[JENKINS-34792] Don't cast inconvertible un/pw token

Fixes JENKINS-34792
jenkinsci · Jun 3, 2016 · ba0fcbd · ba0fcbd
1 parent 2fb42f0
commit ba0fcbd
Showing 1 changed file with 8 additions and 2 deletions.
diff --git a/src/main/java/org/jenkinsci/plugins/BitbucketSecurityRealm.java b/src/main/java/org/jenkinsci/plugins/BitbucketSecurityRealm.java
@@ -159,10 +159,16 @@ public UserDetails loadUserByUsername(String username)  throws UserMayOrMayNotEx
     @Override
     public UserDetails loadUserByUsername(String username) {
         UserDetails result = null;
-        BitbucketAuthenticationToken authToken = (BitbucketAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
-        if (authToken == null) {
+        Authentication token = SecurityContextHolder.getContext().getAuthentication();
+        if (token == null) {
             throw new UsernameNotFoundException("BitbucketAuthenticationToken = null, no known user: " + username);
         }
+        BitbucketAuthenticationToken authToken;
+        if (token instanceof BitbucketAuthenticationToken) {
+          authToken = (BitbucketAuthenticationToken) token;
+        } else {
+          throw new UserMayOrMayNotExistException("Unexpected authentication type: " + token);
+        }
         result = new BitbucketApiService(clientID, clientSecret).getUserByUsername(username);
         if (result == null) {
             throw new UsernameNotFoundException("User does not exist for login: " + username);