Fix userinfo metadata base64 encoding (#443)

* Use grpc base64 encoding

Signed-off-by: Katrina Rogan <[email protected]>

* remove check for empty user info

Signed-off-by: Katrina Rogan <[email protected]>

auth/constants.go

@@ -9,7 +9,8 @@ const (
 	DefaultAuthorizationHeader    = "authorization"
 	BearerScheme                  = "Bearer"
 	IDTokenScheme                 = "IDToken"
-	UserInfoMDKey                 = "UserInfo"
+	// Add the -bin suffix so that the header value is automatically base64 encoded
+	UserInfoMDKey = "UserInfo-bin"
 
 	// https://tools.ietf.org/html/rfc8414
 	// This should be defined without a leading slash. If there is one, the url library's ResolveReference will make it a root path

auth/handlers.go

@@ -323,7 +323,7 @@ func GetHTTPRequestCookieToMetadataHandler(authCtx interfaces.AuthenticationCont
 		}
 
 		if len(raw) > 0 {
-			meta.Set(UserInfoMDKey, EncodeBase64(raw))
+			meta.Set(UserInfoMDKey, string(raw))
 		}
 
 		return meta

auth/handlers_test.go

@@ -234,7 +234,6 @@ func TestGetHTTPRequestCookieToMetadataHandler(t *testing.T) {
 	req.AddCookie(&idCookie)
 
 	assert.Equal(t, "IDToken a.b.c", handler(ctx, req)["authorization"][0])
-	assert.Equal(t, "bnVsbA", handler(ctx, req).Get(UserInfoMDKey)[0])
 }
 
 func TestGetHTTPMetadataTaggingHandler(t *testing.T) {

auth/token.go

@@ -111,10 +111,10 @@ func GRPCGetIdentityFromIDToken(ctx context.Context, clientID string, provider *
 	}
 
 	meta := metautils.ExtractIncoming(ctx)
-	userInfoDecoded, _ := DecodeFromBase64(meta.Get(UserInfoMDKey))
+	userInfoDecoded := meta.Get(UserInfoMDKey)
 	userInfo := &service.UserInfoResponse{}
 	if len(userInfoDecoded) > 0 {
-		err = json.Unmarshal(userInfoDecoded, userInfo)
+		err = json.Unmarshal([]byte(userInfoDecoded), userInfo)
 		if err != nil {
 			logger.Infof(ctx, "Could not unmarshal user info from metadata %v", err)
 		}