Add extra data from token introspection to session

aeneasr · arekkas · commit ce8f9f265bad · 2017-11-28T15:40:12.000+01:00
diff --git a/evaluator/evaluator_warden.go b/evaluator/evaluator_warden.go
@@ -161,6 +161,7 @@ func (d *WardenEvaluator) EvaluateAccessRequest(r *http.Request) (*Session, erro
 			User:      introspection.Sub,
 			ClientID:  introspection.ClientId,
 			Anonymous: false,
+			Extra:     introspection.Ext,
 		}, nil
 	case rule.AuthenticatedMode:
 		if token == "" {
@@ -229,6 +230,7 @@ func (d *WardenEvaluator) EvaluateAccessRequest(r *http.Request) (*Session, erro
 			User:      introspection.Sub,
 			ClientID:  introspection.ClientId,
 			Anonymous: false,
+			Extra:     introspection.Ext,
 		}, nil
 	case rule.PolicyMode:
 		if token == "" {
@@ -297,6 +299,7 @@ func (d *WardenEvaluator) EvaluateAccessRequest(r *http.Request) (*Session, erro
 			User:      introspection.Subject,
 			ClientID:  introspection.ClientId,
 			Anonymous: false,
+			Extra:     introspection.AccessTokenExtra,
 		}, nil
 	default:
 		d.Logger.WithError(err).
diff --git a/evaluator/session.go b/evaluator/session.go
@@ -8,11 +8,12 @@ import (
 )
 
 type Session struct {
-	User      string `json:"user"`
-	Anonymous bool   `json:"anonymous"`
-	Disabled  bool   `json:"disabled"`
-	ClientID  string `json:"clientId"`
-	Issuer    string `json:"issuer"`
+	User      string      `json:"user"`
+	Anonymous bool        `json:"anonymous"`
+	Disabled  bool        `json:"disabled"`
+	ClientID  string      `json:"clientId"`
+	Issuer    string      `json:"issuer"`
+	Extra     interface{} `json:"extra"`
 }
 
 func (s *Session) ToClaims() jwt.MapClaims {
@@ -25,5 +26,6 @@ func (s *Session) ToClaims() jwt.MapClaims {
 		"anon": s.Anonymous,
 		"aud":  s.ClientID,
 		"jti":  uuid.New(),
+		"ext":  s.Extra,
 	}
 }

Original file line number	Diff line number	Diff line change
`@@ -8,11 +8,12 @@ import (`
`8`	`8`	`)`
`9`	`9`
`10`	`10`	`type Session struct {`
`11`		- User string `json:"user"`
`12`		- Anonymous bool `json:"anonymous"`
`13`		- Disabled bool `json:"disabled"`
`14`		- ClientID string `json:"clientId"`
`15`		- Issuer string `json:"issuer"`
	`11`	+ User string `json:"user"`
	`12`	+ Anonymous bool `json:"anonymous"`
	`13`	+ Disabled bool `json:"disabled"`
	`14`	+ ClientID string `json:"clientId"`
	`15`	+ Issuer string `json:"issuer"`
	`16`	+ Extra interface{} `json:"extra"`
`16`	`17`	`}`
`17`	`18`
`18`	`19`	`func (s *Session) ToClaims() jwt.MapClaims {`
`@@ -25,5 +26,6 @@ func (s *Session) ToClaims() jwt.MapClaims {`
`25`	`26`	`"anon": s.Anonymous,`
`26`	`27`	`"aud": s.ClientID,`
`27`	`28`	`"jti": uuid.New(),`
	`29`	`+ "ext": s.Extra,`
`28`	`30`	`}`
`29`	`31`	`}`