[Bug]: null pointer exception in GetTokenIDAndSubjectFromToken

[gczuczy]

Preflight Checklist

• I could not find a solution in the documentation, the existing issues or discussions
• I have joined the ZITADEL chat

Version

3.34.1 and master branch

Describe the problem caused by this bug

In pkg/op/exchange_token.go:
From L309-313:

tokenIDOrToken, subject, accessTokenClaims, ok = getTokenIDAndClaims(ctx, exchanger, token)
		if !ok {
			break
		}
		claims = accessTokenClaims.Claims

And the getTokenIDAndClaims function has a return case at L424:

return splitToken[0], splitToken[1], nil, true

When this codepath is hit, ok is true, then the accessTokenClaims is a nil point, which is accessed.

Second bug: this usecase is not covered by unit tests.

To reproduce

Try to do a token exchange which is hitting this codepath (user initiates a client credential grant flow, then tries to exchange the token to have the audience match the resource provider it is trying to access).

Screenshots

No response

Expected behavior

The token exchange working properly.

Additional Context

Discord gladly has thrown some errors which thankfully made me unable to join.

[muhlemmer]

We are open for a PR. At Zitadel we do not use this implementation, so its unlikely any staff will work on this.