From fd2807c091686a2a23f41123e3470a1076e877a0 Mon Sep 17 00:00:00 2001
From: Damien Degois <damien@degois.info>
Date: Mon, 7 Nov 2022 09:42:33 +0100
Subject: [PATCH] Fix uninitialized user claim (#1873)

* Fix uninitialized user claim

Some providers doesn't initialize data with setProviderDefaults function
(keycloak-oidc for example), therefore UserClaim is never initialized
with the default value and stay as an empty string.
This result in an empty user.

* Add CHANGELOG.md entry for #1873

* Call setProviderDefaults where missing

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
---
 CHANGELOG.md               | 1 +
 providers/gitlab.go        | 5 ++++-
 providers/keycloak_oidc.go | 4 +++-
 providers/nextcloud.go     | 5 ++++-
 4 files changed, 12 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 7c4b0f8a..42c9e030 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -8,6 +8,7 @@
 
 ## Changes since v7.4.0
 
+- [#1873](https://github.com/oauth2-proxy/oauth2-proxy/pull/1873) Fix empty users with some OIDC providers (@babs)
 - [#1882](https://github.com/oauth2-proxy/oauth2-proxy/pull/1882) Make `htpasswd.GetUsers` racecondition safe
 - [#1883](https://github.com/oauth2-proxy/oauth2-proxy/pull/1883) Ensure v8 manifest variant is set on docker images
 
diff --git a/providers/gitlab.go b/providers/gitlab.go
index 1049a403..a510debf 100644
--- a/providers/gitlab.go
+++ b/providers/gitlab.go
@@ -32,7 +32,10 @@ var _ Provider = (*GitLabProvider)(nil)
 
 // NewGitLabProvider initiates a new GitLabProvider
 func NewGitLabProvider(p *ProviderData, opts options.GitLabOptions) (*GitLabProvider, error) {
-	p.ProviderName = gitlabProviderName
+	p.setProviderDefaults(providerDefaults{
+		name: gitlabProviderName,
+	})
+
 	if p.Scope == "" {
 		p.Scope = gitlabDefaultScope
 	}
diff --git a/providers/keycloak_oidc.go b/providers/keycloak_oidc.go
index 6603f0ea..6e85136b 100644
--- a/providers/keycloak_oidc.go
+++ b/providers/keycloak_oidc.go
@@ -17,7 +17,9 @@ type KeycloakOIDCProvider struct {
 
 // NewKeycloakOIDCProvider makes a KeycloakOIDCProvider using the ProviderData
 func NewKeycloakOIDCProvider(p *ProviderData, opts options.KeycloakOptions) *KeycloakOIDCProvider {
-	p.ProviderName = keycloakOIDCProviderName
+	p.setProviderDefaults(providerDefaults{
+		name: keycloakOIDCProviderName,
+	})
 
 	provider := &KeycloakOIDCProvider{
 		OIDCProvider: &OIDCProvider{
diff --git a/providers/nextcloud.go b/providers/nextcloud.go
index c1538b36..32099ac2 100644
--- a/providers/nextcloud.go
+++ b/providers/nextcloud.go
@@ -21,7 +21,10 @@ const nextCloudProviderName = "Nextcloud"
 
 // NewNextcloudProvider initiates a new NextcloudProvider
 func NewNextcloudProvider(p *ProviderData) *NextcloudProvider {
-	p.ProviderName = nextCloudProviderName
+	p.setProviderDefaults(providerDefaults{
+		name: nextCloudProviderName,
+	})
+
 	p.getAuthorizationHeaderFunc = makeOIDCHeader
 	if p.EmailClaim == options.OIDCEmailClaim {
 		// This implies the email claim has not been overridden, we should set a default