diff --git a/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java b/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java index dba3c5b170f5..3ad4326004dc 100644 --- a/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java +++ b/server/sonar-auth-saml/src/main/java/org/sonar/auth/saml/SamlAuthenticator.java @@ -78,7 +78,7 @@ public UserIdentity buildUserIdentity(OAuth2IdentityProvider.CallbackContext con .setProviderLogin(login) .setName(this.getName(auth)); this.getEmail(auth).ifPresent(userIdentityBuilder::setEmail); - userIdentityBuilder.setGroups(this.getGroups(auth)); + this.getGroups(auth).ifPresent(userIdentityBuilder::setGroups); return userIdentityBuilder.build(); } @@ -169,8 +169,8 @@ private Optional getEmail(Auth auth) { return samlSettings.getUserEmail().map(userEmailField -> getFirstAttribute(auth, userEmailField)); } - private Set getGroups(Auth auth) { - return samlSettings.getGroupName().map(groupsField -> getGroups(auth, groupsField)).orElse(emptySet()); + private Optional> getGroups(Auth auth) { + return samlSettings.getGroupName().map(groupsField -> getGroups(auth, groupsField)); } private static String getNonNullFirstAttribute(Auth auth, String key) { diff --git a/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlIdentityProviderTest.java b/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlIdentityProviderTest.java index 5fdc4a9485ea..13122e38cae2 100644 --- a/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlIdentityProviderTest.java +++ b/server/sonar-auth-saml/src/test/java/org/sonar/auth/saml/SamlIdentityProviderTest.java @@ -247,6 +247,7 @@ public void callback_does_not_sync_group_when_group_setting_is_not_set() { assertThat(callbackContext.userIdentity.getProviderLogin()).isEqualTo("johndoe"); assertThat(callbackContext.userIdentity.getGroups()).isEmpty(); + assertThat(callbackContext.userIdentity.shouldSyncGroups()).isFalse(); } @Test