Preserve Null Claim Values
Prior to this commit ClaimTypeConverter returned the claims with the original value for all the claims with a null converted value. The changes allows ClaimTypeConverter to overwrite and return claims with converted value of null. Closes gh-10135
This commit is contained in:
parent
0de2a51184
commit
9925c6a4c0
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
* Copyright 2002-2021 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2019 the original author or authors.
|
||||
* Copyright 2002-2021 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
@ -45,19 +45,20 @@ public final class MappedJwtClaimSetConverter implements Converter<Map<String, O
|
|||
private final static TypeDescriptor INSTANT_TYPE_DESCRIPTOR = TypeDescriptor.valueOf(Instant.class);
|
||||
private final static TypeDescriptor URL_TYPE_DESCRIPTOR = TypeDescriptor.valueOf(URL.class);
|
||||
private final Map<String, Converter<Object, ?>> claimTypeConverters;
|
||||
private final Converter<Map<String, Object>, Map<String, Object>> delegate;
|
||||
|
||||
/**
|
||||
* Constructs a {@link MappedJwtClaimSetConverter} with the provided arguments
|
||||
*
|
||||
* This will completely replace any set of default converters.
|
||||
*
|
||||
* A converter that returns {@code null} removes the claim from the claim set. A
|
||||
* converter that returns a non-{@code null} value adds or replaces that claim in the
|
||||
* claim set.
|
||||
* @param claimTypeConverters The {@link Map} of converters to use
|
||||
*/
|
||||
public MappedJwtClaimSetConverter(Map<String, Converter<Object, ?>> claimTypeConverters) {
|
||||
Assert.notNull(claimTypeConverters, "claimTypeConverters cannot be null");
|
||||
this.claimTypeConverters = claimTypeConverters;
|
||||
this.delegate = new ClaimTypeConverter(claimTypeConverters);
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -81,6 +82,9 @@ public final class MappedJwtClaimSetConverter implements Converter<Map<String, O
|
|||
*
|
||||
* To completely replace the underlying {@link Map} of converters, see {@link MappedJwtClaimSetConverter#MappedJwtClaimSetConverter(Map)}.
|
||||
*
|
||||
* A converter that returns {@code null} removes the claim from the claim set. A
|
||||
* converter that returns a non-{@code null} value adds or replaces that claim in the
|
||||
* claim set.
|
||||
* @param claimTypeConverters
|
||||
* @return An instance of {@link MappedJwtClaimSetConverter} that contains the converters provided,
|
||||
* plus any defaults that were not overridden.
|
||||
|
@ -144,12 +148,16 @@ public final class MappedJwtClaimSetConverter implements Converter<Map<String, O
|
|||
@Override
|
||||
public Map<String, Object> convert(Map<String, Object> claims) {
|
||||
Assert.notNull(claims, "claims cannot be null");
|
||||
|
||||
Map<String, Object> mappedClaims = this.delegate.convert(claims);
|
||||
|
||||
mappedClaims = removeClaims(mappedClaims);
|
||||
mappedClaims = addClaims(mappedClaims);
|
||||
|
||||
Map<String, Object> mappedClaims = new HashMap<>(claims);
|
||||
for (Map.Entry<String, Converter<Object, ?>> entry : this.claimTypeConverters.entrySet()) {
|
||||
String claimName = entry.getKey();
|
||||
Converter<Object, ?> converter = entry.getValue();
|
||||
if (converter != null) {
|
||||
Object claim = claims.get(claimName);
|
||||
Object mappedClaim = converter.convert(claim);
|
||||
mappedClaims.compute(claimName, (key, value) -> mappedClaim);
|
||||
}
|
||||
}
|
||||
Instant issuedAt = (Instant) mappedClaims.get(JwtClaimNames.IAT);
|
||||
Instant expiresAt = (Instant) mappedClaims.get(JwtClaimNames.EXP);
|
||||
if (issuedAt == null && expiresAt != null) {
|
||||
|
@ -159,23 +167,4 @@ public final class MappedJwtClaimSetConverter implements Converter<Map<String, O
|
|||
return mappedClaims;
|
||||
}
|
||||
|
||||
private Map<String, Object> removeClaims(Map<String, Object> claims) {
|
||||
Map<String, Object> result = new HashMap<>();
|
||||
for (Map.Entry<String, Object> entry : claims.entrySet()) {
|
||||
if (entry.getValue() != null) {
|
||||
result.put(entry.getKey(), entry.getValue());
|
||||
}
|
||||
}
|
||||
return result;
|
||||
}
|
||||
|
||||
private Map<String, Object> addClaims(Map<String, Object> claims) {
|
||||
Map<String, Object> result = new HashMap<>(claims);
|
||||
for (Map.Entry<String, Converter<Object, ?>> entry : claimTypeConverters.entrySet()) {
|
||||
if (!claims.containsKey(entry.getKey()) && entry.getValue().convert(null) != null) {
|
||||
result.put(entry.getKey(), entry.getValue().convert(null));
|
||||
}
|
||||
}
|
||||
return result;
|
||||
}
|
||||
}
|
||||
|
|
|
@ -1,5 +1,5 @@
|
|||
/*
|
||||
* Copyright 2002-2018 the original author or authors.
|
||||
* Copyright 2002-2021 the original author or authors.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
@ -140,11 +140,19 @@ public class MappedJwtClaimSetConverterTests {
|
|||
assertThat(target.get(JwtClaimNames.SUB)).isEqualTo("1234");
|
||||
}
|
||||
|
||||
// gh-10135
|
||||
@Test
|
||||
public void convertWhenConverterReturnsNullThenClaimIsRemoved() {
|
||||
MappedJwtClaimSetConverter converter = MappedJwtClaimSetConverter
|
||||
.withDefaults(Collections.emptyMap());
|
||||
.withDefaults(Collections.singletonMap(JwtClaimNames.NBF, (nbfClaimValue) -> null));
|
||||
Map<String, Object> source = Collections.singletonMap(JwtClaimNames.NBF, Instant.now());
|
||||
Map<String, Object> target = converter.convert(source);
|
||||
assertThat(target).doesNotContainKey(JwtClaimNames.NBF);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void convertWhenClaimValueIsNullThenClaimIsRemoved() {
|
||||
MappedJwtClaimSetConverter converter = MappedJwtClaimSetConverter.withDefaults(Collections.emptyMap());
|
||||
Map<String, Object> source = Collections.singletonMap(JwtClaimNames.ISS, null);
|
||||
Map<String, Object> target = converter.convert(source);
|
||||
|
||||
|
|
Loading…
Reference in New Issue