From 530b99c933683799bee1d0fa01ef40d55e3f6bbb Mon Sep 17 00:00:00 2001
From: Peter Skopek <pskopek@redhat.com>
Date: Thu, 16 Jan 2020 09:33:36 +0100
Subject: [PATCH] KEYCLOAK-12281 Fix export/import for users that have custom
 credential algorithms with no salt - do not swallow exception when decoding
 salt

---
 .../org/keycloak/models/credential/dto/PasswordSecretData.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordSecretData.java b/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordSecretData.java
index 33fc545569..dec870c5ef 100644
--- a/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordSecretData.java
+++ b/server-spi/src/main/java/org/keycloak/models/credential/dto/PasswordSecretData.java
@@ -16,7 +16,7 @@ public class PasswordSecretData {
 
     @JsonCreator
     public PasswordSecretData(@JsonProperty("value") String value, @JsonProperty("salt") String salt) throws IOException {
-        if ("__SALT__".equals(salt)) {
+        if (salt == null || "__SALT__".equals(salt)) {
             this.value = value;
             this.salt = null;
         }