Configuration parameter 'cookie-encryption-password' takes only a sin…

…gle character rather than a string (helidon-io#4512) (helidon-io#4657) * Configuration parameter 'cookie-encryption-password' takes only a single character rather than a string (helidon-io#4512) * Simplify cookie-password-encryption conversion and improve the unit test
klustria · Aug 3, 2022 · 3f76034 · 3f76034
1 parent f6dd43c
commit 3f76034
Show file tree

Hide file tree

Showing 2 changed files with 39 additions and 2 deletions.
diff --git a/...iders/oidc-common/src/main/java/io/helidon/security/providers/oidc/common/OidcConfig.java b/...iders/oidc-common/src/main/java/io/helidon/security/providers/oidc/common/OidcConfig.java
@@ -1282,7 +1282,9 @@ public Builder config(Config config) {
             config.get("header-token").as(TokenHandler.class).ifPresent(this::headerTokenHandler);
             // encryption of cookies
             config.get("cookie-encryption-enabled").asBoolean().ifPresent(this::cookieEncryptionEnabled);
-            config.get("cookie-encryption-password").as(char[].class).ifPresent(this::cookieEncryptionPassword);
+            config.get("cookie-encryption-password").as(String.class)
+                    .map(String::toCharArray)
+                    .ifPresent(this::cookieEncryptionPassword);
             config.get("cookie-encryption-name").asString().ifPresent(this::cookieEncryptionName);
 
             // OIDC server configuration

diff --git a/...on/src/test/java/io/helidon/security/providers/oidc/common/OidcConfigFromBuilderTest.java b/...on/src/test/java/io/helidon/security/providers/oidc/common/OidcConfigFromBuilderTest.java
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2018, 2021 Oracle and/or its affiliates.
+ * Copyright (c) 2018, 2022 Oracle and/or its affiliates.
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,13 +16,23 @@
 
 package io.helidon.security.providers.oidc.common;
 
+import io.helidon.config.Config;
+import io.helidon.config.ConfigSources;
+import org.junit.jupiter.api.Test;
+
+import static org.hamcrest.CoreMatchers.is;
+import static org.hamcrest.MatcherAssert.assertThat;
+
 import java.net.URI;
+import java.util.Arrays;
+import java.util.Map;
 
 /**
  * Unit test for {@link OidcConfig}.
  */
 class OidcConfigFromBuilderTest extends OidcConfigAbstractTest {
     private OidcConfig oidcConfig;
+    private String cookieEncryptionPasswordValue;
 
     OidcConfigFromBuilderTest() {
         oidcConfig = OidcConfig.builder()
@@ -43,4 +53,29 @@ class OidcConfigFromBuilderTest extends OidcConfigAbstractTest {
     OidcConfig getConfig() {
         return oidcConfig;
     }
+
+    @Test
+    void testCookieEncryptionPasswordFromBuilderConfig() {
+        OidcConfig.Builder builder = new TestOidcConfigBuilder();
+        for (String passwordValue : Arrays.asList("PasswordString", "", "   ")) {
+            builder.config(Config.builder()
+                    .sources(ConfigSources.create(Map.of("cookie-encryption-password", passwordValue)))
+                    .build()
+            );
+            assertThat(cookieEncryptionPasswordValue, is(passwordValue));
+            // reset the value
+            cookieEncryptionPasswordValue = null;
+        }
+    }
+
+    // Stub the Builder class to be able to retrieve the cookie-encryption-password value
+    private class TestOidcConfigBuilder extends OidcConfig.Builder {
+        // Stub the method to be able to store the cookie-encryption-password to a variable for later retrieval
+        @Override
+        public OidcConfig.Builder cookieEncryptionPassword(char[] cookieEncryptionPassword) {
+            cookieEncryptionPasswordValue = String.valueOf(cookieEncryptionPassword);
+            super.cookieEncryptionPassword(cookieEncryptionPassword);
+            return this;
+        }
+    }
 }