From 11cd85d4ebdf0109d8c0e42ad623c38befdb8a29 Mon Sep 17 00:00:00 2001 From: lebaudantoine Date: Mon, 4 Nov 2024 09:31:48 +0100 Subject: [PATCH] =?UTF-8?q?=E2=9C=85(backend)=20handle=20empty=20subscript?= =?UTF-8?q?ion=20string?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Handle case where sub value is an empty string instead of None. Previously this edge case would cause unexpected behavior. Related to previous commit that added the test coverage. --- src/backend/core/authentication/backends.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/backend/core/authentication/backends.py b/src/backend/core/authentication/backends.py index a4576916..41774d2c 100644 --- a/src/backend/core/authentication/backends.py +++ b/src/backend/core/authentication/backends.py @@ -66,7 +66,7 @@ class OIDCAuthenticationBackend(MozillaOIDCAuthenticationBackend): user_info = self.get_userinfo(access_token, id_token, payload) sub = user_info.get("sub") - if sub is None: + if not sub: raise SuspiciousOperation( _("User info contained no recognizable user identification") )