New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ProviderManager should have a varargs constructor #7713
Comments
Hi @jzheaux, I would like to work on this issue. |
@ThomasVitale it's yours |
@jzheaux do you have any recommendation to handle the ambiguity when passing |
@ThomasVitale good question new ProviderManager(null) is not a supported use of that class, so I don't think there's much to worry about in the way of disambiguation. That is, if folks are doing that for some reason, they are on their own to make it work as they upgrade. That said, we ought to continue to correctly error when null values are provided, so you might consider adding something like: if (providers.contains(null)) {
throw new IllegalArgumentException(
"providers cannot contain null values");
} To the
Probably not. Spring Security prefers to throw an exception in misconfiguration scenarios instead of trying to leniently interpret the code's intent. |
@jzheaux thanks for your answer, it solved my doubts. I have just created a PR. I have added the varargs constructor and updated the tests to use it, both to actually test the constructor and also to improve their readability. The test checking the exception thrown when a null value was passed to the constructor is now using an empty collection to trigger the validation, making sure the exception is correctly thrown. I haven't added extra validation since it was already covered. |
- Added varargs constructor to ProviderManager. - Added check for null values in AuthenticationProvider list. - Updated ProviderManagerTests to test for null values using both constructors. Fixes gh-7713
Updated copyright date range and adjusted constructor order to better match DelegatingReactiveAuthenticationManager Fixes gh-7713
oauth2ResourceServer()
introduces a couple ofauthenticationManager()
methods for complete control over the authentication mechanism:This can be leveraged to construct a custom
JwtAuthenticationProvider
:However, the method reference shortcut may seem a bit terse for some tastes.
As an alternative, code can construct an instance of
ProviderManager
:This could be improved by adding a varargs constructor to
ProviderManager
:The text was updated successfully, but these errors were encountered: