Uploaded image for project: 'OpenIDM'
  1. OpenIDM
  2. OPENIDM-10471

NPE X-OpenIDM-OAuth-Login: true without providing any token when invoking REST API

    Details

      Description

      Issue a REST call with OAuth login, but without providing any token:

      $ curl 'http://openidm.example.com:8080/openidm/managed/user/6b1d44e5-7bcd-416e-bf1e-b743f378874d' -H 'Content-Type: application/json' -H 'X-OpenIDM-OAuth-Login: true' -H 'Referer: http://openidm.example.com:8080'

      ==> Return with no response. In the console:

      Mar 16, 2018 2:15:00 PM org.forgerock.http.servlet.HttpFrameworkServlet lambda$service$1
      SEVERE: RuntimeException caught
      java.lang.NullPointerException
      at java.util.concurrent.ConcurrentHashMap.get(ConcurrentHashMap.java:936)
      at org.forgerock.openidm.idp.impl.IdentityProviderService.getIdentityProvider(IdentityProviderService.java:300)
      at org.forgerock.openidm.auth.modules.SocialAuthModule.validateRequest(SocialAuthModule.java:141)
      at org.forgerock.openidm.auth.modules.IDMAuthModuleWrapper.validateRequest(IDMAuthModuleWrapper.java:126)
      at org.forgerock.openidm.auth.modules.RunAsModuleWrapper.validateRequest(RunAsModuleWrapper.java:120)
      at org.forgerock.caf.authentication.framework.AuthModules$WrappedAuthModule.validateRequest(AuthModules.java:515)
      at org.forgerock.caf.authentication.framework.AuthModules$LoggingAuthModule.validateRequest(AuthModules.java:426)
      at org.forgerock.caf.authentication.framework.AuthModules$WrappedAuthModule.validateRequest(AuthModules.java:515)
      at org.forgerock.caf.authentication.framework.AuthModules$AuditingAuthModule.validateRequest(AuthModules.java:330)
      at org.forgerock.caf.authentication.framework.AuthModules$WrappedAuthModule.validateRequest(AuthModules.java:515)
      at org.forgerock.caf.authentication.framework.AuthModules$ValidatingAuthModule.validateRequest(AuthModules.java:289)
      at org.forgerock.caf.authentication.framework.FallbackAuthContext$FallbackChain.validateRequest(FallbackAuthContext.java:109)
      at org.forgerock.caf.authentication.framework.FallbackAuthContext$FallbackChain.lambda$validateRequest$1(FallbackAuthContext.java:122)
      at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
      at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:216)
      at org.forgerock.caf.authentication.framework.FallbackAuthContext$FallbackChain.validateRequest(FallbackAuthContext.java:120)
      at org.forgerock.caf.authentication.framework.FallbackAuthContext$FallbackChain.lambda$validateRequest$1(FallbackAuthContext.java:122)
      at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
      at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:216)
      at org.forgerock.caf.authentication.framework.FallbackAuthContext$FallbackChain.validateRequest(FallbackAuthContext.java:120)
      at org.forgerock.caf.authentication.framework.FallbackAuthContext$FallbackChain.lambda$validateRequest$1(FallbackAuthContext.java:122)
      at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
      at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:216)
      at org.forgerock.caf.authentication.framework.FallbackAuthContext$FallbackChain.validateRequest(FallbackAuthContext.java:120)
      at org.forgerock.caf.authentication.framework.FallbackAuthContext$FallbackChain.access$100(FallbackAuthContext.java:91)
      at org.forgerock.caf.authentication.framework.FallbackAuthContext.validateRequest(FallbackAuthContext.java:88)
      at org.forgerock.caf.authentication.framework.AggregateAuthContext.lambda$validateRequest$1(AggregateAuthContext.java:82)
      at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:252)
      at org.forgerock.util.promise.Promises$CompletedPromise.thenAsync(Promises.java:216)
      at org.forgerock.caf.authentication.framework.AggregateAuthContext.validateRequest(AggregateAuthContext.java:80)
      at org.forgerock.caf.authentication.framework.AuthContexts$WrappedAuthContext.validateRequest(AuthContexts.java:322)
      at org.forgerock.caf.authentication.framework.AuthContexts$LoggingAuthContext.validateRequest(AuthContexts.java:263)
      at org.forgerock.caf.authentication.framework.AuthContexts$WrappedAuthContext.validateRequest(AuthContexts.java:322)
      at org.forgerock.caf.authentication.framework.AuthContexts$AuditingAuthContext.validateRequest(AuthContexts.java:216)
      at org.forgerock.caf.authentication.framework.AuthContexts$WrappedAuthContext.validateRequest(AuthContexts.java:322)
      at org.forgerock.caf.authentication.framework.AuthContexts$ValidatingAuthContext.validateRequest(AuthContexts.java:182)
      at org.forgerock.caf.authentication.framework.AuthenticationFramework.validateRequest(AuthenticationFramework.java:142)
      at org.forgerock.caf.authentication.framework.AuthenticationFramework.processMessage(AuthenticationFramework.java:134)
      at org.forgerock.caf.authentication.framework.AuthenticationFilter.filter(AuthenticationFilter.java:84)
      at org.forgerock.openidm.auth.AuthFilterWrapper.filter(AuthFilterWrapper.java:87)
      at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      at org.forgerock.http.filter.TransactionIdInboundFilter.filter(TransactionIdInboundFilter.java:75)
      at org.forgerock.http.handler.Handlers$1.handle(Handlers.java:53)
      at org.forgerock.http.servlet.HttpFrameworkServlet.service(HttpFrameworkServlet.java:254)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
      at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669)
      at org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:257)
      at org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:220)
      at sun.reflect.GeneratedMethodAccessor95.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      at java.lang.reflect.Method.invoke(Method.java:498)
      at org.forgerock.openidm.servletregistration.impl.ServletRegistrationSingleton$FilterProxy.invoke(ServletRegistrationSingleton.java:296)
      at com.sun.proxy.$Proxy53.doFilter(Unknown Source)
      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
      at org.eclipse.jetty.servlets.UserAgentFilter.doFilter(UserAgentFilter.java:83)
      at org.eclipse.jetty.servlets.GzipFilter.doFilter(GzipFilter.java:365)
      at sun.reflect.GeneratedMethodAccessor95.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
      at java.lang.reflect.Method.invoke(Method.java:498)
      at org.forgerock.openidm.servletregistration.impl.ServletRegistrationSingleton$FilterProxy.invoke(ServletRegistrationSingleton.java:296)
      at com.sun.proxy.$Proxy53.doFilter(Unknown Source)
      at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
      at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
      at org.ops4j.pax.web.service.jetty.internal.HttpServiceServletHandler.doHandle(HttpServiceServletHandler.java:71)
      at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
      at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:577)
      at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
      at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
      at org.ops4j.pax.web.service.jetty.internal.HttpServiceContext.doHandle(HttpServiceContext.java:276)
      at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
      at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
      at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
      at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
      at org.ops4j.pax.web.service.jetty.internal.JettyServerHandlerCollection.handle(JettyServerHandlerCollection.java:80)
      at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
      at org.eclipse.jetty.server.Server.handle(Server.java:499)
      at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
      at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
      at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
      at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
      at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
      at java.lang.Thread.run(Thread.java:748)
      
      

        Attachments

          Activity

            People

            • Assignee:
              alin Alin Brici
              Reporter:
              patrickdiligent patrick diligent
            • Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: