You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@syncope.apache.org by il...@apache.org on 2021/11/24 10:04:10 UTC
[syncope] branch master updated: [SYNCOPE-1651] Reviewing delegation validation logic
This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/master by this push:
new 615bbec [SYNCOPE-1651] Reviewing delegation validation logic
615bbec is described below
commit 615bbec2fe069f1cf813648ebb126a721e80d0e5
Author: Francesco Chicchiriccò <il...@apache.org>
AuthorDate: Wed Nov 24 11:02:29 2021 +0100
[SYNCOPE-1651] Reviewing delegation validation logic
---
.../core/spring/security/AuthDataAccessor.java | 24 ++++++++++++++--------
1 file changed, 15 insertions(+), 9 deletions(-)
diff --git a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
index d057150..6cd89b4 100644
--- a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
+++ b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
@@ -183,17 +183,23 @@ public class AuthDataAccessor {
}
protected String getDelegationKey(final SyncopeAuthenticationDetails details, final String delegatedKey) {
- return Optional.ofNullable(details.getDelegatedBy()).
- map(delegatingKey -> SyncopeConstants.UUID_PATTERN.matcher(delegatingKey).matches()
- ? delegatingKey
- : userDAO.findKey(delegatingKey)).map(delegatingKey -> {
+ if (details.getDelegatedBy() == null) {
+ return null;
+ }
+
+ String delegatingKey = SyncopeConstants.UUID_PATTERN.matcher(details.getDelegatedBy()).matches()
+ ? details.getDelegatedBy()
+ : userDAO.findKey(details.getDelegatedBy());
+ if (delegatingKey == null) {
+ throw new SessionAuthenticationException(
+ "Delegating user " + details.getDelegatedBy() + " cannot be found");
+ }
- LOG.debug("Delegation request: delegating:{}, delegated:{}", delegatingKey, delegatedKey);
+ LOG.debug("Delegation request: delegating:{}, delegated:{}", delegatingKey, delegatedKey);
- return delegationDAO.findValidFor(delegatingKey, delegatedKey).
- orElseThrow(() -> new SessionAuthenticationException(
- "Delegation by " + delegatingKey + " was requested but none found"));
- }).orElse(null);
+ return delegationDAO.findValidFor(delegatingKey, delegatedKey).
+ orElseThrow(() -> new SessionAuthenticationException(
+ "Delegation by " + delegatingKey + " was requested but none found"));
}
/**