[cas-dev] I seem to find a bug when using jwt in version 5.3.6

Mon, 15 Jul 2019 19:10:04 -0700 

The following code snippet comes from the Class "
org.apereo.cas.token.cipher.RegisteredServiceTokenTicketCipherExecutor" 
which is in the package cas-server-support-token-core-5.3.6.

    @Override
    public String encode(final String data, final 
Optional<RegisteredService> service) {
        if (service.isPresent()) {
            final RegisteredService registeredService = service.get();
            if (supports(registeredService)) {
                LOGGER.debug("Found signing and/or encryption keys for [{}] 
in service registry to encode", registeredService.getServiceId());
                final String encryptionKey = 
getEncryptionKey(registeredService).get();
                final String signingKey = 
getSigningKey(registeredService).get();
                final TokenTicketCipherExecutor cipher = new 
TokenTicketCipherExecutor(encryptionKey, signingKey,
                    StringUtils.isNotBlank(encryptionKey), 
StringUtils.isNotBlank(signingKey));
                if (cipher.isEnabled()) {
                    return cipher.encode(data);
                }
            }
        }
        return encode(data);
    }

    @Override
    public boolean supports(final RegisteredService registeredService) {
        return getSigningKey(registeredService).isPresent() || 
getEncryptionKey(registeredService).isPresent();
    }

    /**
     * Gets signing key.
     *
     * @param registeredService the registered service
     * @return the signing key
     */
    public Optional<String> getSigningKey(final RegisteredService 
registeredService) {
        if 
(RegisteredServiceProperties.TOKEN_AS_SERVICE_TICKET_SIGNING_KEY.isAssignedTo(registeredService))
 
{
            final String signingKey = 
RegisteredServiceProperties.TOKEN_AS_SERVICE_TICKET_SIGNING_KEY.getPropertyValue(registeredService).getValue();
            return Optional.of(signingKey);
        }
        return Optional.empty();
    }

As seen from the "supports" method, jwt supports setting only one of "
EncryptionKey" and "SigningKey".
But if I only set one of them, "getEncryptionKey(registeredService).get()" 
or "getSigningKey(registeredService).get()" in the "encode" method will 
throw an error "java.util.NoSuchElementException: No value present"

-- 
You received this message because you are subscribed to the Google Groups "CAS 
Developer" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/a/apereo.org/d/msgid/cas-dev/e7ad3195-d787-4aec-9cd2-71a1f90117cb%40apereo.org.

Reply via email to