authorities Collection from Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt) is empty

huangapple go评论56阅读模式
英文:

authorities Collection from Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt) is empty

问题

以下是您要翻译的内容:

"I am testing a method that override some parameter in jwtGrantedAuthoritiesConverter but always when i debug get that this collection (Collection authorities = jwtGrantedAuthoritiesConverter.convert(jwt);) is empty did not know the reason !! here is my code

can some one help me please .. Thank you!

class SecurityConfigTest {

@Test
void convertWithOverriddenGrantedAuthoritiesConverter() {

Jwt jwt = this.jwt(Collections.singletonMap("scope", "message:read message:write"));
JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
jwtGrantedAuthoritiesConverter.setAuthorityPrefix("");
jwtGrantedAuthoritiesConverter.setAuthoritiesClaimName("roles");
Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);

assertThat(authorities).containsExactly(
        new SimpleGrantedAuthority("message:read"),
        new SimpleGrantedAuthority("message:write"));
Assert.assertTrue(authorities.contains("roles"));

}
private Jwt jwt(Map<String, Object> claims) {
Map<String, Object> headers = new HashMap<>();
headers put("alg", JwsAlgorithms.RS256);
return new Jwt("token", Instant.now(), Instant.now().plusSeconds(3600), headers, claims);
}
}"

英文:

I am testing a method that override some parameter in jwtGrantedAuthoritiesConverter but always when i debug get that this collection (Collection<GrantedAuthority> authorities = jwtGrantedAuthoritiesConverter.convert(jwt);) is empty did not know the reason !! here is my code

can some one help me please .. Thank you!

class SecurityConfigTest {

@Test
void convertWithOverriddenGrantedAuthoritiesConverter() {

    Jwt jwt = this.jwt(Collections.singletonMap(&quot;scope&quot;, &quot;message:read message:write&quot;));
    JwtGrantedAuthoritiesConverter jwtGrantedAuthoritiesConverter = new JwtGrantedAuthoritiesConverter();
    jwtGrantedAuthoritiesConverter.setAuthorityPrefix(&quot;&quot;);
    jwtGrantedAuthoritiesConverter.setAuthoritiesClaimName(&quot;roles&quot;);
    Collection&lt;GrantedAuthority&gt; authorities = jwtGrantedAuthoritiesConverter.convert(jwt);

    assertThat(authorities).containsExactly(
            new SimpleGrantedAuthority(&quot;message:read&quot;),
            new SimpleGrantedAuthority(&quot;message:write&quot;));
    Assert.assertTrue(authorities.contains(&quot;roles&quot;));
}
private Jwt jwt(Map&lt;String, Object&gt; claims) {
    Map&lt;String, Object&gt; headers = new HashMap&lt;&gt;();
    headers.put(&quot;alg&quot;, JwsAlgorithms.RS256);
    return new Jwt(&quot;token&quot;, Instant.now(), Instant.now().plusSeconds(3600), headers, claims);
}

}

答案1

得分: 0

根据文档,Spring 在尝试将作用域映射到角色时使用的默认声明是 JWT 中的 scope 声明。您可以通过提供自定义的 JwtGrantedAuthoritiesConverter 并使用 setAuthoritiesClaimName 方法来覆盖此行为,以设置不同的声明。上述代码中有这行:

jwtGrantedAuthoritiesConverter.setAuthoritiesClaimName("roles");

因此,Spring 试图在 JWT 中找到一个名为 roles 的声明,将其映射到权限,但是它找不到,所以返回为空。删除该行将解决问题。

英文:

according to the docs the default claim that spring will use when trying to find Authorities to mapping scopes to roles is the scope claim in the JWT.

You can override this behavior by supplying a custom JwtGrantedAuthoritiesConverter and use the setAuthoritiesClaimName to set a different claim.

the above code has this line

jwtGrantedAuthoritiesConverter.setAuthoritiesClaimName(&quot;roles&quot;);

so spring tries to find a claim called roles in the JWT, that it can map to authorities and it can't find it, so it returns empty.

Removing that line will fix the problem.

huangapple
  • 本文由 发表于 2023年2月10日 05:20:29
  • 转载请务必保留本文链接:https://go.coder-hub.com/75404520.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定