Головна сторінка Огляд Довідка
Реєстрація Увійти
github
/
spring-security
дзеркало https://github.com/spring-projects/spring-security
2
0
Відгалуження 0
Файли Проблеми 0 Wiki
Переглянути джерело

Polish

DelegatingPasswordEncoder copies the provided Map. This ensures that
references to the Map do not update the state of DelegatingPasswordEncoder
and NullPointerException is avoided for implementations that do not allow
a null key.

Issue: gh-4936
Rob Winch 7 роки тому
батько
2b66793535
коміт
22737dce7e
2 змінених файлів з 6 додано та 13 видалено
Розділений вигляд Показати статистику Diff
  1. 3 6
      crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java
  2. 3 7
      crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java

+ 3 - 6
crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java
Переглянути файл 

@@ -16,6 +16,7 @@
 
 
 package org.springframework.security.crypto.password;
 
 
+import java.util.HashMap;
 
 import java.util.Map;
 
 
 /**
 
@@ -155,7 +156,7 @@ public class DelegatingPasswordEncoder implements PasswordEncoder {
 
 		}
 
 		this.idForEncode = idForEncode;
 
 		this.passwordEncoderForEncode = idToPasswordEncoder.get(idForEncode);
 
-		this.idToPasswordEncoder = idToPasswordEncoder;
 
+		this.idToPasswordEncoder = new HashMap<>(idToPasswordEncoder);
 
 	}
 
 
 	/**
 
@@ -191,11 +192,7 @@ public class DelegatingPasswordEncoder implements PasswordEncoder {
 
 			return true;
 
 		}
 
 		String id = extractId(prefixEncodedPassword);
 
-		PasswordEncoder delegate = null;
 
-		try {
 
-			delegate = this.idToPasswordEncoder.get(id);
 
-		} catch(NullPointerException e) {
 
-		}
 
+		PasswordEncoder delegate = this.idToPasswordEncoder.get(id);
 
 		if(delegate == null) {
 
 			return this.defaultPasswordEncoderForMatches
 
 				.matches(rawPassword, prefixEncodedPassword);

+ 3 - 7
crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java
Переглянути файл 

@@ -23,6 +23,7 @@ import org.mockito.Mock;
 
 import org.mockito.junit.MockitoJUnitRunner;
 
 
 import java.util.HashMap;
 
+import java.util.Hashtable;
 
 import java.util.Map;
 
 
 import static org.assertj.core.api.Assertions.assertThat;
 
@@ -47,9 +48,6 @@ public class DelegatingPasswordEncoderTests {
 
 	@Mock
 
 	private PasswordEncoder invalidId;
 
 
-	@Mock
 
-	private Map<String, PasswordEncoder> throwingDelegates;
 
-
 
 	private String bcryptId = "bcrypt";
 
 
 	private String rawPassword = "password";
 
@@ -173,11 +171,9 @@ public class DelegatingPasswordEncoderTests {
 
 
 	@Test
 
 	public void matchesWhenIdIsNullThenFalse() {
 
-		when(this.throwingDelegates.containsKey(this.bcryptId)).thenReturn(true);
 
-		when(this.throwingDelegates.get(this.bcryptId)).thenReturn(this.bcrypt);
 
-		when(this.throwingDelegates.get(null)).thenThrow(NullPointerException.class);
 
+		this.delegates = new Hashtable<>(this.delegates);
 
 
-		DelegatingPasswordEncoder passwordEncoder = new DelegatingPasswordEncoder(this.bcryptId, throwingDelegates);
 
+		DelegatingPasswordEncoder passwordEncoder = new DelegatingPasswordEncoder(this.bcryptId, this.delegates);
 
 
 		assertThatThrownBy(() -> passwordEncoder.matches(this.rawPassword, this.rawPassword))
 
 			.isInstanceOf(IllegalArgumentException.class)