diff --git a/java-security/pom.xml b/java-security/pom.xml
index 0cf0be0f98..5a4cc286e2 100644
--- a/java-security/pom.xml
+++ b/java-security/pom.xml
@@ -114,11 +114,6 @@
1.19.0
test
-
- org.slf4j
- slf4j-simple
- test
-
com.github.stefanbirkner
system-lambda
@@ -148,6 +143,11 @@
spring-context
test
+
+ ch.qos.logback
+ logback-classic
+ test
+
diff --git a/java-security/src/main/java/com/sap/cloud/security/servlet/HybridTokenFactory.java b/java-security/src/main/java/com/sap/cloud/security/servlet/HybridTokenFactory.java
index 07931a6b4b..2f43fa6379 100644
--- a/java-security/src/main/java/com/sap/cloud/security/servlet/HybridTokenFactory.java
+++ b/java-security/src/main/java/com/sap/cloud/security/servlet/HybridTokenFactory.java
@@ -18,6 +18,7 @@
import javax.annotation.Nonnull;
import java.util.Objects;
+import java.util.Optional;
import java.util.regex.Pattern;
import static com.sap.cloud.security.token.TokenClaims.XSUAA.EXTERNAL_ATTRIBUTE;
@@ -31,8 +32,8 @@
public class HybridTokenFactory implements TokenFactory {
private static final Logger LOGGER = LoggerFactory.getLogger(HybridTokenFactory.class);
- private static String xsAppId;
- private static ScopeConverter xsScopeConverter;
+ static Optional xsAppId;
+ static ScopeConverter xsScopeConverter;
/**
* Determines whether the JWT token is issued by XSUAA or IAS identity service,
@@ -66,25 +67,28 @@ public Token create(String jwtToken) {
*/
static void withXsuaaAppId(@Nonnull String xsAppId) {
LOGGER.debug("XSUAA app id = {}", xsAppId);
- HybridTokenFactory.xsAppId = xsAppId;
+ HybridTokenFactory.xsAppId = Optional.of(xsAppId);
getOrCreateScopeConverter();
}
private static ScopeConverter getOrCreateScopeConverter() {
- if (xsScopeConverter == null && getXsAppId() != null) {
- xsScopeConverter = new XsuaaScopeConverter(getXsAppId());
+ if (xsScopeConverter == null && getXsAppId().isPresent()) {
+ xsScopeConverter = new XsuaaScopeConverter(getXsAppId().get());
}
return xsScopeConverter;
}
- private static String getXsAppId() {
- if (xsAppId == null) {
- OAuth2ServiceConfiguration serviceConfiguration = Environments.getCurrent().getXsuaaConfiguration();
- if (serviceConfiguration == null) {
- LOGGER.warn("There is no xsuaa service configuration: no local scope check possible.");
- } else {
- xsAppId = serviceConfiguration.getProperty(CFConstants.XSUAA.APP_ID);
- }
+ private static Optional getXsAppId() {
+ if (Objects.nonNull(xsAppId)) {
+ return xsAppId;
+ }
+ OAuth2ServiceConfiguration serviceConfiguration = Environments.getCurrent().getXsuaaConfiguration();
+ if (serviceConfiguration != null) {
+ xsAppId = Optional.of(serviceConfiguration.getProperty(CFConstants.XSUAA.APP_ID));
+ } else {
+ LOGGER.warn(
+ "There is no xsuaa service configuration with 'xsappname' property: no local scope check possible.");
+ xsAppId = Optional.empty();
}
return xsAppId;
}
diff --git a/java-security/src/test/java/com/sap/cloud/security/servlet/HybridTokenFactoryTest.java b/java-security/src/test/java/com/sap/cloud/security/servlet/HybridTokenFactoryTest.java
new file mode 100644
index 0000000000..6bf5f77d92
--- /dev/null
+++ b/java-security/src/test/java/com/sap/cloud/security/servlet/HybridTokenFactoryTest.java
@@ -0,0 +1,50 @@
+package com.sap.cloud.security.servlet;
+
+import ch.qos.logback.core.read.ListAppender;
+import com.sap.cloud.security.token.XsuaaToken;
+import org.apache.commons.io.IOUtils;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.slf4j.LoggerFactory;
+import ch.qos.logback.classic.spi.ILoggingEvent;
+import ch.qos.logback.classic.Logger;
+
+import java.io.IOException;
+
+import static java.nio.charset.StandardCharsets.UTF_8;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.jupiter.api.Assertions.*;
+
+class HybridTokenFactoryTest {
+
+ private ListAppender logWatcher;
+ private HybridTokenFactory cut;
+
+ @BeforeEach
+ public void setup() {
+ cut = new HybridTokenFactory();
+ cut.xsAppId = null;
+ cut.xsScopeConverter = null;
+ logWatcher = new ListAppender<>();
+ logWatcher.start();
+ ((Logger) LoggerFactory.getLogger(HybridTokenFactory.class)).addAppender(logWatcher);
+ }
+
+ @AfterEach
+ void teardown() {
+ ((Logger) LoggerFactory.getLogger(HybridTokenFactory.class)).detachAndStopAllAppenders();
+ }
+
+ @Test
+ void oneWarningMessageIncaseSecurityConfigIsMissing() throws IOException {
+ String jwt = IOUtils.resourceToString("/xsuaaUserAccessTokenRSA256.txt", UTF_8);
+ XsuaaToken token = (XsuaaToken) cut.create(jwt);
+ cut.create(jwt);
+
+ assertThat(token.getIssuer()).isEqualTo("http://auth.com");
+ assertThrows(IllegalArgumentException.class, () -> token.hasLocalScope("abc"));
+ assertThat(logWatcher.list).isNotNull().hasSize(1);
+ assertThat(logWatcher.list.get(0).getMessage()).contains("There is no xsuaa service configuration");
+ }
+}
\ No newline at end of file