Merge pull request #2940 from cloudfoundry/fix-potential-typo-in-oaut…

…hidpwrapperfactorybean

Fix potential typo in OauthIDPWrapperFactoryBean.java

server/src/main/java/org/cloudfoundry/identity/uaa/provider/oauth/OauthIDPWrapperFactoryBean.java

@@ -88,7 +88,7 @@ private AbstractExternalOAuthIdentityProviderDefinition getExternalOIDCIdentityP
         oidcIdentityProviderDefinition.setUserInfoUrl(idpDefinitionMap.get("userInfoUrl") == null ? null : new URL((String) idpDefinitionMap.get("userInfoUrl")));
         oidcIdentityProviderDefinition.setPasswordGrantEnabled(
             idpDefinitionMap.get("passwordGrantEnabled") == null ? false : (boolean) idpDefinitionMap.get("passwordGrantEnabled"));
-        oidcIdentityProviderDefinition.setSetForwardHeader(idpDefinitionMap.get("setForwardHeader") == null ? false : (boolean) idpDefinitionMap.get("passwordGrantEnabled"));
+        oidcIdentityProviderDefinition.setSetForwardHeader(idpDefinitionMap.get("setForwardHeader") == null ? false : (boolean) idpDefinitionMap.get("setForwardHeader"));
         oidcIdentityProviderDefinition.setPrompts((List<Prompt>) idpDefinitionMap.get("prompts"));
         setJwtClientAuthentication(idpDefinitionMap, oidcIdentityProviderDefinition);
         oauthIdpDefinitions.put(alias, oidcIdentityProviderDefinition);

server/src/test/java/org/cloudfoundry/identity/uaa/provider/oauth/OauthIdentityProviderDefinitionFactoryBeanTest.java

@@ -17,10 +17,12 @@
 
 import org.cloudfoundry.identity.uaa.constants.ClientAuthentication;
 import org.cloudfoundry.identity.uaa.constants.OriginKeys;
+import org.cloudfoundry.identity.uaa.provider.IdentityProvider;
 import org.cloudfoundry.identity.uaa.provider.OIDCIdentityProviderDefinition;
 import org.junit.Before;
 import org.junit.Test;
 
+import java.util.Collections;
 import java.util.HashMap;
 import java.util.Map;
 import java.util.Set;
@@ -300,4 +302,34 @@ public void testAuthMethodSet() {
         assertNotNull(((OIDCIdentityProviderDefinition) factoryBean.getProviders().get(0).getProvider().getConfig()).getJwtClientAuthentication());
         assertEquals("none", (((OIDCIdentityProviderDefinition) factoryBean.getProviders().get(0).getProvider().getConfig()).getAuthMethod()));
     }
+
+    /* The following two test cases check whether different values for 'setForwardHeader' and 'passwordGrantEnabled' are
+     * allowed. Due to a copy/paste issue, the value of 'setForwardHeader' was previously always set to the same value
+     * as 'passwordGrantEnabled'. */
+    @Test
+    public void testSetForwardHeader_ShouldAllowValuesDifferentFromPasswordGrantEnabled_True() {
+        testSetForwardHeader_ShouldAllowValuesDifferentFromPasswordGrantEnabled(true);
+    }
+
+    @Test
+    public void testSetForwardHeader_ShouldAllowValuesDifferentFromPasswordGrantEnabled_False() {
+        testSetForwardHeader_ShouldAllowValuesDifferentFromPasswordGrantEnabled(false);
+    }
+
+    private void testSetForwardHeader_ShouldAllowValuesDifferentFromPasswordGrantEnabled(
+            final boolean setForwardHeader
+    ) {
+        idpDefinitionMap.put("setForwardHeader", setForwardHeader);
+        idpDefinitionMap.put("passwordGrantEnabled", !setForwardHeader);
+        idpDefinitionMap.put("type", OriginKeys.OIDC10);
+
+        factoryBean = new OauthIDPWrapperFactoryBean(Collections.singletonMap("new.idp", idpDefinitionMap));
+        factoryBean.setCommonProperties(idpDefinitionMap, providerDefinition);
+
+        final IdentityProvider provider = factoryBean.getProviders().get(0).getProvider();
+        assertTrue(provider.getConfig() instanceof OIDCIdentityProviderDefinition);
+        final OIDCIdentityProviderDefinition providerConfig = (OIDCIdentityProviderDefinition) provider.getConfig();
+        assertEquals(setForwardHeader, providerConfig.isSetForwardHeader());
+        assertEquals(!setForwardHeader, providerConfig.isPasswordGrantEnabled());
+    }
 }