Cwikius-Spring/spring-security
1
0
Fork 0
mirror of synced 2026-05-22 21:33:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Enables empty authorityPrefix

Browse Source 
- docs stated that empty authorityPrefix are allowed but implementation denied to use `""`
- commit removes the `hasText`-limitation but restricts to `notNull`

Fixes gh-8421
This commit is contained in:
Julian Müller
2020-04-21 17:18:55 +02:00
committed by Rob Winch
parent 32ce94d2dd
commit 60d4d5b7ee
2 changed files with 33 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
oauth2/oauth2-resource-server/src/main/java/org/springframework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverter.java
+1 -1
View File
@@ -68,7 +68,7 @@ public final class JwtGrantedAuthoritiesConverter implements Converter<Jwt, Coll
* @since 5.2
*/
public void setAuthorityPrefix(String authorityPrefix) {
Assert.hasText(authorityPrefix, "authorityPrefix cannot be empty");
Assert.notNull(authorityPrefix, "authorityPrefix cannot be null");
this.authorityPrefix = authorityPrefix;
}
oauth2/oauth2-resource-server/src/test/java/org/springframework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverterTests.java
+32
View File
@@ -37,6 +37,12 @@ import static org.springframework.security.oauth2.jwt.TestJwts.jwt;
*/
public class JwtGrantedAuthoritiesConverterTests {
@Test(expected = IllegalArgumentException.class)
public void setAuthorityPrefixWithNullThenException() {
JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
jwtGrantedAuthoritiesConverter.setAuthorityPrefix(null);
}
@Test
public void convertWhenTokenHasScopeAttributeThenTranslatedToAuthorities() {
Jwt jwt = jwt().claim("scope", "message:read message:write").build();
@@ -62,6 +68,19 @@ public class JwtGrantedAuthoritiesConverterTests {
new SimpleGrantedAuthority("ROLE_message:write"));
}
@Test
public void convertWithBlankAsCustomAuthorityPrefixWhenTokenHasScopeAttributeThenTranslatedToAuthorities() {
Jwt jwt = jwt().claim("scope", "message:read message:write").build();
JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
jwtGrantedAuthoritiesConverter.setAuthorityPrefix("");
Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
assertThat(authorities).containsExactly(
new SimpleGrantedAuthority("message:read"),
new SimpleGrantedAuthority("message:write"));
}
@Test
public void convertWhenTokenHasEmptyScopeAttributeThenTranslatedToNoAuthorities() {
Jwt jwt = jwt().claim("scope", "").build();
@@ -97,6 +116,19 @@ public class JwtGrantedAuthoritiesConverterTests {
new SimpleGrantedAuthority("ROLE_message:write"));
}
@Test
public void convertWithBlankAsCustomAuthorityPrefixWhenTokenHasScpAttributeThenTranslatedToAuthorities() {
Jwt jwt = jwt().claim("scp", "message:read message:write").build();
JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
jwtGrantedAuthoritiesConverter.setAuthorityPrefix("");
Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
assertThat(authorities).containsExactly(
new SimpleGrantedAuthority("message:read"),
new SimpleGrantedAuthority("message:write"));
}
@Test
public void convertWhenTokenHasEmptyScpAttributeThenTranslatedToNoAuthorities() {
Jwt jwt = jwt().claim("scp", Collections.emptyList()).build();