From c7467c46319a847c61472c75c1ba2384eff9e871 Mon Sep 17 00:00:00 2001
From: wassafshahzad <wassafshahzad@gmail.com>
Date: Sat, 26 Oct 2024 02:49:07 +0200
Subject: [PATCH] Added check to ensure 'sub' is present in claim before
 parsing and use token subjact if sub is not present in claims

Signed-off-by: wassafshahzad <wassafshahzad@gmail.com>
---
 filters/auth/oidc_introspection.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/filters/auth/oidc_introspection.go b/filters/auth/oidc_introspection.go
index a32752a7c0..cdde259678 100644
--- a/filters/auth/oidc_introspection.go
+++ b/filters/auth/oidc_introspection.go
@@ -131,8 +131,13 @@ func (filter *oidcIntrospectionFilter) Request(ctx filters.FilterContext) {
 		return
 	}
 
-	sub := token.Claims["sub"].(string)
-	authorized(ctx, sub)
+	sub, ok := token.Claims["sub"]
+	if ok {
+		authorized(ctx, sub.(string))
+	} else {
+		sub := token.Subject
+		authorized(ctx, sub)
+	}
 }
 
 func (filter *oidcIntrospectionFilter) Response(filters.FilterContext) {}