From 8dd8943854b8163703f7d80c8dac5c245df50172 Mon Sep 17 00:00:00 2001 From: Ralf Haferkamp Date: Thu, 12 Jun 2025 11:49:08 +0200 Subject: [PATCH] fix(proxy): Prevent panic when autoprovsioning user After autoprovisioning a user, we need to get a reva token via `auth-machine`. If that fails the code would panic because the logger tried to access the `user` object returned from the GetUserByClaims call. Which is `nil`in case failure. Fixes #936 --- services/proxy/pkg/middleware/account_resolver.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/services/proxy/pkg/middleware/account_resolver.go b/services/proxy/pkg/middleware/account_resolver.go index 17364ef3d..c2c69d76a 100644 --- a/services/proxy/pkg/middleware/account_resolver.go +++ b/services/proxy/pkg/middleware/account_resolver.go @@ -125,15 +125,15 @@ func (m accountResolver) ServeHTTP(w http.ResponseWriter, req *http.Request) { return } m.logger.Debug().Interface("claims", claims).Msg("Autoprovisioning user") - user, err = m.userProvider.CreateUserFromClaims(req.Context(), claims) + newuser, err := m.userProvider.CreateUserFromClaims(req.Context(), claims) if err != nil { m.logger.Error().Err(err).Msg("Autoprovisioning user failed") w.WriteHeader(http.StatusInternalServerError) return } - user, token, err = m.userProvider.GetUserByClaims(req.Context(), "userid", user.Id.OpaqueId) + user, token, err = m.userProvider.GetUserByClaims(req.Context(), "userid", newuser.Id.OpaqueId) if err != nil { - m.logger.Error().Err(err).Str("userid", user.Id.OpaqueId).Msg("Error getting token for autoprovisioned user") + m.logger.Error().Err(err).Str("userid", newuser.Id.OpaqueId).Msg("Error getting token for autoprovisioned user") w.WriteHeader(http.StatusUnauthorized) return }