From c71fdc72c704ffa816a86cdfc55a062ee75f009e Mon Sep 17 00:00:00 2001
From: Bill Burke <bburke@redhat.com>
Date: Mon, 16 Jun 2014 10:43:50 -0400
Subject: [PATCH] keycloak-518

---
 .../java/org/keycloak/RSATokenVerifier.java   |  7 ++++++-
 .../testsuite/adapter/AdapterTest.java        | 19 +++++++++++++++++++
 2 files changed, 25 insertions(+), 1 deletion(-)

diff --git a/core/src/main/java/org/keycloak/RSATokenVerifier.java b/core/src/main/java/org/keycloak/RSATokenVerifier.java
index 0a55fd1137..da258c3051 100755
--- a/core/src/main/java/org/keycloak/RSATokenVerifier.java
+++ b/core/src/main/java/org/keycloak/RSATokenVerifier.java
@@ -17,7 +17,12 @@ public class RSATokenVerifier {
     }
 
     public static AccessToken verifyToken(String tokenString, PublicKey realmKey, String realm, boolean checkActive) throws VerificationException {
-        JWSInput input = new JWSInput(tokenString);
+        JWSInput input = null;
+        try {
+            input = new JWSInput(tokenString);
+        } catch (Exception e) {
+            throw new VerificationException("Couldn't parse token", e);
+        }
         if (!isPublicKeyValid(input, realmKey)) throw new VerificationException("Invalid token signature.");
 
         AccessToken token;
diff --git a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java
index c7f1d4da34..d478a1ec4b 100755
--- a/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java
+++ b/testsuite/integration/src/test/java/org/keycloak/testsuite/adapter/AdapterTest.java
@@ -55,6 +55,7 @@ import javax.ws.rs.client.ClientBuilder;
 import javax.ws.rs.client.WebTarget;
 import javax.ws.rs.core.GenericType;
 import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.Response;
 import javax.ws.rs.core.UriBuilder;
 import java.net.URL;
 import java.security.PublicKey;
@@ -280,4 +281,22 @@ public class AdapterTest {
         keycloakSession.getTransaction().commit();
         keycloakSession.close();
     }
+
+    /**
+     * KEYCLOAK-518
+     * @throws Exception
+     */
+    @Test
+    public void testNullBearerToken() throws Exception {
+        Client client = ClientBuilder.newClient();
+        WebTarget target = client.target("http://localhost:8081/customer-db");
+        Response response = target.request().get();
+        Assert.assertEquals(401, response.getStatus());
+        response.close();
+        response = target.request().header(HttpHeaders.AUTHORIZATION, "Bearer null").get();
+        Assert.assertEquals(401, response.getStatus());
+        response.close();
+        client.close();
+
+    }
 }