Fix security token retrieval in SecurityTokenAuthenticator (#2289)

Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
2025-02-19 11:39:52 +02:00
parent 2d12ad693a
commit 893a3b1f29
1 changed files with 2 additions and 1 deletions
--- a/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/SecurityTokenAuthenticator.java
+++ b/hawkbit-ddi/hawkbit-ddi-security/src/main/java/org/eclipse/hawkbit/security/controller/SecurityTokenAuthenticator.java
@@ -64,7 +64,8 @@ public class SecurityTokenAuthenticator extends Authenticator.AbstractAuthentica
                                : controllerManagement.getByControllerId(controllerSecurityToken.getControllerId()),
                        controllerSecurityToken.getTenant())
                // validate if the presented token is the same as the one set for the target
-                .filter(target -> presentedToken.equals(target.getSecurityToken()))
+                .filter(target -> presentedToken.equals(
+                        systemSecurityContext.runAsSystemAsTenant(target::getSecurityToken, controllerSecurityToken.getTenant())))
                .map(target -> authenticatedController(controllerSecurityToken.getTenant(), target.getControllerId()))
                .orElse(null);
    }