Skip to content

SOLR-18073 JWT Authentication plugin now supports matching non-string claims #4049

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
janhoy wants to merge 1 commit into
base: main
Choose a base branch
from
Open

SOLR-18073 JWT Authentication plugin now supports matching non-string claims #4049

janhoy wants to merge 1 commit into from
+47 −2

Conversation

@janhoy
Copy link
Contributor

@janhoy janhoy commented Jan 14, 2026

https://issues.apache.org/jira/browse/SOLR-18073

Thanks to Tony Panza for bug report with failing unit test

@janhoy janhoy requested a review from Copilot January 14, 2026 09:52
Copilot AI reviewed Jan 14, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes a bug in the JWT Authentication plugin where non-string claims (such as boolean values) could not be matched during authentication. The fix converts claim values to strings before pattern matching, enabling support for boolean and other non-string claim types as specified in the OIDC specification.

Changes:

  • Modified claim matching logic to handle non-string claim values by converting them to strings
  • Added test coverage for boolean claim matching scenarios
  • Added changelog entry documenting the bug fix

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated no comments.

File Description
solr/modules/jwt-auth/src/java/org/apache/solr/security/jwt/JWTAuthPlugin.java Changed from getStringClaimValue() to getClaimValue() with String.valueOf() conversion to support non-string claims
solr/modules/jwt-auth/src/test/org/apache/solr/security/jwt/JWTAuthPluginTest.java Added boolean claims to test data and comprehensive test method for boolean claim matching
changelog/unreleased/SOLR-18073-jwt-bool-claims.yml Added changelog entry for the bug fix

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@epugh epugh epugh approved these changes

Assignees

No one assigned

Labels

cat:security module:jwt-auth tests

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@janhoy @epugh