[Test] Service Accounts - Remove colon from invalid token name genera…

…tor (elastic#71099) The colon character is interpreted as the separate between token name and token secret. So if a token name contains a colon, it is in theory invalid. But the parser takes only the part before the colon as the token name and thus consider it as a valid token name. Subsequent authentication will still fail. But for tests, this generates a different exception and fails the expectation. This PR removes the colon char from being used to generate invalid token names for simplicity.
ywangd · Apr 8, 2021 · 2611310 · 2611310
1 parent 2bbe346
commit 2611310
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/...ity/src/main/java/org/elasticsearch/xpack/security/authc/service/ServiceAccountToken.java b/...ity/src/main/java/org/elasticsearch/xpack/security/authc/service/ServiceAccountToken.java
@@ -130,6 +130,11 @@ public void close() {
         secret.close();
     }
 
+    @Override
+    public String toString() {
+        return getQualifiedName();
+    }
+
     @Override
     public boolean equals(Object o) {
         if (this == o)

diff --git a/...rc/test/java/org/elasticsearch/xpack/security/authc/service/ServiceAccountTokenTests.java b/...rc/test/java/org/elasticsearch/xpack/security/authc/service/ServiceAccountTokenTests.java
@@ -33,7 +33,7 @@ public class ServiceAccountTokenTests extends ESTestCase {
     );
 
     private static final Set<Character> INVALID_TOKEN_NAME_CHARS = Set.of(
-        '!', '"', '#', '$', '%', '&', '\'', '(', ')', '*', '+', ',', '.', '/', ':', ';', '<', '=', '>', '?', '@', '[',
+        '!', '"', '#', '$', '%', '&', '\'', '(', ')', '*', '+', ',', '.', '/', ';', '<', '=', '>', '?', '@', '[',
         '\\', ']', '^', '`', '{', '|', '}', '~', ' ', '\t', '\n', '\r');
 
     public void testIsValidTokenName() {