From 52c9e440d6db859af972e4e9db656528b2372556 Mon Sep 17 00:00:00 2001 From: Stefan Guilhen Date: Fri, 10 May 2024 16:14:33 -0300 Subject: [PATCH] Guard against NPE when fetching users associated with user policies. Closes #28915 Signed-off-by: Stefan Guilhen --- .../policy/provider/user/UserPolicyProviderFactory.java | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/authz/policy/common/src/main/java/org/keycloak/authorization/policy/provider/user/UserPolicyProviderFactory.java b/authz/policy/common/src/main/java/org/keycloak/authorization/policy/provider/user/UserPolicyProviderFactory.java index 7a516040f6..a973396608 100644 --- a/authz/policy/common/src/main/java/org/keycloak/authorization/policy/provider/user/UserPolicyProviderFactory.java +++ b/authz/policy/common/src/main/java/org/keycloak/authorization/policy/provider/user/UserPolicyProviderFactory.java @@ -23,6 +23,7 @@ import java.util.Collections; import java.util.HashMap; import java.util.HashSet; import java.util.Map; +import java.util.Objects; import java.util.Set; import java.util.stream.Collectors; @@ -119,7 +120,12 @@ public class UserPolicyProviderFactory implements PolicyProviderFactory userProvider.getUserById(realm, id).getUsername()).collect(Collectors.toList()))); + config.put("users", JsonSerialization.writeValueAsString(userRep.getUsers().stream() + .map(id -> { + UserModel user = userProvider.getUserById(realm, id); + return user != null ? user.getUsername() : null; + }) + .filter(Objects::nonNull).collect(Collectors.toList()))); } catch (IOException cause) { throw new RuntimeException("Failed to export user policy [" + policy.getName() + "]", cause); }