From 0c29403f3ac53a220a0b6e66f5d115b910ec549f Mon Sep 17 00:00:00 2001 From: Patrick Dowler Date: Tue, 20 Feb 2024 12:34:36 -0800 Subject: [PATCH] bug fix: TokenValidator not keeping all bearer token principals --- cadc-util/build.gradle | 2 +- cadc-util/src/main/java/ca/nrc/cadc/auth/TokenValidator.java | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/cadc-util/build.gradle b/cadc-util/build.gradle index 04e27d08..ed7ca73a 100644 --- a/cadc-util/build.gradle +++ b/cadc-util/build.gradle @@ -16,7 +16,7 @@ sourceCompatibility = 1.8 group = 'org.opencadc' -version = '1.10.6' +version = '1.10.7' description = 'OpenCADC core utility library' def git_url = 'https://github.com/opencadc/core' diff --git a/cadc-util/src/main/java/ca/nrc/cadc/auth/TokenValidator.java b/cadc-util/src/main/java/ca/nrc/cadc/auth/TokenValidator.java index 27aa6909..f04e53b5 100644 --- a/cadc-util/src/main/java/ca/nrc/cadc/auth/TokenValidator.java +++ b/cadc-util/src/main/java/ca/nrc/cadc/auth/TokenValidator.java @@ -150,7 +150,7 @@ public static Subject validateTokens(Subject subject) throws NotAuthenticatedExc try { SignedToken validatedToken = SignedToken.parse(credentials); - subject.getPrincipals().add(validatedToken.getUser()); + subject.getPrincipals().addAll(validatedToken.getIdentityPrincipals()); AuthorizationToken authToken = new AuthorizationToken( challengeType, credentials, validatedToken.getDomains(), validatedToken.getScope());