Allow duplicated keys in the HardcodedKeyLocator

Closes https://github.com/keycloak/keycloak/issues/24961

Signed-off-by: rmartinc <rmartinc@redhat.com>
This commit is contained in:
rmartinc 2023-11-23 13:30:30 +01:00 committed by Pedro Igor
parent 0b9dd21b0a
commit e17295d04a
2 changed files with 11 additions and 2 deletions

View file

@ -46,14 +46,14 @@ public class HardcodedKeyLocator implements KeyLocator, Iterable<Key> {
Objects.requireNonNull(keys, "Keys must not be null");
this.byName = Collections.emptyMap();
this.byKey = Collections.unmodifiableMap(keys.stream().collect(
Collectors.toMap(k -> new KeyHash(k), k -> k)));
Collectors.toMap(k -> new KeyHash(k), k -> k, (k1, k2) -> k1)));
}
public HardcodedKeyLocator(Map<String, ? extends Key> keys) {
Objects.requireNonNull(keys, "Keys must not be null");
this.byName = Collections.unmodifiableMap(keys);
this.byKey = Collections.unmodifiableMap(keys.values().stream().collect(
Collectors.toMap(k -> new KeyHash(k), k -> k)));
Collectors.toMap(k -> new KeyHash(k), k -> k, (k1, k2) -> k1)));
}
@Override

View file

@ -139,4 +139,13 @@ public class HardcodedKeyLocatorTest {
Assert.assertNotNull(found);
Assert.assertEquals(cert1.getPublicKey(), found);
}
@Test
public void testDuplicateKey() throws Exception {
KeyLocator locator = createLocatorWithoutName(cert1, cert1);
KeyInfo info = XMLSignatureUtil.createKeyInfo(null, null, cert1);
Key found = locator.getKey(info);
Assert.assertNotNull(found);
Assert.assertEquals(cert1.getPublicKey(), found);
}
}