Commit 29cfa934 authored by Matija Obreza's avatar Matija Obreza

BUGFIX: Handle case where OAuth client secret is null

parent 56892e2b
...@@ -15,6 +15,7 @@ ...@@ -15,6 +15,7 @@
*/ */
package org.genesys.blocks.oauth.util; package org.genesys.blocks.oauth.util;
import org.apache.commons.lang3.StringUtils;
import org.genesys.blocks.oauth.model.OAuthClient; import org.genesys.blocks.oauth.model.OAuthClient;
import org.genesys.blocks.oauth.persistence.OAuthClientRepository; import org.genesys.blocks.oauth.persistence.OAuthClientRepository;
import org.slf4j.Logger; import org.slf4j.Logger;
...@@ -64,7 +65,7 @@ public class AppBlocksInitializer implements InitializingBean { ...@@ -64,7 +65,7 @@ public class AppBlocksInitializer implements InitializingBean {
void encodePasswords() { void encodePasswords() {
long count = 0; long count = 0;
for (OAuthClient oauthClient : oauthClientRepository.findAll()) { for (OAuthClient oauthClient : oauthClientRepository.findAll()) {
if (!oauthClient.getClientSecret().startsWith("$2a$")) { if (StringUtils.isNotBlank(oauthClient.getClientSecret()) && !oauthClient.getClientSecret().startsWith("$2a$")) {
count++; count++;
LOG.warn("Migrating plain-text client secret to bcrypt for {}", oauthClient.getClientId()); LOG.warn("Migrating plain-text client secret to bcrypt for {}", oauthClient.getClientId());
oauthClientRepository.setClientSecret(oauthClient.getId(), passwordEncoder.encode(oauthClient.getClientSecret())); oauthClientRepository.setClientSecret(oauthClient.getId(), passwordEncoder.encode(oauthClient.getClientSecret()));
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment