Make noop default password encoder for StaticAuthenticationProvider (#1791)

if no provider is specified for the password

Signed-off-by: Marinov Avgustin <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
2024-07-29 11:51:13 +03:00
committed by GitHub
parent 947e48c1b5
commit 9cc9b23398
2 changed files with 9 additions and 14 deletions

View File

@@ -35,10 +35,8 @@ public class InMemoryUserManagementAutoConfiguration extends GlobalAuthenticatio
private final StaticAuthenticationProvider authenticationProvider; private final StaticAuthenticationProvider authenticationProvider;
InMemoryUserManagementAutoConfiguration(final SecurityProperties securityProperties, InMemoryUserManagementAutoConfiguration(final SecurityProperties securityProperties,
final TenantAwareUserProperties tenantAwareUserProperties, final TenantAwareUserProperties tenantAwareUserProperties) {
final Optional<PasswordEncoder> passwordEncoder) { authenticationProvider = new StaticAuthenticationProvider(tenantAwareUserProperties, securityProperties);
authenticationProvider = new StaticAuthenticationProvider(tenantAwareUserProperties, securityProperties,
passwordEncoder.orElse(null));
} }
@Override @Override

View File

@@ -37,9 +37,8 @@ import java.util.regex.Pattern;
public class StaticAuthenticationProvider extends DaoAuthenticationProvider { public class StaticAuthenticationProvider extends DaoAuthenticationProvider {
public StaticAuthenticationProvider( public StaticAuthenticationProvider(
final TenantAwareUserProperties tenantAwareUserProperties, final SecurityProperties securityProperties, final TenantAwareUserProperties tenantAwareUserProperties, final SecurityProperties securityProperties) {
final PasswordEncoder passwordEncoder) { setUserDetailsService(userDetailsService(securityProperties, tenantAwareUserProperties));
setUserDetailsService(userDetailsService(securityProperties, tenantAwareUserProperties, passwordEncoder));
} }
@Override @Override
@@ -56,11 +55,10 @@ public class StaticAuthenticationProvider extends DaoAuthenticationProvider {
private static UserDetailsService userDetailsService( private static UserDetailsService userDetailsService(
final SecurityProperties securityProperties, final SecurityProperties securityProperties,
final TenantAwareUserProperties tenantAwareUserProperties, final TenantAwareUserProperties tenantAwareUserProperties) {
final PasswordEncoder passwordEncoder) {
final List<User> userPrincipals = new ArrayList<>(); final List<User> userPrincipals = new ArrayList<>();
tenantAwareUserProperties.getUser().forEach((username, user) -> { tenantAwareUserProperties.getUser().forEach((username, user) -> {
final String password = password(user.getPassword(), passwordEncoder); final String password = password(user.getPassword());
final List<GrantedAuthority> credentials = final List<GrantedAuthority> credentials =
createAuthorities(user.getRoles(), user.getPermissions(), Collections::emptyList); createAuthorities(user.getRoles(), user.getPermissions(), Collections::emptyList);
if (ObjectUtils.isEmpty(user.getTenant())) { if (ObjectUtils.isEmpty(user.getTenant())) {
@@ -75,7 +73,7 @@ public class StaticAuthenticationProvider extends DaoAuthenticationProvider {
// explicitly setup system user - add is as a regular (non-tenant scoped) user // explicitly setup system user - add is as a regular (non-tenant scoped) user
userPrincipals.add(new User( userPrincipals.add(new User(
securityProperties.getUser().getName(), securityProperties.getUser().getName(),
password(securityProperties.getUser().getPassword(), passwordEncoder), password(securityProperties.getUser().getPassword()),
createAuthorities( createAuthorities(
securityProperties.getUser().getRoles(), Collections.emptyList(), securityProperties.getUser().getRoles(), Collections.emptyList(),
PermissionUtils::createAllAuthorityList))); PermissionUtils::createAllAuthorityList)));
@@ -84,9 +82,8 @@ public class StaticAuthenticationProvider extends DaoAuthenticationProvider {
return new FixedInMemoryTenantAwareUserDetailsService(userPrincipals); return new FixedInMemoryTenantAwareUserDetailsService(userPrincipals);
} }
private static String password(final String password, final PasswordEncoder passwordEncoder) { private static String password(final String password) {
return passwordEncoder == null && !Pattern.compile("^\\{.+}.*$").matcher(password).matches() ? return !Pattern.compile("^\\{.+}.*$").matcher(password).matches() ? "{noop}" + password : password;
"{noop}" + password : password;
} }
private static List<GrantedAuthority> createAuthorities( private static List<GrantedAuthority> createAuthorities(