Polish to Avoid NPE
Issue gh-5648 Co-authored-by: MattyA <mat.auburn@gmail.com>
This commit is contained in:
Josh Cummings
parent
2f80b8a5be
commit
510d1b8121
|
|
@ -22,6 +22,7 @@ import java.net.URL;
|
|||
import java.security.interfaces.RSAPublicKey;
|
||||
import java.text.ParseException;
|
||||
import java.util.Arrays;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
|
|
@ -54,11 +55,13 @@ import org.springframework.http.HttpMethod;
|
|||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.RequestEntity;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.oauth2.core.OAuth2Error;
|
||||
import org.springframework.security.oauth2.core.OAuth2TokenValidator;
|
||||
import org.springframework.security.oauth2.core.OAuth2TokenValidatorResult;
|
||||
import org.springframework.security.oauth2.jose.jws.MacAlgorithm;
|
||||
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.client.RestOperations;
|
||||
import org.springframework.web.client.RestTemplate;
|
||||
|
||||
|
|
@ -164,9 +167,17 @@ public final class NimbusJwtDecoder implements JwtDecoder {
|
|||
private Jwt validateJwt(Jwt jwt){
|
||||
OAuth2TokenValidatorResult result = this.jwtValidator.validate(jwt);
|
||||
if (result.hasErrors()) {
|
||||
String description = result.getErrors().iterator().next().getDescription();
|
||||
Collection<OAuth2Error> errors = result.getErrors();
|
||||
String validationErrorString = "Unable to validate Jwt";
|
||||
for (OAuth2Error oAuth2Error : errors) {
|
||||
if (!StringUtils.isEmpty(oAuth2Error.getDescription())) {
|
||||
validationErrorString = String.format(
|
||||
DECODING_ERROR_MESSAGE_TEMPLATE, oAuth2Error.getDescription());
|
||||
break;
|
||||
}
|
||||
}
|
||||
throw new JwtValidationException(
|
||||
String.format(DECODING_ERROR_MESSAGE_TEMPLATE, description),
|
||||
validationErrorString,
|
||||
result.getErrors());
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
package org.springframework.security.oauth2.jwt;
|
||||
|
||||
import java.security.interfaces.RSAPublicKey;
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.HashMap;
|
||||
import java.util.HashSet;
|
||||
|
|
@ -51,12 +52,14 @@ import reactor.core.publisher.Flux;
|
|||
import reactor.core.publisher.Mono;
|
||||
|
||||
import org.springframework.core.convert.converter.Converter;
|
||||
import org.springframework.security.oauth2.core.OAuth2Error;
|
||||
import org.springframework.security.oauth2.core.OAuth2TokenValidator;
|
||||
import org.springframework.security.oauth2.core.OAuth2TokenValidatorResult;
|
||||
import org.springframework.security.oauth2.jose.jws.JwsAlgorithm;
|
||||
import org.springframework.security.oauth2.jose.jws.MacAlgorithm;
|
||||
import org.springframework.security.oauth2.jose.jws.SignatureAlgorithm;
|
||||
import org.springframework.util.Assert;
|
||||
import org.springframework.util.StringUtils;
|
||||
import org.springframework.web.reactive.function.client.WebClient;
|
||||
|
||||
/**
|
||||
|
|
@ -172,10 +175,16 @@ public final class NimbusReactiveJwtDecoder implements ReactiveJwtDecoder {
|
|||
|
||||
private Jwt validateJwt(Jwt jwt) {
|
||||
OAuth2TokenValidatorResult result = this.jwtValidator.validate(jwt);
|
||||
|
||||
if ( result.hasErrors() ) {
|
||||
String message = result.getErrors().iterator().next().getDescription();
|
||||
throw new JwtValidationException(message, result.getErrors());
|
||||
if (result.hasErrors()) {
|
||||
Collection<OAuth2Error> errors = result.getErrors();
|
||||
String validationErrorString = "Unable to validate Jwt";
|
||||
for (OAuth2Error oAuth2Error : errors) {
|
||||
if (!StringUtils.isEmpty(oAuth2Error.getDescription())) {
|
||||
validationErrorString = oAuth2Error.getDescription();
|
||||
break;
|
||||
}
|
||||
}
|
||||
throw new JwtValidationException(validationErrorString, errors);
|
||||
}
|
||||
|
||||
return jwt;
|
||||
|
|
|
|||
|
|
@ -193,6 +193,22 @@ public class NimbusJwtDecoderTests {
|
|||
.hasFieldOrPropertyWithValue("errors", Arrays.asList(firstFailure, secondFailure));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void decodeWhenReadingErrorPickTheFirstErrorMessage() {
|
||||
OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class);
|
||||
this.jwtDecoder.setJwtValidator(jwtValidator);
|
||||
|
||||
OAuth2Error errorEmpty = new OAuth2Error("mock-error", "", "mock-uri");
|
||||
OAuth2Error error = new OAuth2Error("mock-error", "mock-description", "mock-uri");
|
||||
OAuth2Error error2 = new OAuth2Error("mock-error-second", "mock-description-second", "mock-uri-second");
|
||||
OAuth2TokenValidatorResult result = OAuth2TokenValidatorResult.failure(errorEmpty, error, error2);
|
||||
when(jwtValidator.validate(any(Jwt.class))).thenReturn(result);
|
||||
|
||||
Assertions.assertThatCode(() -> this.jwtDecoder.decode(SIGNED_JWT))
|
||||
.isInstanceOf(JwtValidationException.class)
|
||||
.hasMessageContaining("mock-description");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void decodeWhenUsingSignedJwtThenReturnsClaimsGivenByClaimSetConverter() {
|
||||
Converter<Map<String, Object>, Map<String, Object>> claimSetConverter = mock(Converter.class);
|
||||
|
|
|
|||
|
|
@ -221,6 +221,22 @@ public class NimbusReactiveJwtDecoderTests {
|
|||
.hasMessageContaining("mock-description");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void decodeWhenReadingErrorPickTheFirstErrorMessage() {
|
||||
OAuth2TokenValidator<Jwt> jwtValidator = mock(OAuth2TokenValidator.class);
|
||||
this.decoder.setJwtValidator(jwtValidator);
|
||||
|
||||
OAuth2Error errorEmpty = new OAuth2Error("mock-error", "", "mock-uri");
|
||||
OAuth2Error error = new OAuth2Error("mock-error", "mock-description", "mock-uri");
|
||||
OAuth2Error error2 = new OAuth2Error("mock-error-second", "mock-description-second", "mock-uri-second");
|
||||
OAuth2TokenValidatorResult result = OAuth2TokenValidatorResult.failure(errorEmpty, error, error2);
|
||||
when(jwtValidator.validate(any(Jwt.class))).thenReturn(result);
|
||||
|
||||
assertThatCode(() -> this.decoder.decode(this.messageReadToken).block())
|
||||
.isInstanceOf(JwtValidationException.class)
|
||||
.hasMessageContaining("mock-description");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void decodeWhenUsingSignedJwtThenReturnsClaimsGivenByClaimSetConverter() {
|
||||
Converter<Map<String, Object>, Map<String, Object>> claimSetConverter = mock(Converter.class);
|
||||
|
|
|
|||
Loading…
Reference in New Issue