[keycloak-user] NullPointerException with empty attribute
Marek Posolda
mposolda at redhat.com
Fri Apr 21 08:36:50 EDT 2017
+1
Feel free to create JIRA . And ideally also send PR with the test :)
Maybe to OIDCProtocolMappersTest.
Marek
On 21/04/17 14:27, Rains, Chris wrote:
> Hi,
>
> I’m seeing Keycloak throw a NullPointerException whenever an access token is being generated for a user with an empty attribute value. Here’s a snippet of the stack trace:
>
> Caused By: java.lang.NullPointerException
> at org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper.convertToType(OIDCAttributeMapperHelper.java:103)
> at org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper.mapAttributeValue(OIDCAttributeMapperHelper.java:77)
> at org.keycloak.protocol.oidc.mappers.OIDCAttributeMapperHelper.mapClaim(OIDCAttributeMapperHelper.java:147)
> at org.keycloak.protocol.oidc.mappers.UserAttributeMapper.setClaim(UserAttributeMapper.java:98)
> at org.keycloak.protocol.oidc.mappers.AbstractOIDCProtocolMapper.transformAccessToken(AbstractOIDCProtocolMapper.java:81)
> at org.keycloak.protocol.oidc.TokenManager.transformAccessToken(TokenManager.java:520)
> at org.keycloak.protocol.oidc.TokenManager.createClientAccessToken(TokenManager.java:324)
> at org.keycloak.protocol.oidc.TokenManager$AccessTokenResponseBuilder.generateAccessToken(TokenManager.java:674)
>
> Looking at OIDCAttributeMapperHelper.java, this seems to be happening because no null check is being performed on attributeValue in convertToType. Therefore, I think we would just need to add a null check at the beginning of convertToType:
>
> if (attributeValue == null) return null;
>
> Would this be a reasonable solution?
>
> Thanks!
> - Chris Rains
>
>
> _______________________________________________
> keycloak-user mailing list
> keycloak-user at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/keycloak-user
More information about the keycloak-user
mailing list