[NXP-29697] Fix NPE if realm_access is not present in the Keycloak token - Nuxeo Issue Tracker

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: 10.10
Fix Version/s: 10.10-HF34, 11.4, 2021.0
Component/s: Authentication

Tags:
- SupCom
- noRNS
- nxCB
Backlog priority:
300
Sprint:
CB Sprint 1, CB Sprint 2
Story Points:
1

Description

Although the "realm_access" information is not mandatory to authenticate, its absence will provoke a NPE:

2020-09-11T08:51:29,070 ERROR [DefaultNuxeoExceptionHandler] java.lang.NullPointerException
        at org.nuxeo.ecm.platform.ui.web.keycloak.KeycloakAuthenticationPlugin.getRoles(KeycloakAuthenticationPlugin.java:176)
        at org.nuxeo.ecm.platform.ui.web.keycloak.KeycloakAuthenticationPlugin.handleRetrieveIdentity(KeycloakAuthenticationPlugin.java:126)
        at org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.handleRetrieveIdentity(NuxeoAuthenticationFilter.java:1151)
        at org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doFilterInternal(NuxeoAuthenticationFilter.java:550)
        at org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doFilter(NuxeoAuthenticationFilter.java:431)