From 530635fb82d734c2e22977f195a7d46d1ac929e9 Mon Sep 17 00:00:00 2001 From: Matteo Mara Date: Mon, 24 Oct 2022 18:05:44 +0200 Subject: [PATCH] SONAR-17511 fix wrong behavior of the SAML Groups field when no value is provided. --- .../main/java/org/sonar/auth/saml/SamlAuthenticator.java | 6 +++--- .../java/org/sonar/auth/saml/SamlIdentityProviderTest.java | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java b/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java index dba3c5b170f..3ad4326004d 100644 --- a/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java +++ b/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java @@ -78,7 +78,7 @@ public class SamlAuthenticator { .setProviderLogin(login) .setName(this.getName(auth)); this.getEmail(auth).ifPresent(userIdentityBuilder::setEmail); - userIdentityBuilder.setGroups(this.getGroups(auth)); + this.getGroups(auth).ifPresent(userIdentityBuilder::setGroups); return userIdentityBuilder.build(); } @@ -169,8 +169,8 @@ public class SamlAuthenticator { return samlSettings.getUserEmail().map(userEmailField -> getFirstAttribute(auth, userEmailField)); } - private Set getGroups(Auth auth) { - return samlSettings.getGroupName().map(groupsField -> getGroups(auth, groupsField)).orElse(emptySet()); + private Optional> getGroups(Auth auth) { + return samlSettings.getGroupName().map(groupsField -> getGroups(auth, groupsField)); } private static String getNonNullFirstAttribute(Auth auth, String key) { diff --git a/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlIdentityProviderTest.java b/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlIdentityProviderTest.java index 5fdc4a9485e..13122e38cae 100644 --- a/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlIdentityProviderTest.java +++ b/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlIdentityProviderTest.java @@ -247,6 +247,7 @@ public class SamlIdentityProviderTest { assertThat(callbackContext.userIdentity.getProviderLogin()).isEqualTo("johndoe"); assertThat(callbackContext.userIdentity.getGroups()).isEmpty(); + assertThat(callbackContext.userIdentity.shouldSyncGroups()).isFalse(); } @Test -- 2.39.5