From 05bd51ac1cf2bb23285c4356184283d719db39ab Mon Sep 17 00:00:00 2001
From: Scott Rossillo <srossillo@smartling.com>
Date: Tue, 16 Jun 2015 21:54:24 -0400
Subject: [PATCH] WrappedHttpServletRequest may throw an exception returning
 cookies

HttpServletRequest.getCookies() may return null
---
 .../facade/WrappedHttpServletRequest.java              |  6 ++++++
 .../facade/WrappedHttpServletRequestTest.java          | 10 +++++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java
index e2e5ba40f5..c72888fb0c 100755
--- a/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java
+++ b/integration/spring-security/src/main/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequest.java
@@ -64,6 +64,12 @@ class WrappedHttpServletRequest implements Request {
     @Override
     public Cookie getCookie(String cookieName) {
 
+        javax.servlet.http.Cookie[] cookies = request.getCookies();
+
+        if (cookies == null) {
+            return null;
+        }
+
         for (javax.servlet.http.Cookie cookie : request.getCookies()) {
             if (cookie.getName().equals(cookieName)) {
                 return new Cookie(cookie.getName(), cookie.getValue(), cookie.getVersion(), cookie.getDomain(), cookie.getPath());
diff --git a/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequestTest.java b/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequestTest.java
index 91ec35bfa3..80d682e633 100644
--- a/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequestTest.java
+++ b/integration/spring-security/src/test/java/org/keycloak/adapters/springsecurity/facade/WrappedHttpServletRequestTest.java
@@ -24,10 +24,11 @@ public class WrappedHttpServletRequestTest {
     private static final String QUERY_PARM_2 = "code2";
 
     private WrappedHttpServletRequest request;
+    private MockHttpServletRequest mockHttpServletRequest;
 
     @Before
     public void setUp() throws Exception {
-        MockHttpServletRequest mockHttpServletRequest = new MockHttpServletRequest();
+        mockHttpServletRequest = new MockHttpServletRequest();
         request = new WrappedHttpServletRequest(mockHttpServletRequest);
 
         mockHttpServletRequest.setMethod(REQUEST_METHOD);
@@ -75,6 +76,13 @@ public class WrappedHttpServletRequestTest {
         assertNotNull(request.getCookie(COOKIE_NAME));
     }
 
+    @Test
+    public void testGetCookieCookiesNull() throws Exception
+    {
+        mockHttpServletRequest.setCookies(null);
+        request.getCookie(COOKIE_NAME);
+    }
+
     @Test
     public void testGetHeader() throws Exception {
         String header = request.getHeader(HEADER_SINGLE_VALUE);