Cleanup internalSession params & handle profileURL Bearer case better
`findClaimsFromIDToken` would always have a `nil` access token and not be able to hit the userinfo endpoint in Bearer case. If access token is nil, default to legacy `session.Email = claim.Subject` that all JWT bearers used to have, even if a valid profileURL is present.
parent
dcc75410
Please register or sign in to comment