From a0e5af33684a3bcaa0dc368ab6e0eaf84da5547c Mon Sep 17 00:00:00 2001 From: Abimael Sergio Date: Thu, 25 Apr 2024 16:47:28 -0300 Subject: [PATCH] Improve PasswordEncoder Error Messaging Closes gh-14880 --- .../password/DelegatingPasswordEncoder.java | 19 ++++++++++--------- .../DelegatingPasswordEncoderTests.java | 2 +- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java b/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java index 55ab2c8f36b..2ab7f456ca2 100644 --- a/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java +++ b/crypto/src/main/java/org/springframework/security/crypto/password/DelegatingPasswordEncoder.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -19,6 +19,8 @@ import java.util.HashMap; import java.util.Map; +import org.springframework.util.StringUtils; + /** * A password encoder that delegates to another PasswordEncoder based upon a prefixed * identifier. @@ -129,6 +131,10 @@ public class DelegatingPasswordEncoder implements PasswordEncoder { private static final String DEFAULT_ID_SUFFIX = "}"; + public static final String NO_PASSWORD_ENCODER_MAPPED = "There is no PasswordEncoder mapped for the id \"%s\""; + + public static final String NO_PASSWORD_ENCODER_PREFIX = "You have entered a password with no PasswordEncoder. If that is your intent, it should be prefixed with `{noop}`."; + private final String idPrefix; private final String idSuffix; @@ -286,15 +292,10 @@ public String encode(CharSequence rawPassword) { @Override public boolean matches(CharSequence rawPassword, String prefixEncodedPassword) { String id = extractId(prefixEncodedPassword); - checkIfStringIsEmptyOrNull(id); - throw new IllegalArgumentException("There is no PasswordEncoder mapped for the id \"" + id + "\""); - } - - private void checkIfStringIsEmptyOrNull(String string) { - if (string == null || string.isEmpty()) { - throw new IllegalArgumentException( - "You have entered a password with no PasswordEncoder. If that is your intent, it should be prefixed with `{noop}`."); + if (StringUtils.hasText(id)) { + throw new IllegalArgumentException(String.format(NO_PASSWORD_ENCODER_MAPPED, id)); } + throw new IllegalArgumentException(NO_PASSWORD_ENCODER_PREFIX); } } diff --git a/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java b/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java index 263577b9270..a3222fb41ea 100644 --- a/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java +++ b/crypto/src/test/java/org/springframework/security/crypto/password/DelegatingPasswordEncoderTests.java @@ -1,5 +1,5 @@ /* - * Copyright 2002-2022 the original author or authors. + * Copyright 2002-2024 the original author or authors. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License.