Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix OIDC scope to permission mapping when scope is empty #36920

Merged
merged 1 commit into from
Nov 7, 2023
Merged

Fix OIDC scope to permission mapping when scope is empty #36920

merged 1 commit into from
Nov 7, 2023

Conversation

michalvavrik
Copy link
Member

fixes: #36911

@quarkus-bot quarkus-bot bot added the area/oidc label Nov 7, 2023
sberyozkin
sberyozkin approved these changes Nov 7, 2023
View reviewed changes
Copy link
Member

@sberyozkin sberyozkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @michalvavrik for a quick fix

@michalvavrik
Copy link
Member Author

michalvavrik commented Nov 7, 2023
edited
Loading

Thanks @michalvavrik for a quick fix

Np, I was thinking about something even more robust for all sorts of scenarios like scope separator (white space separator white space) that would also result into illegal arg exception, but this seems most performant fix. However while I found plenty of scenarios where users had empty scope, not sure if that happens in a real cases. I think we can stick with this and made adjustments if someone complains. The reported issue resulted in 401, so it's safe (though it was a bug).

@michalvavrik
Copy link
Member Author

michalvavrik commented Nov 7, 2023
edited
Loading

@sberyozkin I've made one simple change isEmpty => isBlank that should handle everything (realistic); please have a look again

@michalvavrik michalvavrik force-pushed the feature/fix-oidc-perm-npe branch from fcf7d1e to 09c105f Compare November 7, 2023 14:30
@quarkus-bot quarkus-bot
Copy link

quarkus-bot bot commented Nov 7, 2023

✔️ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

sberyozkin
sberyozkin approved these changes Nov 7, 2023
View reviewed changes
Copy link
Member

@sberyozkin sberyozkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sberyozkin sberyozkin merged commit 878bca8 into quarkusio:main Nov 7, 2023
21 checks passed
@quarkus-bot quarkus-bot bot added this to the 3.6 - main milestone Nov 7, 2023
@michalvavrik michalvavrik deleted the feature/fix-oidc-perm-npe branch November 7, 2023 15:57
@gsmet gsmet modified the milestones: 3.6 - main, 3.5.1 Nov 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sberyozkin sberyozkin sberyozkin approved these changes

Assignees
No one assigned
Labels
area/oidc kind/bugfix
Projects
None yet
Milestone
3.5.1
Development

Successfully merging this pull request may close these issues.

OIDC "Permission must not be empty" with imported test realm since 3.5.0
3 participants
@michalvavrik @sberyozkin @gsmet