From 676c481d498b2b0104992406b640a0cbc653dc47 Mon Sep 17 00:00:00 2001 From: Hyomin Park Date: Wed, 8 May 2024 22:05:25 -0400 Subject: [PATCH] Fix empty token handling in RawAuthResponse constructor RawAuthResponse constructor first checks to ensure provided token is not null and is not empty. Existing implementation used != operator to detect non-empty string, thus failed to handle when provided token is actually empty, i.e. "". The token comparison logic in RawAuthResponse constructor is now updated to use isEmpty() instead, more specifically, (token != null && !token.isEmpty()) to properly handle "" case. New test case with sample json has been added for validation; the test prior to the change would fail with java.lang.ArrayIndexOutOfBoundsException. --- .../split/engine/sse/dtos/RawAuthResponse.java | 2 +- .../io/split/engine/sse/AuthApiClientTest.java | 17 +++++++++++++++++ ...treaming-auth-push-disabled-empty-token.json | 1 + 3 files changed, 19 insertions(+), 1 deletion(-) create mode 100644 client/src/test/resources/streaming-auth-push-disabled-empty-token.json diff --git a/client/src/main/java/io/split/engine/sse/dtos/RawAuthResponse.java b/client/src/main/java/io/split/engine/sse/dtos/RawAuthResponse.java index 4082aac72..08f21d8a4 100644 --- a/client/src/main/java/io/split/engine/sse/dtos/RawAuthResponse.java +++ b/client/src/main/java/io/split/engine/sse/dtos/RawAuthResponse.java @@ -22,7 +22,7 @@ public RawAuthResponse(boolean pushEnabled, String token) { this.pushEnabled = pushEnabled; this.token = token; - if (token != null && token != "") { + if (token != null && !token.isEmpty()) { String tokenDecoded = decodeJwt(); this.jwt = Json.fromJson(tokenDecoded, Jwt.class); } else { diff --git a/client/src/test/java/io/split/engine/sse/AuthApiClientTest.java b/client/src/test/java/io/split/engine/sse/AuthApiClientTest.java index f5dd0b342..b6f05e04c 100644 --- a/client/src/test/java/io/split/engine/sse/AuthApiClientTest.java +++ b/client/src/test/java/io/split/engine/sse/AuthApiClientTest.java @@ -85,6 +85,23 @@ public void authenticateWithPushDisabledShouldReturnSuccess() throws IOException Assert.assertTrue(StringUtils.isEmpty(result.getToken())); } + @Test + public void authenticateWithPushDisabledWithEmptyTokenShouldReturnSuccess() throws IOException, IllegalAccessException, + NoSuchMethodException, InvocationTargetException, URISyntaxException { + CloseableHttpClient httpClientMock = TestHelper.mockHttpClient("streaming-auth-push-disabled-empty-token.json", + HttpStatus.SC_OK); + SplitHttpClient splitHttpClient = SplitHttpClientImpl.create(httpClientMock, new RequestDecorator(null), + "qwerty", metadata()); + + AuthApiClient authApiClient = new AuthApiClientImp("www.split-test.io", splitHttpClient, TELEMETRY_STORAGE); + AuthenticationResponse result = authApiClient.Authenticate(); + + Assert.assertFalse(result.isPushEnabled()); + Assert.assertTrue(StringUtils.isEmpty(result.getChannels())); + Assert.assertFalse(result.isRetry()); + Assert.assertTrue(StringUtils.isEmpty(result.getToken())); + } + @Test public void authenticateServerErrorShouldReturnErrorWithRetry() throws IOException, IllegalAccessException, NoSuchMethodException, InvocationTargetException, URISyntaxException { diff --git a/client/src/test/resources/streaming-auth-push-disabled-empty-token.json b/client/src/test/resources/streaming-auth-push-disabled-empty-token.json new file mode 100644 index 000000000..d40fd01c9 --- /dev/null +++ b/client/src/test/resources/streaming-auth-push-disabled-empty-token.json @@ -0,0 +1 @@ +{"pushEnabled":false,"token":""} \ No newline at end of file