Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-10115

NPE thrown if redirect_uri was missing from authorization code

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 13.5.0
    • Fix Version/s: 13.5.1, 14.0.0
    • Component/s: oauth2
    • Labels:
    • Sprint:
      AM Sustaining Sprint 32
    • Story Points:
      0.5
    • Support Ticket IDs:

      Description

      access_token endpoint will throw NPE if grant_type=authorization_code was used and authorization code was missing redirect_uri.

      OAuth2Provider:11/28/2016 10:22:41:313 PM UTC: Thread[http-bio-8080-exec-8,5,main]: TransactionId[08d61470-67ca-41ce-b9ba-db43e83ce4a0-5128]
      WARNING: Unhandled exception: Internal Server Error (500) - The server encountered an unexpected condition which prevented it from fulfilling the request
      Internal Server Error (500) - The server encountered an unexpected condition which prevented it from fulfilling the request
        :
      Caused by: java.lang.NullPointerException
              at org.forgerock.oauth2.core.AuthorizationCodeGrantTypeHandler.handle(AuthorizationCodeGrantTypeHandler.java:120)
              at org.forgerock.oauth2.core.GrantTypeHandler.handle(GrantTypeHandler.java:82)
              at org.forgerock.oauth2.core.AccessTokenService.requestAccessToken(AccessTokenService.java:114)
              at org.forgerock.oauth2.restlet.TokenEndpointResource.token(TokenEndpointResource.java:87)
              at sun.reflect.GeneratedMethodAccessor98.invoke(Unknown Source)
              at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
              at java.lang.reflect.Method.invoke(Method.java:606)
              at org.restlet.resource.ServerResource.doHandle(ServerResource.java:520)
      

        Attachments

          Activity

            People

            • Assignee:
              sachiko Sachiko Wallace
              Reporter:
              sachiko Sachiko Wallace
              QA Assignee:
              Philip Anderson
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: