Enables empty authorityPrefix

- docs stated that empty authorityPrefix are allowed but implementation denied to use `""` - commit removes the `hasText`-limitation but restricts to `notNull` Fixes gh-8421
spring-projects · Jul 7, 2020 · 4fec451 · 4fec451
1 parent 7af5804
commit 4fec451
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 1 deletion.
diff --git a/...mework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverter.java b/...mework/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverter.java
@@ -68,7 +68,7 @@ public Collection<GrantedAuthority> convert(Jwt jwt) {
 	 * @since 5.2
 	 */
 	public void setAuthorityPrefix(String authorityPrefix) {
-		Assert.hasText(authorityPrefix, "authorityPrefix cannot be empty");
+		Assert.notNull(authorityPrefix, "authorityPrefix cannot be null");
 		this.authorityPrefix = authorityPrefix;
 	}
 

diff --git a/...k/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverterTests.java b/...k/security/oauth2/server/resource/authentication/JwtGrantedAuthoritiesConverterTests.java
@@ -37,6 +37,12 @@
  */
 public class JwtGrantedAuthoritiesConverterTests {
 
+	@Test(expected = IllegalArgumentException.class)
+	public void setAuthorityPrefixWithNullThenException() {
+		JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
+		jwtGrantedAuthoritiesConverter.setAuthorityPrefix(null);
+	}
+
 	@Test
 	public void convertWhenTokenHasScopeAttributeThenTranslatedToAuthorities() {
 		Jwt jwt = jwt().claim("scope", "message:read message:write").build();
@@ -62,6 +68,19 @@ public void convertWithCustomAuthorityPrefixWhenTokenHasScopeAttributeThenTransl
 				new SimpleGrantedAuthority("ROLE_message:write"));
 	}
 
+	@Test
+	public void convertWithBlankAsCustomAuthorityPrefixWhenTokenHasScopeAttributeThenTranslatedToAuthorities() {
+		Jwt jwt = jwt().claim("scope", "message:read message:write").build();
+
+		JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
+		jwtGrantedAuthoritiesConverter.setAuthorityPrefix("");
+		Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
+
+		assertThat(authorities).containsExactly(
+				new SimpleGrantedAuthority("message:read"),
+				new SimpleGrantedAuthority("message:write"));
+	}
+
 	@Test
 	public void convertWhenTokenHasEmptyScopeAttributeThenTranslatedToNoAuthorities() {
 		Jwt jwt = jwt().claim("scope", "").build();
@@ -97,6 +116,19 @@ public void convertWithCustomAuthorityPrefixWhenTokenHasScpAttributeThenTranslat
 				new SimpleGrantedAuthority("ROLE_message:write"));
 	}
 
+	@Test
+	public void convertWithBlankAsCustomAuthorityPrefixWhenTokenHasScpAttributeThenTranslatedToAuthorities() {
+		Jwt jwt = jwt().claim("scp", "message:read message:write").build();
+
+		JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
+		jwtGrantedAuthoritiesConverter.setAuthorityPrefix("");
+		Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);
+
+		assertThat(authorities).containsExactly(
+				new SimpleGrantedAuthority("message:read"),
+				new SimpleGrantedAuthority("message:write"));
+	}
+
 	@Test
 	public void convertWhenTokenHasEmptyScpAttributeThenTranslatedToNoAuthorities() {
 		Jwt jwt = jwt().claim("scp", Collections.emptyList()).build();