diff --git a/lib/CF/Helpers/Auth.pm b/lib/CF/Helpers/Auth.pm
index 50db7ee07de96a789d629d83e2ef68ae8b1918ee..78715260e1707e689beb3b917d85c0885afb2506 100644
--- a/lib/CF/Helpers/Auth.pm
+++ b/lib/CF/Helpers/Auth.pm
@@ -74,7 +74,7 @@ sub register ( $class, $self, $conf) {
     });
 
     $self->helper( user => sub ( $c ) {
-        my $claims = $c->oauth_claims // return;
+        my $claims = $c->oauth_claims // return { id => 0 };
 
         if ( ! $c->stash->{user} ) {
             $c->stash->{user} = {
@@ -88,8 +88,16 @@ sub register ( $class, $self, $conf) {
     });
 
     $self->helper( user_roles => sub ( $c ) {
-        my $claims = $c->oauth_claims // return;
-        $c->stash->{user_roles} //= { map { $_ => 1 } @{ $claims->{roles} // [] }};
+        my @roles = ();
+
+        if ( $c->cfg->{test_x_roles} && $c->req->headers->header('X-Roles')) {
+            @roles = split /\W+/, $c->req->headers('X-Roles');
+        }
+        elsif ( my $claims = $c->oauth_claims ) {
+            @roles = @{ $claims->{roles} // [] };
+        }
+
+        $c->stash->{user_roles} //= { map { $_ => 1 }  @roles };
         return $c->stash->{user_roles};
     });