Fixing case sensitive scope validation issue..

wso2-extensions · Mar 15, 2022 · 49a816f · 49a816f
1 parent 4e0f315
commit 49a816f
Showing 1 changed file with 19 additions and 0 deletions.
diff --git a/...ty.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/JDBCScopeValidator.java b/...ty.oauth/src/main/java/org/wso2/carbon/identity/oauth2/validators/JDBCScopeValidator.java
@@ -397,8 +397,27 @@ private boolean isUserAuthorizedForScope(String scopeName, String[] userRoles, i
             return false;
         }
 
+
+	boolean preservedCaseSensitive = Boolean.parseBoolean(System.getProperty("preservedCaseSensitive"));
+
         //Check if the user still has a valid role for this scope.
         Set<String> scopeRoles = new HashSet<>(rolesOfScope);
+        if (!preservedCaseSensitive) {
+            rolesOfScope.retainAll(Arrays.asList(userRoles));
+        } else {
+
+            for (String roleOfScope : rolesOfScope) {
+                rolesOfScope.remove(roleOfScope);
+                rolesOfScope.add(roleOfScope.toLowerCase());
+            }
+
+            ArrayList<String> userRolesLowercase = new ArrayList<>();
+            for (String userRole : userRoles) {
+                userRolesLowercase.add(userRole.toLowerCase());
+            }
+            rolesOfScope.retainAll(userRolesLowercase);
+        }
+
         rolesOfScope.retainAll(Arrays.asList(userRoles));
 
         if (rolesOfScope.isEmpty()) {