diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-01-29 17:10:45 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-01-29 17:10:45 +0100 |
commit | 2a056e05db247b39ec395631364b8c0d286d6085 (patch) | |
tree | 7328c40a6c7dd619491097f734a6f954adcb120f /vespa-athenz/src/main | |
parent | 330656493815924dd8c984c1c16a1e39f49374af (diff) |
Access tokens should not be an empty string
Diffstat (limited to 'vespa-athenz/src/main')
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAccessToken.java | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAccessToken.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAccessToken.java index 86deb0b59b3..ec8c1f3f9f3 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAccessToken.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAccessToken.java @@ -22,9 +22,13 @@ public class AthenzAccessToken { private static String stripBearerTokenPrefix(String rawValue) { String stripped = rawValue.strip(); - return stripped.startsWith(BEARER_TOKEN_PREFIX) - ? stripped.substring(BEARER_TOKEN_PREFIX.length()) + String prefixRemoved = stripped.startsWith(BEARER_TOKEN_PREFIX) + ? stripped.substring(BEARER_TOKEN_PREFIX.length()).strip() : stripped; + if (prefixRemoved.isBlank()) { + throw new IllegalArgumentException(String.format("Access token is blank: '%s'", prefixRemoved)); + } + return prefixRemoved; } public String value() { return value; } |