Skip to content

Commit fb8084c

Browse files
steve-thousandmp911de
authored andcommitted
DATAMONGO-2016 - Fix username/password extraction in MongoCredentialPropertyEditor.
MongoCredentialPropertyEditor inspects now the connection URI for the appropriate delimiter tokens. Previously, inspection used the char questionmark for username/password delimiter inspection. Original pull request: #578.
1 parent 5a01712 commit fb8084c

File tree

2 files changed

+33
-1
lines changed

2 files changed

+33
-1
lines changed

spring-data-mongodb/src/main/java/org/springframework/data/mongodb/config/MongoCredentialPropertyEditor.java

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@
3535
*
3636
* @author Christoph Strobl
3737
* @author Oliver Gierke
38+
* @author Stephen Tyler Conrad
3839
* @since 1.7
3940
*/
4041
public class MongoCredentialPropertyEditor extends PropertyEditorSupport {
@@ -164,7 +165,7 @@ private static String extractDB(String text) {
164165
private static Properties extractOptions(String text) {
165166

166167
int optionsSeparationIndex = text.lastIndexOf(OPTIONS_DELIMITER);
167-
int dbSeparationIndex = text.lastIndexOf(OPTIONS_DELIMITER);
168+
int dbSeparationIndex = text.lastIndexOf(DATABASE_DELIMITER);
168169

169170
if (optionsSeparationIndex == -1 || dbSeparationIndex > optionsSeparationIndex) {
170171
return new Properties();

spring-data-mongodb/src/test/java/org/springframework/data/mongodb/config/MongoCredentialPropertyEditorUnitTests.java

Lines changed: 31 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,7 @@
3434
* Unit tests for {@link MongoCredentialPropertyEditor}.
3535
*
3636
* @author Christoph Strobl
37+
* @author Stephen Tyler Conrad
3738
*/
3839
public class MongoCredentialPropertyEditorUnitTests {
3940

@@ -54,6 +55,10 @@ public class MongoCredentialPropertyEditorUnitTests {
5455
static final String USER_4_ENCODED_PWD;
5556
static final String USER_4_DB = "targaryen";
5657

58+
static final String USER_5_NAME = "lyanna";
59+
static final String USER_5_PWD = "random?password";
60+
static final String USER_5_DB = "mormont";
61+
5762
static final String USER_1_AUTH_STRING = USER_1_NAME + ":" + USER_1_PWD + "@" + USER_1_DB;
5863
static final String USER_1_AUTH_STRING_WITH_PLAIN_AUTH_MECHANISM = USER_1_AUTH_STRING + "?uri.authMechanism=PLAIN";
5964

@@ -66,6 +71,9 @@ public class MongoCredentialPropertyEditorUnitTests {
6671

6772
static final String USER_4_AUTH_STRING;
6873

74+
static final String USER_5_AUTH_STRING = USER_5_NAME + ":" + USER_5_PWD + "@" + USER_5_DB;
75+
static final String USER_5_AUTH_STRING_WITH_PLAIN_AUTH_MECHANISM = USER_5_AUTH_STRING + "?uri.authMechanism=PLAIN";
76+
6977
static final MongoCredential USER_1_CREDENTIALS = MongoCredential.createCredential(USER_1_NAME, USER_1_DB,
7078
USER_1_PWD.toCharArray());
7179
static final MongoCredential USER_1_CREDENTIALS_PLAIN_AUTH = MongoCredential.createPlainCredential(USER_1_NAME,
@@ -81,6 +89,11 @@ public class MongoCredentialPropertyEditorUnitTests {
8189
static final MongoCredential USER_4_CREDENTIALS = MongoCredential.createCredential(USER_4_PLAIN_NAME, USER_4_DB,
8290
USER_4_PLAIN_PWD.toCharArray());
8391

92+
static final MongoCredential USER_5_CREDENTIALS = MongoCredential.createCredential(USER_5_NAME, USER_5_DB,
93+
USER_5_PWD.toCharArray());
94+
static final MongoCredential USER_5_CREDENTIALS_PLAIN_AUTH = MongoCredential.createPlainCredential(USER_5_NAME, USER_5_DB,
95+
USER_5_PWD.toCharArray());
96+
8497
MongoCredentialPropertyEditor editor;
8598

8699
static {
@@ -239,4 +252,22 @@ public void encodedUserNameAndPasswrodShouldBeDecoded() throws UnsupportedEncodi
239252

240253
assertThat((List<MongoCredential>) editor.getValue(), contains(USER_4_CREDENTIALS));
241254
}
255+
256+
@Test //DATAMONGO-2016
257+
@SuppressWarnings("unchecked")
258+
public void passwordWithQuestionMarkShouldNotBeInterpretedAsOptionString() {
259+
260+
editor.setAsText(USER_5_AUTH_STRING);
261+
262+
assertThat((List<MongoCredential>) editor.getValue(), contains(USER_5_CREDENTIALS));
263+
}
264+
265+
@Test //DATAMONGO-2016
266+
@SuppressWarnings("unchecked")
267+
public void passwordWithQuestionMarkShouldNotBreakParsingOfOptionString() {
268+
269+
editor.setAsText(USER_5_AUTH_STRING_WITH_PLAIN_AUTH_MECHANISM);
270+
271+
assertThat((List<MongoCredential>) editor.getValue(), contains(USER_5_CREDENTIALS_PLAIN_AUTH));
272+
}
242273
}

0 commit comments

Comments
 (0)