From c34f6b1074c451fda808ca1227c98cfddd379908 Mon Sep 17 00:00:00 2001
From: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Date: Thu, 16 Jul 2020 13:51:37 +0200
Subject: [PATCH] fix: check if org id not empty before checking if it exists
 (#482)

---
 internal/api/authz/context.go | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/internal/api/authz/context.go b/internal/api/authz/context.go
index 13eedcb081..ec6ff08c36 100644
--- a/internal/api/authz/context.go
+++ b/internal/api/authz/context.go
@@ -34,10 +34,13 @@ type Grant struct {
 }
 
 func VerifyTokenAndWriteCtxData(ctx context.Context, token, orgID string, t *TokenVerifier, method string) (_ context.Context, err error) {
-	err = t.ExistsOrg(ctx, orgID)
-	if err != nil {
-		return nil, errors.ThrowPermissionDenied(nil, "AUTH-Bs7Ds", "Organisation doesn't exist")
+	if orgID != "" {
+		err = t.ExistsOrg(ctx, orgID)
+		if err != nil {
+			return nil, errors.ThrowPermissionDenied(nil, "AUTH-Bs7Ds", "Organisation doesn't exist")
+		}
 	}
+
 	userID, clientID, agentID, err := verifyAccessToken(ctx, token, t, method)
 	if err != nil {
 		return nil, err