, 8 Sep 2023 12:11:49 +0200
Subject: [PATCH] fix: Move name extract from token in else branch

---
 internal/auth/jwtCookieSession.go | 26 +++++++++++++-------------
 internal/auth/jwtSession.go       | 26 +++++++++++++-------------
 2 files changed, 26 insertions(+), 26 deletions(-)

diff --git a/internal/auth/jwtCookieSession.go b/internal/auth/jwtCookieSession.go
index 8c05408..3748836 100644
--- a/internal/auth/jwtCookieSession.go
+++ b/internal/auth/jwtCookieSession.go
@@ -153,19 +153,6 @@ func (ja *JWTCookieSessionAuthenticator) Login(
 	claims := token.Claims.(jwt.MapClaims)
 	sub, _ := claims["sub"].(string)
 
-	var name string
-	if wrap, ok := claims["name"].(map[string]interface{}); ok {
-		if vals, ok := wrap["values"].([]interface{}); ok {
-			if len(vals) != 0 {
-				name = fmt.Sprintf("%v", vals[0])
-
-				for i := 1; i < len(vals); i++ {
-					name += fmt.Sprintf(" %v", vals[i])
-				}
-			}
-		}
-	}
-
 	var roles []string
 	projects := make([]string, 0)
 
@@ -182,6 +169,19 @@ func (ja *JWTCookieSessionAuthenticator) Login(
 			return nil, errors.New("unknown user")
 		}
 	} else {
+		var name string
+		if wrap, ok := claims["name"].(map[string]interface{}); ok {
+			if vals, ok := wrap["values"].([]interface{}); ok {
+				if len(vals) != 0 {
+					name = fmt.Sprintf("%v", vals[0])
+
+					for i := 1; i < len(vals); i++ {
+						name += fmt.Sprintf(" %v", vals[i])
+					}
+				}
+			}
+		}
+
 		// Extract roles from JWT (if present)
 		if rawroles, ok := claims["roles"].([]interface{}); ok {
 			for _, rr := range rawroles {
diff --git a/internal/auth/jwtSession.go b/internal/auth/jwtSession.go
index e5a30d4..286bb82 100644
--- a/internal/auth/jwtSession.go
+++ b/internal/auth/jwtSession.go
@@ -79,19 +79,6 @@ func (ja *JWTSessionAuthenticator) Login(
 	claims := token.Claims.(jwt.MapClaims)
 	sub, _ := claims["sub"].(string)
 
-	var name string
-	if wrap, ok := claims["name"].(map[string]interface{}); ok {
-		if vals, ok := wrap["values"].([]interface{}); ok {
-			if len(vals) != 0 {
-				name = fmt.Sprintf("%v", vals[0])
-
-				for i := 1; i < len(vals); i++ {
-					name += fmt.Sprintf(" %v", vals[i])
-				}
-			}
-		}
-	}
-
 	var roles []string
 	projects := make([]string, 0)
 
@@ -108,6 +95,19 @@ func (ja *JWTSessionAuthenticator) Login(
 			return nil, errors.New("unknown user")
 		}
 	} else {
+		var name string
+		if wrap, ok := claims["name"].(map[string]interface{}); ok {
+			if vals, ok := wrap["values"].([]interface{}); ok {
+				if len(vals) != 0 {
+					name = fmt.Sprintf("%v", vals[0])
+
+					for i := 1; i < len(vals); i++ {
+						name += fmt.Sprintf(" %v", vals[i])
+					}
+				}
+			}
+		}
+
 		// Extract roles from JWT (if present)
 		if rawroles, ok := claims["roles"].([]interface{}); ok {
 			for _, rr := range rawroles {