From 4f6db08c4cad82a5625b62115b61b2d921dd9d99 Mon Sep 17 00:00:00 2001
From: Tharsanan1 <ktharsanan@gmail.com>
Date: Tue, 4 Feb 2025 10:41:07 +0530
Subject: [PATCH] Fix backend jwt

---
 gateway/enforcer/internal/extproc/ext_proc.go         | 2 +-
 gateway/enforcer/internal/jwtbackend/jwt_generator.go | 8 ++++++++
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/gateway/enforcer/internal/extproc/ext_proc.go b/gateway/enforcer/internal/extproc/ext_proc.go
index 9ade3ae91..f6396bdd9 100644
--- a/gateway/enforcer/internal/extproc/ext_proc.go
+++ b/gateway/enforcer/internal/extproc/ext_proc.go
@@ -246,7 +246,7 @@ func (s *ExternalProcessingServer) Process(srv envoy_service_proc_v3.ExternalPro
 				rhq.Response.HeaderMutation.SetHeaders = append(rhq.Response.HeaderMutation.SetHeaders, &corev3.HeaderValueOption{
 						Header: &corev3.HeaderValue{
 							Key:      requestConfigHolder.MatchedAPI.BackendJwtConfiguration.JWTHeader,
-							RawValue: []byte(attributes.ClusterName),
+							RawValue: []byte(backendJWT),
 						},
 					
 				})
diff --git a/gateway/enforcer/internal/jwtbackend/jwt_generator.go b/gateway/enforcer/internal/jwtbackend/jwt_generator.go
index aee07cc10..b025d7083 100644
--- a/gateway/enforcer/internal/jwtbackend/jwt_generator.go
+++ b/gateway/enforcer/internal/jwtbackend/jwt_generator.go
@@ -82,6 +82,14 @@ func CreateBackendJWT(rch *requestconfig.Holder, cfg *config.Server) string {
 				Type:  "string",
 			}
 		}
+		if rch.JWTValidationInfo != nil {
+			if sub, exists := rch.JWTValidationInfo.Claims["sub"]; exists {
+				customClaims["sub"] = &dto.ClaimValue{
+					Value: sub.(string),
+					Type:  "string",
+				}
+			}
+		}
 		signatureAlgorithm := bjc.SignatureAlgorithm
 		if signatureAlgorithm !=  "NONE" && signatureAlgorithm != sha256WithRSA {
 			signatureAlgorithm = sha256WithRSA