libre.sh/keycloak-scim
3
0
Fork 0
Code Issues 15 Pull requests Releases Packages Activity Actions

KeycloakRole equals only with itself

Browse source 
I use Keycloak Spring Adapter (KSA) to secure existing application. Today I realized that some functions didn't work anymore because of security checking like this:
```
GrantedAuthority adminRole = new MySpecialGrantedAuthority( "superadmin" );
for ( GrantedAuthority role : userRoles ) {
        if ( role.equals( adminRole ) ) {
          return true;
        }
      }
```
In this example, when I use KSA authorization fails.
I believe, that more preferable in `KeycloakRole` use this implementation of `equals` method.
This commit is contained in:
Valeran86 2019-06-21 15:48:50 +03:00 committed by Pedro Igor
parent c636b7a1cd
commit 2899375614
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
adapters/oidc/spring-security/src/main/java/org/keycloak/adapters/springsecurity/account/KeycloakRole.java
View file

@ -51,13 +51,13 @@ public class KeycloakRole implements GrantedAuthority {
if (this == o) { if (this == o) {
return true; return true;
} }
if (!(o instanceof KeycloakRole)) { if (!(o instanceof GrantedAuthority)) {
return false; return false;
} }
KeycloakRole that = (KeycloakRole) o; GrantedAuthority that = (GrantedAuthority) o;
if (!role.equals(that.role)) { if (!role.equals(that.getAuthority())) {
return false; return false;
} }