fix: name may be null

Use the default name... by default
gravitee-io · Oct 23, 2024 · 5698a9c · 5698a9c
1 parent c5a77db
commit 5698a9c
Show file tree

Hide file tree

Showing 2 changed files with 24 additions and 5 deletions.
diff --git a/src/main/java/io/gravitee/policy/apikey/ApiKeyPolicy.java b/src/main/java/io/gravitee/policy/apikey/ApiKeyPolicy.java
@@ -197,11 +197,15 @@ public Maybe<SecurityToken> extractSecurityToken(KafkaConnectionContext ctx) {
             if (callback instanceof NameCallback nameCallback) {
                 // With SASL_PLAIN or SCRAM, we expect the username to be a md5 hash of the api-key, for security and privacy.
                 String md5ApiKey = nameCallback.getName();
-                if (md5ApiKey != null && !md5ApiKey.isBlank()) {
-                    ctx.setInternalAttribute(ATTR_INTERNAL_MD5_API_KEY, md5ApiKey);
-                    return Maybe.just(SecurityToken.forMD5ApiKey(md5ApiKey));
+                if (md5ApiKey == null || md5ApiKey.isBlank()) {
+                    md5ApiKey = nameCallback.getDefaultName();
                 }
-                return Maybe.just(SecurityToken.invalid(MD5_API_KEY));
+                if (md5ApiKey == null || md5ApiKey.isBlank()) {
+                    return Maybe.just(SecurityToken.invalid(MD5_API_KEY));
+                }
+
+                ctx.setInternalAttribute(ATTR_INTERNAL_MD5_API_KEY, md5ApiKey);
+                return Maybe.just(SecurityToken.forMD5ApiKey(md5ApiKey));
             }
         }
         return Maybe.empty();

diff --git a/src/test/java/io/gravitee/policy/apikey/ApiKeyPolicyTest.java b/src/test/java/io/gravitee/policy/apikey/ApiKeyPolicyTest.java
@@ -532,7 +532,7 @@ void init() {
 
         @Test
         void extractSecurityToken_shouldReturnSecurityToken_whenCallbackHasName() {
-            NameCallback nameCallback = new NameCallback("prompt");
+            NameCallback nameCallback = new NameCallback("prompt", "default name");
             nameCallback.setName(API_KEY);
 
             when(ctx.callbacks()).thenReturn(new Callback[] { nameCallback });
@@ -546,6 +546,21 @@ void extractSecurityToken_shouldReturnSecurityToken_whenCallbackHasName() {
             verify(ctx).setInternalAttribute(ATTR_INTERNAL_MD5_API_KEY, API_KEY);
         }
 
+        @Test
+        void extractSecurityToken_shouldReturnSecurityToken_whenCallbackHasDefaultName() {
+            NameCallback nameCallback = new NameCallback("prompt", API_KEY);
+
+            when(ctx.callbacks()).thenReturn(new Callback[] { nameCallback });
+
+            final ApiKeyPolicy cut = new ApiKeyPolicy(configuration);
+            final TestObserver<SecurityToken> obs = cut.extractSecurityToken(ctx).test();
+
+            obs.assertValue(token ->
+                token.getTokenType().equals(SecurityToken.TokenType.MD5_API_KEY.name()) && token.getTokenValue().equals(API_KEY)
+            );
+            verify(ctx).setInternalAttribute(ATTR_INTERNAL_MD5_API_KEY, API_KEY);
+        }
+
         @Test
         void extractSecurityToken_shouldReturnEmpty_whenNoNameCallback() {
             when(ctx.callbacks()).thenReturn(new Callback[] {});