[keycloak-dev] How to handle empty strings returned by Social login providers in user info - KEYCLOAK-1182
Vlastimil Elias
velias at redhat.com
Tue Apr 7 04:57:16 EDT 2015
Hi,
during latest testing I find problem with empty string returned in email
field from GitHub social provider, which causes http 500 error in later
processing (but seems under some other circumstances only, not for all
cases), see https://issues.jboss.org/browse/KEYCLOAK-1182
When I look into the code used to take used profile informations (email,
name, id) from Social provider REST responses, it simply takes what is
returned and do not care too much what is here.
But other Keycloak code (eg search user by email etc) typically only
check for null values when testing "existence" of information. If value
is not null then it takes it as existing one, so empty strings may bring
problems here as it is used as valid email later.
I believe KC should look at what is returned from Social providers and
convert empty strings to null values.
It is only small change at one place -
AbstractOAuth2IdentityProvider.getJsonProperty() which resolves this
problem.
What do you think about this solution?
I have patch prepared and it works, I can post it as pull request after
some additional testing.
Vl.
--
Vlastimil Elias
Principal Software Engineer
jboss.org Development Team
More information about the keycloak-dev
mailing list