From 4c0718659711f272e3ae923f8b63118998d4b7c8 Mon Sep 17 00:00:00 2001 From: Anon Ray Date: Thu, 13 Sep 2018 17:08:21 +0530 Subject: [PATCH] jwt claims check should be case-insensitive, fix #435 --- server/src-lib/Hasura/Server/Auth/JWT.hs | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/server/src-lib/Hasura/Server/Auth/JWT.hs b/server/src-lib/Hasura/Server/Auth/JWT.hs index 67e8a5878fd7e..7daa4d90da632 100644 --- a/server/src-lib/Hasura/Server/Auth/JWT.hs +++ b/server/src-lib/Hasura/Server/Auth/JWT.hs @@ -90,8 +90,10 @@ processJwt conf headers = do -- the value of hasura claims key has to be an object hasuraClaims <- validateIsObject hasuraClaimsV - -- filter only x-hasura claims - let claimsMap = Map.filterWithKey (\k _ -> T.isPrefixOf "x-hasura-" k) hasuraClaims + -- filter only x-hasura claims and convert to lower-case + let claimsMap = Map.filterWithKey (\k _ -> T.isPrefixOf "x-hasura-" k) + $ Map.fromList $ map (\(k, v) -> (T.toLower k, v)) + $ Map.toList hasuraClaims HasuraClaims allowedRoles defaultRole <- parseHasuraClaims claimsMap let role = getCurrentRole defaultRole