Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix error when Bearer token is requested with empty string #15940

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Fix error when Bearer token is requested with empty string #15940

wants to merge 3 commits into from

Conversation

jacknie84
Copy link

Issue gh-15885

@spring-projects-issues spring-projects-issues added the status: waiting-for-triage An issue we've not yet triaged label Oct 18, 2024
sjohnr
sjohnr requested changes Oct 18, 2024
View reviewed changes
Copy link
Member

@sjohnr sjohnr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hi @jacknie84, thanks for the PR! Please see comment below. Also there are failures on the build. Let me know if you need any assistance with the build output.

...org/springframework/security/oauth2/server/resource/web/DefaultBearerTokenResolverTests.java Show resolved Hide resolved
@jacknie84
Copy link
Author

Hi @sjohnr. Thank you for your review.
I've made all the changes you asked for.
and I updated the test code because it was failing due to recent code changes.
Please review it once again.

@jzheaux jzheaux assigned jzheaux and sjohnr and unassigned jzheaux Oct 23, 2024
@jzheaux jzheaux added in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) and removed status: waiting-for-triage An issue we've not yet triaged labels Oct 23, 2024
sjohnr
sjohnr reviewed Oct 24, 2024
View reviewed changes
...server/resource/web/server/authentication/ServerBearerTokenAuthenticationConverterTests.java
@@ -217,6 +217,19 @@ void resolveWhenQueryParameterHasMultipleAccessTokensThenOAuth2AuthenticationExc

}

@Test
public void resolveWhenQueryParameterIsPresentAndEmptyStringThenTokenIsNotResolved() {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this is the same test as resolveWhenQueryParameterIsEmptyAndSupportedThenOAuth2AuthenticationException()? I think this test isn't needed?

@sjohnr sjohnr added the type: bug A general bug label Oct 24, 2024
@sjohnr sjohnr added this to the 6.4.x milestone Oct 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sjohnr sjohnr sjohnr requested changes

Assignees

@sjohnr sjohnr

Labels
in: oauth2 An issue in OAuth2 modules (oauth2-core, oauth2-client, oauth2-resource-server, oauth2-jose) type: bug A general bug
Projects
Spring Security Team
Status: No status
Milestone
6.4.x
Development

Successfully merging this pull request may close these issues.
4 participants
@jacknie84 @sjohnr @jzheaux @spring-projects-issues