[keycloak-user] NullPointerException with empty attribute

Stian Thorgersen sthorger at redhat.com
Fri Apr 21 08:33:50 EDT 2017


+1

Please create a JIRA and if you'd like a PR including tests would be great.

On 21 April 2017 at 14:27, Rains, Chris <Chris.Rains at jtv.com> wrote:

> Hi,
>
> I’m seeing Keycloak throw a NullPointerException whenever an access token
> is being generated for a user with an empty attribute value. Here’s a
> snippet of the stack trace:
>
> Caused By: java.lang.NullPointerException
> at org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper.
> convertToType(OIDCAttributeMapperHelper.java:103)
> at org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper.
> mapAttributeValue(OIDCAttributeMapperHelper.java:77)
> at org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper.mapClaim(
> OIDCAttributeMapperHelper.java:147)
> at org.keycloak.protocol.oidc.mappers.UserAttributeMapper.
> setClaim(UserAttributeMapper.java:98)
> at org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.
> transformAccessToken(AbstractOIDCProtocolMapper.java:81)
> at org.keycloak.protocol.oidc.TokenManager.transformAccessToken(
> TokenManager.java:520)
> at org.keycloak.protocol.oidc.TokenManager.createClientAccessToken(
> TokenManager.java:324)
> at org.keycloak.protocol.oidc.TokenManager$AccessTokenResponseBuilder.
> generateAccessToken(TokenManager.java:674)
>
> Looking at OIDCAttributeMapperHelper.java, this seems to be happening
> because no null check is being performed on attributeValue in
> convertToType. Therefore, I think we would just need to add a null check at
> the beginning of convertToType:
>
> if (attributeValue == null) return null;
>
> Would this be a reasonable solution?
>
> Thanks!
> - Chris Rains
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user


More information about the keycloak-user mailing list