From c39702fbf72ac859a3b85826d65657960e0db83e Mon Sep 17 00:00:00 2001
From: Andrey Antukh <niwi@niwi.nz>
Date: Mon, 7 Aug 2023 15:55:54 +0200
Subject: [PATCH] :sparkles: Improve get-user-info implementation (oidc)

---
 backend/src/app/auth/oidc.clj | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/backend/src/app/auth/oidc.clj b/backend/src/app/auth/oidc.clj
index 5330efc09..89fe77ef3 100644
--- a/backend/src/app/auth/oidc.clj
+++ b/backend/src/app/auth/oidc.clj
@@ -391,13 +391,14 @@
 (defn- get-user-info
   [{:keys [provider]} tdata]
   (try
-    (let [{:keys [kid alg] :as theader} (jwt/decode-header (:token/id tdata))]
-      (when-let [key (if (str/starts-with? (name alg) "hs")
-                       (:client-secret provider)
-                       (get-in provider [:jwks kid]))]
+    (when (:token/id tdata)
+      (let [{:keys [kid alg] :as theader} (jwt/decode-header (:token/id tdata))]
+        (when-let [key (if (str/starts-with? (name alg) "hs")
+                         (:client-secret provider)
+                         (get-in provider [:jwks kid]))]
 
-        (let [claims (jwt/unsign (:token/id tdata) key {:alg alg})]
-          (dissoc claims :exp :iss :iat :sid :aud :sub))))
+          (let [claims (jwt/unsign (:token/id tdata) key {:alg alg})]
+            (dissoc claims :exp :iss :iat :sid :aud :sub)))))
     (catch Throwable cause
       (l/warn :hint "unable to get user info from JWT token (unexpected exception)"
               :cause cause))))