Set some custom claims to empty array when value is null | undefined

[ofux]

We came accros an issue with custom claims when they are expected to be an array.

Let's say you define:

• a custom claim looking like this: "projectsLeaded":"projectsLeaded[].projectId".
• some permissions in Hasura in the form of project.id IN X-Hasura-projectsLeaded.

With the current implementation of Hasura Auth, if the user doesn't lead any project, the projectsLeaded custom claim won't be defined at all, and Hasura will throw an error saying X-Hasura-projectsLeaded is required to make the call. We would rather expect X-Hasura-projectsLeaded to be set as an empty array, so that the permissions work as expected in Hasura.

I did a change on our fork to fix this: https://github.com/onlydustxyz/hasura-auth/commit/5a7029a246e7a03268a89bc95a9454da9e7cd3ab

As you can see, I considered that when the custom claim's path contains [], then it is expected to be an array, and consequently, I set its value to an empty array when it is undefined | null.

I think it would make sense to integrate this change to Hasura Auth officially. What do you think?

I can of course make a proper PR in case you agree on the principle.

[plmercereau]

Hello Olivier, Yes, it makes sense, a PR would be nice!