[syncope] branch 2_1_X updated: [SYNCOPE-1651] Reviewing delegation validation logic

Wed, 24 Nov 2021 02:04:18 -0800 

This is an automated email from the ASF dual-hosted git repository.

ilgrosso pushed a commit to branch 2_1_X
in repository https://gitbox.apache.org/repos/asf/syncope.git


The following commit(s) were added to refs/heads/2_1_X by this push:
     new 2f23ffe  [SYNCOPE-1651] Reviewing delegation validation logic
2f23ffe is described below

commit 2f23ffe579156d901d0cfd1079c3254b925a9c8a
Author: Francesco Chicchiriccò <ilgro...@apache.org>
AuthorDate: Wed Nov 24 11:02:29 2021 +0100

    [SYNCOPE-1651] Reviewing delegation validation logic
---
 .../core/spring/security/AuthDataAccessor.java     | 24 ++++++++++++++--------
 1 file changed, 15 insertions(+), 9 deletions(-)

diff --git 
a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
 
b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
index 72d81f8..fa7d0da 100644
--- 
a/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
+++ 
b/core/spring/src/main/java/org/apache/syncope/core/spring/security/AuthDataAccessor.java
@@ -184,17 +184,23 @@ public class AuthDataAccessor {
     }
 
     protected String getDelegationKey(final SyncopeAuthenticationDetails 
details, final String delegatedKey) {
-        return Optional.ofNullable(details.getDelegatedBy()).
-                map(delegatingKey -> 
SyncopeConstants.UUID_PATTERN.matcher(delegatingKey).matches()
-                ? delegatingKey
-                : userDAO.findKey(delegatingKey)).map(delegatingKey -> {
+        if (details.getDelegatedBy() == null) {
+            return null;
+        }
+
+        String delegatingKey = 
SyncopeConstants.UUID_PATTERN.matcher(details.getDelegatedBy()).matches()
+                ? details.getDelegatedBy()
+                : userDAO.findKey(details.getDelegatedBy());
+        if (delegatingKey == null) {
+            throw new SessionAuthenticationException(
+                    "Delegating user " + details.getDelegatedBy() + " cannot 
be found");
+        }
 
-            LOG.debug("Delegation request: delegating:{}, delegated:{}", 
delegatingKey, delegatedKey);
+        LOG.debug("Delegation request: delegating:{}, delegated:{}", 
delegatingKey, delegatedKey);
 
-            return delegationDAO.findValidFor(delegatingKey, delegatedKey).
-                    orElseThrow(() -> new SessionAuthenticationException(
-                    "Delegation by " + delegatingKey + " was requested but 
none found"));
-        }).orElse(null);
+        return delegationDAO.findValidFor(delegatingKey, delegatedKey).
+                orElseThrow(() -> new SessionAuthenticationException(
+                "Delegation by " + delegatingKey + " was requested but none 
found"));
     }
 
     /**

Reply via email to