Fix NPE if user not exists
Check "userSession.getId().equals(clientUser.getId())" fails if getUserFromToken return non existed user. It is happens when AccessToken.subject relates to non existed user. Closes #16297
This commit is contained in:
parent
665dec19c0
commit
d900540034
2 changed files with 5 additions and 5 deletions
|
@ -234,6 +234,9 @@ public class KeycloakIdentity implements Identity {
|
|||
}
|
||||
|
||||
UserModel userSession = getUserFromToken();
|
||||
if (userSession == null) {
|
||||
throw new IllegalArgumentException("User from token not found");
|
||||
}
|
||||
|
||||
this.resourceServer = clientUser != null && userSession.getId().equals(clientUser.getId());
|
||||
|
||||
|
|
|
@ -356,13 +356,10 @@ public class TokenManager {
|
|||
|
||||
// Fallback to lookup user based on username (preferred_username claim)
|
||||
if (token.getPreferredUsername() != null) {
|
||||
user = session.users().getUserByUsername(realm, token.getPreferredUsername());
|
||||
if (user != null) {
|
||||
return user;
|
||||
}
|
||||
return session.users().getUserByUsername(realm, token.getPreferredUsername());
|
||||
}
|
||||
|
||||
return user;
|
||||
return null;
|
||||
}
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue