Commit 482db8ed authored by Matija Obreza's avatar Matija Obreza
Browse files

Fix: OAuthClientOriginCheckFilter cannot identify clientId, "aud" claim returns List<String>

parent ecc793c8
......@@ -17,6 +17,7 @@ package org.genesys.blocks.security.component;
import java.io.IOException;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeUnit;
......@@ -93,7 +94,8 @@ public class OAuthClientOriginCheckFilter extends OncePerRequestFilter {
if (token != null) {
boolean isGet = request.getMethod().equalsIgnoreCase("get");
var clientId = token.getClaimAsString("aud");
List<String> claimAud = token.getClaim("aud");
var clientId = claimAud.get(0);
try {
Set<String> allowedOrigins = clientOriginsCache.get(clientId);
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment