首页 发现 帮助
登录
lqb
/
elasticsearch
镜像自地址 https://gitee.com/mirrors/elasticsearch.git
1
0
派生 0
文件 工单管理 0 Wiki
浏览代码

Fix the condition for logging empty JWK sets. (#91675)

The logic for check isEmpty should have been flipped. This PR fixes it.

Relates: #91001
Yang Wang 2 年之前
父节点
0c5edf7564
当前提交
a7abee0ec1
共有 1 个文件被更改,包括 4 次插入2 次删除
合并视图 显示文件统计
  1. 4 2
      x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/jwt/JwtSignatureValidator.java

+ 4 - 2
x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/security/authc/jwt/JwtSignatureValidator.java
查看文件 

@@ -161,8 +161,10 @@ public interface JwtSignatureValidator extends Releasable {
 
         }
 
         }
 
 
 
         private void logWarnIfAuthenticationWillAlwaysFail() {
 
         private void logWarnIfAuthenticationWillAlwaysFail() {
 
-            final boolean hasUsableJwksAndAlgorithms = (hmacJwtSignatureValidator != null && hmacJwtSignatureValidator.jwksAlgs.isEmpty())
 
-                || (pkcJwtSignatureValidator != null && pkcJwtSignatureValidator.jwkSetLoader.getContentAndJwksAlgs().jwksAlgs().isEmpty());
 
+            final boolean hasUsableJwksAndAlgorithms = (hmacJwtSignatureValidator != null
 
+                && false == hmacJwtSignatureValidator.jwksAlgs.isEmpty())
 
+                || (pkcJwtSignatureValidator != null
 
+                    && false == pkcJwtSignatureValidator.jwkSetLoader.getContentAndJwksAlgs().jwksAlgs().isEmpty());
 
             if (false == hasUsableJwksAndAlgorithms) {
 
             if (false == hasUsableJwksAndAlgorithms) {
 
                 logger.warn(
 
                 logger.warn(
 
                     "No available JWK and algorithm for HMAC or PKC. JWT realm authentication expected to fail until this is fixed."
 
                     "No available JWK and algorithm for HMAC or PKC. JWT realm authentication expected to fail until this is fixed."