Skip to content

Commit

Permalink
Configuration parameter 'cookie-encryption-password' takes only a sin…
Browse files Browse the repository at this point in the history
…gle character rather than a string (#4512) (#4657) (#4675)

* Configuration parameter 'cookie-encryption-password' takes only a single character rather than a string (#4512)

* Simplify cookie-password-encryption conversion and improve the unit test
  • Loading branch information
klustria authored Aug 4, 2022
1 parent 8a2725d commit 7427688
Show file tree
Hide file tree
Showing 2 changed files with 39 additions and 2 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -1282,7 +1282,9 @@ public Builder config(Config config) {
config.get("header-token").as(TokenHandler.class).ifPresent(this::headerTokenHandler);
// encryption of cookies
config.get("cookie-encryption-enabled").asBoolean().ifPresent(this::cookieEncryptionEnabled);
config.get("cookie-encryption-password").as(char[].class).ifPresent(this::cookieEncryptionPassword);
config.get("cookie-encryption-password").as(String.class)
.map(String::toCharArray)
.ifPresent(this::cookieEncryptionPassword);
config.get("cookie-encryption-name").asString().ifPresent(this::cookieEncryptionName);

// OIDC server configuration
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2018, 2021 Oracle and/or its affiliates.
* Copyright (c) 2018, 2022 Oracle and/or its affiliates.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand All @@ -16,13 +16,23 @@

package io.helidon.security.providers.oidc.common;

import io.helidon.config.Config;
import io.helidon.config.ConfigSources;
import org.junit.jupiter.api.Test;

import static org.hamcrest.CoreMatchers.is;
import static org.hamcrest.MatcherAssert.assertThat;

import java.net.URI;
import java.util.Arrays;
import java.util.Map;

/**
* Unit test for {@link OidcConfig}.
*/
class OidcConfigFromBuilderTest extends OidcConfigAbstractTest {
private OidcConfig oidcConfig;
private String cookieEncryptionPasswordValue;

OidcConfigFromBuilderTest() {
oidcConfig = OidcConfig.builder()
Expand All @@ -43,4 +53,29 @@ class OidcConfigFromBuilderTest extends OidcConfigAbstractTest {
OidcConfig getConfig() {
return oidcConfig;
}

@Test
void testCookieEncryptionPasswordFromBuilderConfig() {
OidcConfig.Builder builder = new TestOidcConfigBuilder();
for (String passwordValue : Arrays.asList("PasswordString", "", " ")) {
builder.config(Config.builder()
.sources(ConfigSources.create(Map.of("cookie-encryption-password", passwordValue)))
.build()
);
assertThat(cookieEncryptionPasswordValue, is(passwordValue));
// reset the value
cookieEncryptionPasswordValue = null;
}
}

// Stub the Builder class to be able to retrieve the cookie-encryption-password value
private class TestOidcConfigBuilder extends OidcConfig.Builder {
// Stub the method to be able to store the cookie-encryption-password to a variable for later retrieval
@Override
public OidcConfig.Builder cookieEncryptionPassword(char[] cookieEncryptionPassword) {
cookieEncryptionPasswordValue = String.valueOf(cookieEncryptionPassword);
super.cookieEncryptionPassword(cookieEncryptionPassword);
return this;
}
}
}

0 comments on commit 7427688

Please sign in to comment.