search

jenkinsci / oic-auth-plugin

A Jenkins plugin which lets you login to Jenkins using your own, self-hosted or public openid connect server.
https://plugins.jenkins.io/oic-auth
MIT License
71 stars 94 forks source link

Group field parsing fails on array of numbers #324

Closed curtpm closed 5 months ago

curtpm commented 5 months ago

Jenkins and plugins versions report

Environment Jenkins: 2.452.1 OS: Linux - 5.4.144-16.el7pie Java: 17.0.11 - Eclipse Adoptium (OpenJDK 64-Bit Server VM) oic-auth:4.257.v5360e8489e8b_

What Operating System are you using (both controller, and any agents involved in the problem)?

Linux running from the docker image jenkins/jenkins:lts-jdk11

Reproduction steps

In advanced settings for OpenID Connect, set Groups field name:

groups[]

The response from the server has a list of groups in this format 

{
...
groups: [123456, 7890123 ....]
}

The plugin fails to parse the groups' array as an array of strings.

The ensureString function fails to convert the array of numbers into strings.

Expected Results

The groups array should be converted into a list of strings.

Actual Results

Throws with this error 

java.lang.ClassCastException: class java.math.BigDecimal cannot be cast to class java.lang.String (java.math.BigDecimal and java.lang.String are in module java.base of loader 'bootstrap')
    at org.jenkinsci.plugins.oic.OicSecurityRealm.determineAuthorities(OicSecurityRealm.java:1164)
    at org.jenkinsci.plugins.oic.OicSecurityRealm.loginAndSetUserData(OicSecurityRealm.java:1060)
    at org.jenkinsci.plugins.oic.OicSecurityRealm$3.onSuccess(OicSecurityRealm.java:952)
    at org.jenkinsci.plugins.oic.OicSession.finishLogin(OicSession.java:218)
    at org.jenkinsci.plugins.oic.OicSecurityRealm.doFinishLogin(OicSecurityRealm.java:1285)
    at java.base/java.lang.invoke.MethodHandle.invokeWithArguments(Unknown Source)
    at org.kohsuke.stapler.Function$MethodFunction.invoke(Function.java:397)
    at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:409)
    at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:207)
    at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:140)
    at org.kohsuke.stapler.MetaClass$11.doDispatch(MetaClass.java:558)
    at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:59)
    at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:770)

Anything else?

No response

Are you interested in contributing a fix?

No response

michael-doubez commented 5 months ago

You should be able to convert int to string by using groups[].to_string(@) on a version of the plugin supporting JMESPath expression (4.257.v5360e8489e8b is ok).

curtpm commented 5 months ago

That worked perfectly! Thanks for the help!