From e52c5ce103bf6d718017598889fda64e5e115ca5 Mon Sep 17 00:00:00 2001 From: Ryan Liang Date: Tue, 22 Aug 2023 00:55:33 -0700 Subject: [PATCH] Refactor the backendrole extraction in oboauthenticator Signed-off-by: Ryan Liang --- .../security/http/OnBehalfOfAuthenticator.java | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java b/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java index 298fb37bdd..f312ea2fc3 100644 --- a/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java +++ b/src/main/java/org/opensearch/security/http/OnBehalfOfAuthenticator.java @@ -92,15 +92,15 @@ private List extractSecurityRolesFromClaims(Claims claims) { log.warn("This is a malformed On-behalf-of Token"); } - return Arrays.stream(rolesClaim.split(",")).map(String::trim).filter(s -> !s.isEmpty()).collect(Collectors.toUnmodifiableList()); + List roles = Arrays.stream(rolesClaim.split(",")) + .map(String::trim) + .filter(s -> !s.isEmpty()) + .collect(Collectors.toUnmodifiableList()); + + return roles; } private String[] extractBackendRolesFromClaims(Claims claims) { - // Object backendRolesObject = ObjectUtils.firstNonNull(claims.get("ebr"), claims.get("dbr")); - if (!claims.containsKey("br")) { - return null; - } - Object backendRolesObject = claims.get("br"); String[] backendRoles; @@ -108,11 +108,8 @@ private String[] extractBackendRolesFromClaims(Claims claims) { log.warn("This is a malformed On-behalf-of Token"); backendRoles = new String[0]; } else { - final String backendRolesClaim = backendRolesObject.toString(); - // Extracting roles based on the compatibility mode - String decryptedBackendRoles = backendRolesClaim; - backendRoles = Arrays.stream(decryptedBackendRoles.split(",")).map(String::trim).toArray(String[]::new); + backendRoles = Arrays.stream(backendRolesObject.toString().split(",")).map(String::trim).toArray(String[]::new); } return backendRoles;