This is an automated email from the ASF dual-hosted git repository. amagyar pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/knox.git
The following commit(s) were added to refs/heads/master by this push: new 16daa62c4 KNOX-2982 - Having one disabled one enabled identity-assertion provider in knoxsso doesn't work (#832) 16daa62c4 is described below commit 16daa62c46b4a213ff0dfbfa33ae678306c0e46d Author: Attila Magyar <m.magy...@gmail.com> AuthorDate: Tue Jan 16 18:05:14 2024 +0100 KNOX-2982 - Having one disabled one enabled identity-assertion provider in knoxsso doesn't work (#832) --- .../deploy/ServiceDeploymentContributorBase.java | 5 ++++- .../org/apache/knox/gateway/topology/Topology.java | 5 ++++- .../apache/knox/gateway/topology/TopologyTest.java | 19 +++++++++++++++++++ 3 files changed, 27 insertions(+), 2 deletions(-) diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/deploy/ServiceDeploymentContributorBase.java b/gateway-spi/src/main/java/org/apache/knox/gateway/deploy/ServiceDeploymentContributorBase.java index 60e6c994f..3047b195b 100644 --- a/gateway-spi/src/main/java/org/apache/knox/gateway/deploy/ServiceDeploymentContributorBase.java +++ b/gateway-spi/src/main/java/org/apache/knox/gateway/deploy/ServiceDeploymentContributorBase.java @@ -21,6 +21,7 @@ import org.apache.knox.gateway.descriptor.FilterParamDescriptor; import org.apache.knox.gateway.descriptor.ResourceDescriptor; import org.apache.knox.gateway.topology.Provider; import org.apache.knox.gateway.topology.Service; +import org.apache.knox.gateway.topology.Topology; import org.apache.knox.gateway.topology.Version; import java.net.URISyntaxException; @@ -82,7 +83,9 @@ public abstract class ServiceDeploymentContributorBase extends DeploymentContrib protected void addIdentityAssertionFilter( DeploymentContext context, Service service, ResourceDescriptor resource) { if( topologyContainsProviderType( context, "authentication" ) || topologyContainsProviderType( context, "federation" ) ) { - context.contributeFilter( service, resource, "identity-assertion", null, null ); + Topology topology = context.getTopology(); + Provider activeProvider = topology.getProvider("identity-assertion", null); + context.contributeFilter(service, resource, "identity-assertion", activeProvider != null ? activeProvider.getName() : null, null); } } diff --git a/gateway-spi/src/main/java/org/apache/knox/gateway/topology/Topology.java b/gateway-spi/src/main/java/org/apache/knox/gateway/topology/Topology.java index 1cd81e7c7..003dd3965 100644 --- a/gateway-spi/src/main/java/org/apache/knox/gateway/topology/Topology.java +++ b/gateway-spi/src/main/java/org/apache/knox/gateway/topology/Topology.java @@ -157,7 +157,10 @@ public class Topology { provider = nameMap.get( name ); } else { - provider = (Provider) nameMap.values().toArray()[0]; + provider = nameMap.values().stream() + .filter(Provider::isEnabled) + .findFirst() + .orElse((Provider) nameMap.values().toArray()[0]); } } return provider; diff --git a/gateway-spi/src/test/java/org/apache/knox/gateway/topology/TopologyTest.java b/gateway-spi/src/test/java/org/apache/knox/gateway/topology/TopologyTest.java index fec1f3ef8..153664a7a 100644 --- a/gateway-spi/src/test/java/org/apache/knox/gateway/topology/TopologyTest.java +++ b/gateway-spi/src/test/java/org/apache/knox/gateway/topology/TopologyTest.java @@ -89,6 +89,25 @@ public class TopologyTest { assertEquals(t1, t2); } + @Test + public void testGettingMultipleProvidersReturnsTheFirstEnabled() { + Topology topology = new Topology(); + + Provider disabledProvider = new Provider(); + disabledProvider.setRole("identity-assertion"); + disabledProvider.setName("disabled_prov"); + disabledProvider.setEnabled(false); + topology.addProvider(disabledProvider); + + Provider enabledProvider = new Provider(); + enabledProvider.setName("enabled_prov"); + enabledProvider.setRole("identity-assertion"); + enabledProvider.setEnabled(true); + topology.addProvider(enabledProvider); + + assertEquals("enabled_prov", topology.getProvider("identity-assertion", null).getName()); + } + @Test public void testEmptyTopologiesWithSameName() { final String name = "tName";