From 2dd499bacf56a8358de39db61fb9b8b3282a7a5a Mon Sep 17 00:00:00 2001
From: Daniel Jiang <jiangd@vmware.com>
Date: Thu, 28 Jan 2021 18:08:28 +0800
Subject: [PATCH] Reduce warning logs in OIDC middleware

If the request does not have bearer token in the header, do not decode
the empty string.
Fixes #12261

Signed-off-by: Daniel Jiang <jiangd@vmware.com>
---
 src/server/middleware/security/idtoken.go      | 3 +++
 src/server/middleware/security/idtoken_test.go | 5 +++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/server/middleware/security/idtoken.go b/src/server/middleware/security/idtoken.go
index 9245d37ad..3d2b7e6db 100644
--- a/src/server/middleware/security/idtoken.go
+++ b/src/server/middleware/security/idtoken.go
@@ -40,6 +40,9 @@ func (i *idToken) Generate(req *http.Request) security.Context {
 		return nil
 	}
 	token := bearerToken(req)
+	if len(token) == 0 {
+		return nil
+	}
 	claims, err := oidc.VerifyToken(ctx, token)
 	if err != nil {
 		log.Warningf("failed to verify token: %v", err)
diff --git a/src/server/middleware/security/idtoken_test.go b/src/server/middleware/security/idtoken_test.go
index 8d399ce6c..cadcba78e 100644
--- a/src/server/middleware/security/idtoken_test.go
+++ b/src/server/middleware/security/idtoken_test.go
@@ -15,12 +15,13 @@
 package security
 
 import (
+	"net/http"
+	"testing"
+
 	"github.com/goharbor/harbor/src/common"
 	"github.com/goharbor/harbor/src/lib"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
-	"net/http"
-	"testing"
 )
 
 func TestIDToken(t *testing.T) {