From 42a982956e987a933906465d19d6607fdcbb1f07 Mon Sep 17 00:00:00 2001 From: Aleksandr Skoblikov Date: Fri, 15 Nov 2024 20:44:10 +0400 Subject: [PATCH] CB-5946 force lowercase userid --- .../src/io/cloudbeaver/server/CBApplication.java | 2 +- .../service/security/CBEmbeddedSecurityController.java | 7 ++++++- .../service/security/db/CBDatabaseInitialData.java | 3 ++- 3 files changed, 9 insertions(+), 3 deletions(-) diff --git a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplication.java b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplication.java index 18fde20361..de0f13c5cc 100644 --- a/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplication.java +++ b/server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/CBApplication.java @@ -529,7 +529,7 @@ public synchronized void finishConfiguration( } if (isConfigurationMode()) { - finishSecurityServiceConfiguration(adminName, adminPassword, authInfoList); + finishSecurityServiceConfiguration(adminName.toLowerCase(), adminPassword, authInfoList); } // Save runtime configuration diff --git a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java index f801ae4f21..68ba34ae9f 100644 --- a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java +++ b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/CBEmbeddedSecurityController.java @@ -851,8 +851,13 @@ public void setUserCredentials( } List transformedCredentials; WebAuthProviderDescriptor authProvider = getAuthProvider(authProviderId); + if (authProvider.isCaseInsensitive() && !isSubjectExists(userId) && isSubjectExists(userId.toLowerCase())) { + log.warn("User with id '" + userId + "' not found, credentials will be set for the user: " + userId.toLowerCase()); + userId = userId.toLowerCase(); + } try { SMAuthCredentialsProfile credProfile = getCredentialProfileByParameters(authProvider, credentials.keySet()); + String finalUserId = userId; transformedCredentials = credentials.entrySet().stream().map(cred -> { String propertyName = cred.getKey(); AuthPropertyDescriptor property = credProfile.getCredentialParameter(propertyName); @@ -860,7 +865,7 @@ public void setUserCredentials( return null; } String encodedValue = CommonUtils.toString(cred.getValue()); - encodedValue = property.getEncryption().encrypt(userId, encodedValue); + encodedValue = property.getEncryption().encrypt(finalUserId, encodedValue); return new String[]{propertyName, encodedValue}; }).toList(); } catch (Exception e) { diff --git a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabaseInitialData.java b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabaseInitialData.java index 17c42babb2..7f2879f4f6 100644 --- a/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabaseInitialData.java +++ b/server/bundles/io.cloudbeaver.service.security/src/io/cloudbeaver/service/security/db/CBDatabaseInitialData.java @@ -17,6 +17,7 @@ package io.cloudbeaver.service.security.db; import org.jkiss.dbeaver.model.security.user.SMTeam; +import org.jkiss.utils.CommonUtils; import java.util.List; @@ -26,7 +27,7 @@ class CBDatabaseInitialData { private List teams; public String getAdminName() { - return adminName; + return CommonUtils.isEmpty(adminName) ? null : adminName.toLowerCase(); } public String getAdminPassword() {