Changed: checking when claim is blank in the provider in RegisterOIDC…

…UserCommand
IQSS · Nov 21, 2024 · f360b91 · f360b91
1 parent ae58595
commit f360b91
Show file tree

Hide file tree

Showing 2 changed files with 33 additions and 2 deletions.
diff --git a/src/main/java/edu/harvard/iq/dataverse/engine/command/impl/RegisterOIDCUserCommand.java b/src/main/java/edu/harvard/iq/dataverse/engine/command/impl/RegisterOIDCUserCommand.java
@@ -89,7 +89,7 @@ private Map<String, String> validateConflictingClaims(OAuth2UserRecord oAuth2Use
     }
 
     private void addFieldErrorIfConflict(String fieldName, String claimValue, String existingValue, Map<String, String> fieldErrors) {
-        if (claimValue != null && existingValue != null && !claimValue.equals(existingValue)) {
+        if (claimValue != null && !claimValue.trim().isEmpty() && existingValue != null && !claimValue.equals(existingValue)) {
             String errorMessage = BundleUtil.getStringFromBundle(
                     "registerOidcUserCommand.errors.provideMissingClaimsEnabled.fieldAlreadyPresentInProvider",
                     List.of(fieldName)
@@ -123,7 +123,7 @@ private void throwInvalidFieldsCommandExceptionIfErrorsExist(Map<String, String>
     }
 
     private String getValueOrDefault(String oidcValue, String dtoValue) {
-        return (oidcValue == null || oidcValue.isEmpty()) ? dtoValue : oidcValue;
+        return (oidcValue == null || oidcValue.trim().isEmpty()) ? dtoValue : oidcValue;
     }
 
     private void validateUserFields(CommandContext ctxt, boolean provideMissingClaimsEnabled) throws InvalidFieldsCommandException {

diff --git a/src/test/java/edu/harvard/iq/dataverse/engine/command/impl/RegisterOIDCUserCommandTest.java b/src/test/java/edu/harvard/iq/dataverse/engine/command/impl/RegisterOIDCUserCommandTest.java
@@ -294,4 +294,35 @@ void execute_happyPath_withoutAffiliationAndPosition_claimsInProvider_provideMis
                 eq(true)
         );
     }
+
+    @Test
+    @JvmSetting(key = JvmSettings.FEATURE_FLAG, value = "true", varArgs = "api-bearer-auth-provide-missing-claims")
+    void execute_happyPath_withoutAffiliationAndPosition_blankClaimInProviderProvidedInJson_provideMissingClaimsFeatureFlagEnabled() throws AuthorizationException, CommandException {
+        String testUsername = "usernameNotBlank";
+        testUserDTO.setUsername(testUsername);
+        testUserDTO.setTermsAccepted(true);
+        testUserDTO.setEmailAddress(null);
+        testUserDTO.setFirstName(null);
+        testUserDTO.setLastName(null);
+
+        when(authServiceStub.verifyOIDCBearerTokenAndGetOAuth2UserRecord(TEST_BEARER_TOKEN)).thenReturn(oAuth2UserRecordStub);
+
+        when(oAuth2UserRecordStub.getUsername()).thenReturn(" ");
+        when(oAuth2UserRecordStub.getDisplayInfo()).thenReturn(TEST_VALID_DISPLAY_INFO);
+
+        sut.execute(contextStub);
+
+        verify(authServiceStub, times(1)).createAuthenticatedUser(
+                eq(userRecordIdentifierMock),
+                eq(testUsername),
+                eq(new AuthenticatedUserDisplayInfo(
+                        TEST_VALID_DISPLAY_INFO.getFirstName(),
+                        TEST_VALID_DISPLAY_INFO.getLastName(),
+                        TEST_VALID_DISPLAY_INFO.getEmailAddress(),
+                        "",
+                        "")
+                ),
+                eq(true)
+        );
+    }
 }