KEYCLOAK-2547 NPE in TokenEndpoint and InfinispanUserSessionProvider

This commit is contained in:
Stian Thorgersen 2016-03-03 10:45:05 +01:00
parent 402feb9710
commit b4239c40c1
2 changed files with 23 additions and 14 deletions

View file

@ -270,7 +270,9 @@ public class InfinispanUserSessionProvider implements UserSessionProvider {
@Override
public void removeUserSession(RealmModel realm, UserSessionModel session) {
UserSessionEntity entity = getUserSessionEntity(session, false);
removeUserSession(realm, entity, false);
if (entity != null) {
removeUserSession(realm, entity, false);
}
}
@Override
@ -553,7 +555,7 @@ public class InfinispanUserSessionProvider implements UserSessionProvider {
return ((UserSessionAdapter) userSession).getEntity();
} else {
Cache<String, SessionEntity> cache = getCache(offline);
return (UserSessionEntity) cache.get(userSession.getId());
return cache != null ? (UserSessionEntity) cache.get(userSession.getId()) : null;
}
}
@ -578,7 +580,9 @@ public class InfinispanUserSessionProvider implements UserSessionProvider {
@Override
public void removeOfflineUserSession(RealmModel realm, UserSessionModel userSession) {
UserSessionEntity userSessionEntity = getUserSessionEntity(userSession, true);
removeUserSession(realm, userSessionEntity, true);
if (userSessionEntity != null) {
removeUserSession(realm, userSessionEntity, true);
}
}
@Override

View file

@ -222,6 +222,22 @@ public class TokenEndpoint {
accessCode.setAction(null);
UserSessionModel userSession = clientSession.getUserSession();
if (userSession == null) {
event.error(Errors.USER_SESSION_NOT_FOUND);
throw new ErrorResponseException("invalid_grant", "User session not found", Response.Status.BAD_REQUEST);
}
UserModel user = userSession.getUser();
if (user == null) {
event.error(Errors.USER_NOT_FOUND);
throw new ErrorResponseException("invalid_grant", "User not found", Response.Status.BAD_REQUEST);
}
if (!user.isEnabled()) {
event.error(Errors.USER_DISABLED);
throw new ErrorResponseException("invalid_grant", "User disabled", Response.Status.BAD_REQUEST);
}
event.user(userSession.getUser());
event.session(userSession.getId());
@ -241,17 +257,6 @@ public class TokenEndpoint {
throw new ErrorResponseException("invalid_grant", "Client not allowed to exchange code", Response.Status.BAD_REQUEST);
}
UserModel user = session.users().getUserById(userSession.getUser().getId(), realm);
if (user == null) {
event.error(Errors.USER_NOT_FOUND);
throw new ErrorResponseException("invalid_grant", "User not found", Response.Status.BAD_REQUEST);
}
if (!user.isEnabled()) {
event.error(Errors.USER_DISABLED);
throw new ErrorResponseException("invalid_grant", "User disabled", Response.Status.BAD_REQUEST);
}
if (!AuthenticationManager.isSessionValid(realm, userSession)) {
event.error(Errors.USER_SESSION_NOT_FOUND);
throw new ErrorResponseException("invalid_grant", "Session not active", Response.Status.BAD_REQUEST);