From af9c2880a6a843e52d830d8fa87a278c5f132e5c Mon Sep 17 00:00:00 2001
From: krishnadurai <krishnadurai20@gmail.com>
Date: Fri, 13 Dec 2019 16:52:10 -0800
Subject: [PATCH] Corrects validation logic for static password check

---
 cmd/dex/config.go | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/cmd/dex/config.go b/cmd/dex/config.go
index c0394e37..9db0ce3f 100644
--- a/cmd/dex/config.go
+++ b/cmd/dex/config.go
@@ -99,12 +99,11 @@ func (p *password) UnmarshalJSON(b []byte) error {
 		Username: data.Username,
 		UserID:   data.UserID,
 	})
+	if len(data.Hash) == 0 && len(data.HashFromEnv) > 0 {
+		data.Hash = os.Getenv(data.HashFromEnv)
+	}
 	if len(data.Hash) == 0 {
-		if len(data.HashFromEnv) > 0 {
-			data.Hash = os.Getenv(data.HashFromEnv)
-		} else {
-			return fmt.Errorf("no password hash provided")
-		}
+		return fmt.Errorf("no password hash provided")
 	}
 
 	// If this value is a valid bcrypt, use it.