fix auth stuff

auth/auth0/handlers.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"crypto/rand"
 	"encoding/base64"
+	"encoding/json"
 	"net/http"
 	"net/url"
 
@@ -92,14 +93,39 @@ func HandleCallback(deps *deps) http.HandlerFunc {
 			return
 		}
 
-		var profile map[string]any
-		if err = idToken.Claims(&profile); err != nil {
+		var rawClaims map[string]json.RawMessage
+		if err = idToken.Claims(&rawClaims); err != nil {
 			deps.log.Error("unable to decode ID token claims", "error", err)
 			http.Error(w, err.Error(), http.StatusInternalServerError)
 			return
 		}
 
-		deps.sessions.Put(r.Context(), "user", profile)
+		var user SessionUser
+		if sub, ok := rawClaims["sub"]; ok {
+			json.Unmarshal(sub, &user)
+		}
+		if name, ok := rawClaims["name"]; ok {
+			json.Unmarshal(name, &user.Name)
+		}
+		if email, ok := rawClaims["email"]; ok {
+			json.Unmarshal(email, &user.Email)
+		}
+		if picture, ok := rawClaims["picture"]; ok {
+			json.Unmarshal(picture, &user.Picture)
+		}
+
+		customMap := make(map[string]json.RawMessage)
+		for k, v := range rawClaims {
+			if k != "sub" && k != "name" && k != "email" && k != "picture" {
+				customMap[k] = v
+			}
+		}
+
+		if len(customMap) > 0 {
+			user.Custom, _ = json.Marshal(customMap)
+		}
+
+		deps.sessions.Put(r.Context(), "user", user)
 		deps.sessions.Put(r.Context(), "access_token", token.AccessToken)
 
 		http.Redirect(w, r, "/", http.StatusFound)