Commit 29cfa934 authored by Matija Obreza's avatar Matija Obreza
Browse files

BUGFIX: Handle case where OAuth client secret is null

parent 56892e2b
......@@ -15,6 +15,7 @@
*/
package org.genesys.blocks.oauth.util;
import org.apache.commons.lang3.StringUtils;
import org.genesys.blocks.oauth.model.OAuthClient;
import org.genesys.blocks.oauth.persistence.OAuthClientRepository;
import org.slf4j.Logger;
......@@ -64,7 +65,7 @@ public class AppBlocksInitializer implements InitializingBean {
void encodePasswords() {
long count = 0;
for (OAuthClient oauthClient : oauthClientRepository.findAll()) {
if (!oauthClient.getClientSecret().startsWith("$2a$")) {
if (StringUtils.isNotBlank(oauthClient.getClientSecret()) && !oauthClient.getClientSecret().startsWith("$2a$")) {
count++;
LOG.warn("Migrating plain-text client secret to bcrypt for {}", oauthClient.getClientId());
oauthClientRepository.setClientSecret(oauthClient.getId(), passwordEncoder.encode(oauthClient.getClientSecret()));
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment