3 роки тому · af7f943325
--- a/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java
+++ b/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java
@@ -1,5 +1,5 @@
 
				 /*
			
 
				- * Copyright 2002-2021 the original author or authors.
			
 
				+ * Copyright 2002-2022 the original author or authors.
			
 
				  *
			
 
				  * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				  * you may not use this file except in compliance with the License.
			
@@ -119,6 +119,7 @@ import java.util.Map;
 
				  * @author Rob Winch
			
 
				  * @author Michael Simons
			
 
				  * @author heowc
			
 
				+ * @author Jihoon Cha
			
 
				  * @since 5.0
			
 
				  * @see org.springframework.security.crypto.factory.PasswordEncoderFactories
			
 
				  */
			
@@ -173,6 +174,9 @@ public class DelegatingPasswordEncoder implements PasswordEncoder {
 
				 		if (idSuffix == null || idSuffix.isEmpty()) {
			
 
				 			throw new IllegalArgumentException("suffix cannot be empty");
			
 
				 		}
			
 
				+		if (idPrefix.contains(idSuffix)) {
			
 
				+			throw new IllegalArgumentException("idPrefix " + idPrefix + " cannot contain idSuffix " + idSuffix);
			
 
				+		}
			
 
				 
			
 
				 		if (!idToPasswordEncoder.containsKey(idForEncode)) {
			
 
				 			throw new IllegalArgumentException(
			
--- a/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java
+++ b/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java
@@ -1,5 +1,5 @@
 
				 /*
			
 
				- * Copyright 2002-2021 the original author or authors.
			
 
				+ * Copyright 2002-2022 the original author or authors.
			
 
				  *
			
 
				  * Licensed under the Apache License, Version 2.0 (the "License");
			
 
				  * you may not use this file except in compliance with the License.
			
@@ -37,6 +37,7 @@ import static org.mockito.Mockito.verifyZeroInteractions;
 
				  * @author Rob Winch
			
 
				  * @author Michael Simons
			
 
				  * @author heowc
			
 
				+ * @author Jihoon Cha
			
 
				  * @since 5.0
			
 
				  */
			
 
				 @ExtendWith(MockitoExtension.class)
			
@@ -119,9 +120,9 @@ public class DelegatingPasswordEncoderTests {
 
				 
			
 
				 	@Test
			
 
				 	public void constructorWhenIdContainsPrefixThenIllegalArgumentException() {
			
 
				-		this.delegates.put('$' + this.bcryptId, this.bcrypt);
			
 
				+		this.delegates.put('{' + this.bcryptId, this.bcrypt);
			
 
				 		assertThatIllegalArgumentException()
			
 
				-				.isThrownBy(() -> new DelegatingPasswordEncoder(this.bcryptId, this.delegates, "$", "$"));
			
 
				+				.isThrownBy(() -> new DelegatingPasswordEncoder(this.bcryptId, this.delegates));
			
 
				 	}
			
 
				 
			
 
				 	@Test
			
@@ -131,6 +132,12 @@ public class DelegatingPasswordEncoderTests {
 
				 				.isThrownBy(() -> new DelegatingPasswordEncoder(this.bcryptId, this.delegates, "", "$"));
			
 
				 	}
			
 
				 
			
 
				+	@Test
			
 
				+	public void constructorWhenPrefixContainsSuffixThenIllegalArgumentException() {
			
 
				+		assertThatIllegalArgumentException()
			
 
				+				.isThrownBy(() -> new DelegatingPasswordEncoder(this.bcryptId, this.delegates, "$", "$"));
			
 
				+	}
			
 
				+
			
 
				 	@Test
			
 
				 	public void setDefaultPasswordEncoderForMatchesWhenNullThenIllegalArgumentException() {
			
 
				 		assertThatIllegalArgumentException()