From e067caa17ebc690027d9b57b1abf22ad2e918b89 Mon Sep 17 00:00:00 2001
From: Etienne Stalmans <estalmans@gmail.com>
Date: Sun, 19 Jan 2025 17:54:42 +0100
Subject: [PATCH] feat: keep backwards compatibility through default claims

---
 internal/conf/configuration.go | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/internal/conf/configuration.go b/internal/conf/configuration.go
index 6eaf82aa8..474a90d66 100644
--- a/internal/conf/configuration.go
+++ b/internal/conf/configuration.go
@@ -887,6 +887,15 @@ func (config *GlobalConfiguration) ApplyDefaults() error {
 		config.JWT.AdminRoles = []string{"service_role", "supabase_admin"}
 	}
 
+	// default to all claims that were / are available at the time of this change
+	// to ensure backwards compatibility. To exclude all these claims, the value
+	// of jwt.additional_claims can be set to an invalid claim, such as "none", "empty", "null"
+	// also allow setting to default claims using the "default" keyword, making it possible to use
+	// this config as a binary flag "none" == use_mimimal_jwt == true, "default" == use_mimimal_jwt == false
+	if len(config.JWT.AdditionalClaims) == 0 || (len(config.JWT.AdditionalClaims) == 1 && config.JWT.AdditionalClaims[0] == "default") {
+		config.JWT.AdditionalClaims = []string{"email", "phone", "app_metadata", "user_metadata", "amr", "is_anonymous"}
+	}
+
 	if config.JWT.Exp == 0 {
 		config.JWT.Exp = 3600
 	}