diff --git a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java index dfd1c4eaa3a..7557728b07d 100644 --- a/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java +++ b/cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java @@ -108,7 +108,7 @@ private CasAuthenticationToken(final Integer keyHash, final Object principal, fi protected CasAuthenticationToken(Builder builder) { super(builder); Assert.isTrue(!"".equals(builder.principal), "principal cannot be null or empty"); - Assert.notNull(!"".equals(builder.credentials), "credentials cannot be null or empty"); + Assert.isTrue(!"".equals(builder.credentials), "credentials cannot be null or empty"); Assert.notNull(builder.userDetails, "userDetails cannot be null"); Assert.notNull(builder.assertion, "assertion cannot be null"); this.keyHash = builder.keyHash; diff --git a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java index 506497124d4..ee5b29962aa 100644 --- a/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java +++ b/cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java @@ -34,6 +34,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException; +import static org.assertj.core.api.Assertions.assertThatNoException; /** * Tests {@link CasAuthenticationToken}. @@ -182,4 +183,38 @@ public void toBuilderWhenApplyThenCopies() { assertThat(authorities).containsExactlyInAnyOrder("FACTOR_ONE", "FACTOR_TWO"); } + @Test + public void toBuilderWhenPrincipalIsEmpty() { + final Assertion assertion = new AssertionImpl("test"); + CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES, + makeUserDetails(), assertion); + assertThatIllegalArgumentException().isThrownBy(() -> token.toBuilder().principal(null).build()); + assertThatIllegalArgumentException().isThrownBy(() -> token.toBuilder().principal("").build()); + } + + @Test + public void toBuilderWhenPrincipalIsNotEmpty() { + final Assertion assertion = new AssertionImpl("test"); + CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES, + makeUserDetails(), assertion); + assertThatNoException().isThrownBy(() -> token.toBuilder().principal("principal").build()); + } + + @Test + public void toBuilderWhenCredentialsIsEmpty() { + final Assertion assertion = new AssertionImpl("test"); + CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES, + makeUserDetails(), assertion); + assertThatIllegalArgumentException().isThrownBy(() -> token.toBuilder().credentials(null).build()); + assertThatIllegalArgumentException().isThrownBy(() -> token.toBuilder().credentials("").build()); + } + + @Test + public void toBuilderWhenCredentialsIsNotEmpty() { + final Assertion assertion = new AssertionImpl("test"); + CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES, + makeUserDetails(), assertion); + assertThatNoException().isThrownBy(() -> token.toBuilder().credentials("credentials").build()); + } + }