cameleer/cameleer-server
1
0
Fork 0
Code Issues 45 Pull Requests Actions 1 Packages Projects Releases Wiki Activity

fix: handle space-delimited scope string in OIDC role extraction
All checks were successful
CI / cleanup-branch (push) Has been skipped
Details
CI / build (push) Successful in 1m6s
Details
CI / docker (push) Successful in 1m12s
Details
CI / deploy-feature (push) Has been skipped
Details
CI / deploy (push) Successful in 39s
Details

Browse Source 
extractRoles() only handled List claims (JSON arrays). When rolesClaim
is configured as "scope", the JWT value is a space-delimited string,
which was silently returning [] and falling back to defaultRoles.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
hsiegeln
2026-04-07 09:20:37 +02:00
parent 8852ec1483
commit 95eb388283
1 changed files with 3 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
cameleer3-server-app/src/main/java/com/cameleer3/server/app/security/OidcTokenExchanger.java
View File

@@ -185,6 +185,9 @@ public class OidcTokenExchanger {
if (value instanceof List<?> list) { if (value instanceof List<?> list) {
return list.stream().map(Object::toString).toList(); return list.stream().map(Object::toString).toList();
} }
if (value instanceof String s && !s.isBlank()) {
return List.of(s.split(" "));
}
return Collections.emptyList(); return Collections.emptyList();
} }