diff options
author | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-01-29 17:10:45 +0100 |
---|---|---|
committer | Bjørn Christian Seime <bjorncs@verizonmedia.com> | 2020-02-03 12:05:20 +0100 |
commit | 149e8ff5132a8f79e40c6e1d6e0991110b04aa1b (patch) | |
tree | 66b8d99ce2656801ed834e39279b3974df17e8a0 /vespa-athenz | |
parent | e75b4a755855f673e33bb146468ed7b5e1bea9ab (diff) |
Access tokens should not be an empty string
Diffstat (limited to 'vespa-athenz')
-rw-r--r-- | vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAccessToken.java | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAccessToken.java b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAccessToken.java index 86deb0b59b3..ec8c1f3f9f3 100644 --- a/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAccessToken.java +++ b/vespa-athenz/src/main/java/com/yahoo/vespa/athenz/api/AthenzAccessToken.java @@ -22,9 +22,13 @@ public class AthenzAccessToken { private static String stripBearerTokenPrefix(String rawValue) { String stripped = rawValue.strip(); - return stripped.startsWith(BEARER_TOKEN_PREFIX) - ? stripped.substring(BEARER_TOKEN_PREFIX.length()) + String prefixRemoved = stripped.startsWith(BEARER_TOKEN_PREFIX) + ? stripped.substring(BEARER_TOKEN_PREFIX.length()).strip() : stripped; + if (prefixRemoved.isBlank()) { + throw new IllegalArgumentException(String.format("Access token is blank: '%s'", prefixRemoved)); + } + return prefixRemoved; } public String value() { return value; } |