From c4e41d9250e22c2897d298042b771ed2343dafce Mon Sep 17 00:00:00 2001
From: Nat <natalie.tay@discourse.org>
Date: Thu, 21 Mar 2024 17:10:48 +0800
Subject: [PATCH] FIX: Appropriately assign  values when fetching user details

---
 lib/oauth2_basic_authenticator.rb |  7 ++++---
 spec/plugin_spec.rb               | 15 +++++++++++++++
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/lib/oauth2_basic_authenticator.rb b/lib/oauth2_basic_authenticator.rb
index 5f6e2a5..4ac3d13 100644
--- a/lib/oauth2_basic_authenticator.rb
+++ b/lib/oauth2_basic_authenticator.rb
@@ -84,7 +84,7 @@ class OAuth2BasicAuthenticator < Auth::ManagedAuthenticator
     return nil unless fragment.is_a?(Hash) || fragment.is_a?(Array)
     first_seg = segments[seg_index].scan(/([\d+])/).length > 0 ? first_seg.split("[")[0] : first_seg
     if fragment.is_a?(Hash)
-      deref = fragment[first_seg] || fragment[first_seg.to_sym]
+      deref = fragment.key?(first_seg) ? fragment[first_seg] : fragment[first_seg.to_sym]
     else
       array_index = 0
       if (seg_index > 0)
@@ -98,7 +98,7 @@ class OAuth2BasicAuthenticator < Auth::ManagedAuthenticator
       end
     end
 
-    if (deref.blank? || seg_index == segments.size - 1)
+    if deref.blank? || seg_index == segments.size - 1
       deref
     else
       seg_index += 1
@@ -113,7 +113,8 @@ class OAuth2BasicAuthenticator < Auth::ManagedAuthenticator
       path = path.gsub(".[].", ".").gsub(".[", "[")
       segments = parse_segments(path)
       val = walk_path(user_json, segments)
-      result[prop] = val if val.present?
+      # [] should be nil, false should be false
+      result[prop] = val.blank? ? (val == [] ? nil : val) : val
     end
   end
 
diff --git a/spec/plugin_spec.rb b/spec/plugin_spec.rb
index 29bb165..e99a39c 100644
--- a/spec/plugin_spec.rb
+++ b/spec/plugin_spec.rb
@@ -312,6 +312,21 @@ describe OAuth2BasicAuthenticator do
     expect(result).to eq "http://example.com/1.png"
   end
 
+  it "can walk json and appropriately assign a `false`" do
+    authenticator = OAuth2BasicAuthenticator.new
+    json_string = '{"user":{"id":1234, "data": {"address":"test@example.com", "is_cat": false}}}'
+    SiteSetting.oauth2_json_email_verified_path = "user.data.is_cat"
+    result =
+      authenticator.json_walk(
+        {},
+        JSON.parse(json_string),
+        "extra:user.data.is_cat",
+        custom_path: "user.data.is_cat",
+      )
+
+    expect(result).to eq false
+  end
+
   describe "token_callback" do
     let(:user) { Fabricate(:user) }
     let(:strategy) { OmniAuth::Strategies::Oauth2Basic.new({}) }