[KEYCLOAK-17598] - Changing root path check when resolving resource by uri

This commit is contained in:
Pedro Igor 2021-04-19 16:50:40 -03:00
parent 190b60c5cd
commit 228de42859
2 changed files with 21 additions and 1 deletions

View file

@ -140,7 +140,13 @@ public abstract class PathMatcher<P> {
} }
if (endsWithWildcard(expectedUri)) { if (endsWithWildcard(expectedUri)) {
return targetUri.startsWith(expectedUri.substring(0, expectedUri.length() - 2)); String rootPath = expectedUri.substring(0, expectedUri.length() - 1);
if (targetUri.startsWith(rootPath)) {
return true;
}
return targetUri.equals(rootPath.substring(0, rootPath.length() - 1));
} }
String suffix = "/*."; String suffix = "/*.";

View file

@ -61,6 +61,8 @@ public class ResourceManagementWithAuthzClientTest extends ResourceManagementTes
doCreateResource(new ResourceRepresentation( doCreateResource(new ResourceRepresentation(
"/rest/{version}/carts/{cartId}/cartactions/{actionId}", Collections.emptySet(), "/rest/{version}/carts/{cartId}/cartactions/{actionId}", null)); "/rest/{version}/carts/{cartId}/cartactions/{actionId}", Collections.emptySet(), "/rest/{version}/carts/{cartId}/cartactions/{actionId}", null));
doCreateResource(new ResourceRepresentation("/rest/v1/carts/{cartId}/cartactions/123", Collections.emptySet(), "/rest/v1/carts/{cartId}/cartactions/123", null)); doCreateResource(new ResourceRepresentation("/rest/v1/carts/{cartId}/cartactions/123", Collections.emptySet(), "/rest/v1/carts/{cartId}/cartactions/123", null));
doCreateResource(new ResourceRepresentation("Dummy Name", Collections.emptySet(),
new HashSet<>(Arrays.asList("/dummy/605dc7ff310256017a2ec84f", "/dummy/605dc7ff310256017a2ec84f/*")), null));
AuthzClient authzClient = getAuthzClient(); AuthzClient authzClient = getAuthzClient();
@ -82,6 +84,12 @@ public class ResourceManagementWithAuthzClientTest extends ResourceManagementTes
assertEquals(1, resources.size()); assertEquals(1, resources.size());
assertEquals("/resources/*", resources.get(0).getUri()); assertEquals("/resources/*", resources.get(0).getUri());
resources = authzClient.protection().resource().findByMatchingUri("/resources/");
assertNotNull(resources);
assertEquals(1, resources.size());
assertEquals("/resources/*", resources.get(0).getUri());
resources = authzClient.protection().resource().findByMatchingUri("/resources-b/a"); resources = authzClient.protection().resource().findByMatchingUri("/resources-b/a");
assertNotNull(resources); assertNotNull(resources);
@ -159,6 +167,12 @@ public class ResourceManagementWithAuthzClientTest extends ResourceManagementTes
assertNotNull(resources); assertNotNull(resources);
assertEquals(1, resources.size()); assertEquals(1, resources.size());
assertEquals("/rest/{version}/carts/{cartId}/cartactions/{actionId}", resources.get(0).getUri()); assertEquals("/rest/{version}/carts/{cartId}/cartactions/{actionId}", resources.get(0).getUri());
resources = authzClient.protection().resource().findByMatchingUri("/dummy/605dc7ff310256017a2ec84f/nestedObject/605dc7fe310256017a2ec84c");
assertNotNull(resources);
assertEquals(1, resources.size());
assertEquals("Dummy Name", resources.get(0).getName());
} }
@Test @Test