Flaky test: org.keycloak.testsuite.oauth.TokenIntrospectionTest#testUnsupportedToken

Closes #30111 Signed-off-by: Douglas Palmer <dpalmer@redhat.com>
2024-06-26 22:16:06 -07:00 · 2024-06-26 22:16:06 -07:00 · 601355d517
commit 601355d517
parent 30264c7dd4
1 changed files with 6 additions and 4 deletions
--- a/services/src/main/java/org/keycloak/protocol/oidc/AccessTokenIntrospectionProvider.java
+++ b/services/src/main/java/org/keycloak/protocol/oidc/AccessTokenIntrospectionProvider.java
@ -112,10 +112,12 @@ public class AccessTokenIntrospectionProvider implements TokenIntrospectionProvi
            tokenMetadata.put("active", userSession != null);

            // if consumer requests application/jwt return a JWT representation of the introspection contents in an jwt field
-            boolean isJwtRequest = org.keycloak.utils.MediaType.APPLICATION_JWT.equals(session.getContext().getRequestHeaders().getHeaderString(HttpHeaders.ACCEPT));
-            if (isJwtRequest && Boolean.parseBoolean(client.getAttribute(Constants.SUPPORT_JWT_CLAIM_IN_INTROSPECTION_RESPONSE_ENABLED))) {
-                // consumers can use this to convert an opaque token into an JWT based token
-                tokenMetadata.put("jwt", session.tokens().encode(accessToken));
+            if (accessToken != null) {
+                boolean isJwtRequest = org.keycloak.utils.MediaType.APPLICATION_JWT.equals(session.getContext().getRequestHeaders().getHeaderString(HttpHeaders.ACCEPT));
+                if (isJwtRequest && Boolean.parseBoolean(client.getAttribute(Constants.SUPPORT_JWT_CLAIM_IN_INTROSPECTION_RESPONSE_ENABLED))) {
+                    // consumers can use this to convert an opaque token into an JWT based token
+                    tokenMetadata.put("jwt", session.tokens().encode(accessToken));
+                }
            }

            return Response.ok(JsonSerialization.writeValueAsBytes(tokenMetadata)).type(MediaType.APPLICATION_JSON_TYPE).build();