cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From serg...@apache.org
Subject cxf git commit: Preventing a possible NPE in IdTokenResponseFilter
Date Wed, 01 Jun 2016 15:33:02 GMT
Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes 92efba580 -> a6af7bddf


Preventing a possible NPE in IdTokenResponseFilter


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/a6af7bdd
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/a6af7bdd
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/a6af7bdd

Branch: refs/heads/3.1.x-fixes
Commit: a6af7bddf7c00e0d8d6db4f84ac87dd93bd2a9e8
Parents: 92efba5
Author: Sergey Beryozkin <sberyozkin@gmail.com>
Authored: Wed Jun 1 16:31:30 2016 +0100
Committer: Sergey Beryozkin <sberyozkin@gmail.com>
Committed: Wed Jun 1 16:32:42 2016 +0100

----------------------------------------------------------------------
 .../oidc/idp/IdTokenResponseFilter.java         | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/a6af7bdd/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
index ecf019b..08d6735 100644
--- a/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
+++ b/rt/rs/security/sso/oidc/src/main/java/org/apache/cxf/rs/security/oidc/idp/IdTokenResponseFilter.java
@@ -73,16 +73,18 @@ public class IdTokenResponseFilter extends OAuthServerJoseJwtProducer
implements
             return st.getSubject().getProperties().get(OidcUtils.ID_TOKEN);
         } else if (st.getSubject() instanceof OidcUserSubject) {
             OidcUserSubject sub = (OidcUserSubject)st.getSubject();
-            IdToken idToken = new IdToken(sub.getIdToken());
-            idToken.setAudience(st.getClient().getClientId());
-            idToken.setAuthorizedParty(st.getClient().getClientId());
-            // if this token was refreshed then the cloned IDToken might need to have its
-            // issuedAt and expiry time properties adjusted if it proves to be necessary
-            setAtHashAndNonce(idToken, st);
-            return processJwt(new JwtToken(idToken), st.getClient());
-        } else {
-            return null;
+            if (sub.getIdToken() != null) {
+                IdToken idToken = new IdToken(sub.getIdToken());
+                idToken.setAudience(st.getClient().getClientId());
+                idToken.setAuthorizedParty(st.getClient().getClientId());
+                // if this token was refreshed then the cloned IDToken might need to have
its
+                // issuedAt and expiry time properties adjusted if it proves to be necessary
+                setAtHashAndNonce(idToken, st);
+                return processJwt(new JwtToken(idToken), st.getClient());
+            }
         }
+        return null;
+        
     }
     private void setAtHashAndNonce(IdToken idToken, ServerAccessToken st) {
         String rType = st.getResponseType();


Mime
View raw message