From a6ee7a34b8faafa4fa8b8291f0566050e5b41285 Mon Sep 17 00:00:00 2001 From: Sergey Beryozkin Date: Thu, 6 Apr 2023 17:27:59 +0100 Subject: [PATCH] Fix NPE when OIDC TenantConfigResolver returns null --- .../quarkus/oidc/test/CodeFlowDevModeTestCase.java | 12 ++++++++++++ .../oidc/test/CustomTenantConfigResolver.java | 3 +++ .../oidc/runtime/DefaultTenantConfigResolver.java | 7 ++++++- 3 files changed, 21 insertions(+), 1 deletion(-) diff --git a/extensions/oidc/deployment/src/test/java/io/quarkus/oidc/test/CodeFlowDevModeTestCase.java b/extensions/oidc/deployment/src/test/java/io/quarkus/oidc/test/CodeFlowDevModeTestCase.java index 00e003db3d7da..410c8ee4f9275 100644 --- a/extensions/oidc/deployment/src/test/java/io/quarkus/oidc/test/CodeFlowDevModeTestCase.java +++ b/extensions/oidc/deployment/src/test/java/io/quarkus/oidc/test/CodeFlowDevModeTestCase.java @@ -124,6 +124,18 @@ private void useTenantConfigResolver() throws IOException, InterruptedException assertEquals("tenant-config-resolver:alice", page.getBody().asNormalizedText()); webClient.getCookieManager().clearCookies(); + try { + webClient.getPage("http://localhost:8080/protected/tenant/null-tenant"); + fail("401 status error is expected"); + } catch (FailingHttpStatusCodeException ex) { + assertEquals(401, ex.getStatusCode()); + } + try { + webClient.getPage("http://localhost:8080/protected/tenant/unknown-tenant"); + fail("401 status error is expected"); + } catch (FailingHttpStatusCodeException ex) { + assertEquals(401, ex.getStatusCode()); + } } } diff --git a/extensions/oidc/deployment/src/test/java/io/quarkus/oidc/test/CustomTenantConfigResolver.java b/extensions/oidc/deployment/src/test/java/io/quarkus/oidc/test/CustomTenantConfigResolver.java index 9bba5cbd1c82a..4b88cadd8a795 100644 --- a/extensions/oidc/deployment/src/test/java/io/quarkus/oidc/test/CustomTenantConfigResolver.java +++ b/extensions/oidc/deployment/src/test/java/io/quarkus/oidc/test/CustomTenantConfigResolver.java @@ -22,6 +22,9 @@ public Uni resolve(RoutingContext context, OidcRequestContext< config.setApplicationType(ApplicationType.WEB_APP); return Uni.createFrom().item(config); } + if (context.request().path().endsWith("/null-tenant")) { + return null; + } return Uni.createFrom().nullItem(); } diff --git a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/DefaultTenantConfigResolver.java b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/DefaultTenantConfigResolver.java index 721ab284016ae..946a02998deae 100644 --- a/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/DefaultTenantConfigResolver.java +++ b/extensions/oidc/runtime/src/main/java/io/quarkus/oidc/runtime/DefaultTenantConfigResolver.java @@ -185,7 +185,12 @@ private Uni getDynamicTenantConfig(RoutingContext context) { if (tenantConfigResolver.isResolvable()) { Uni oidcConfig = context.get(CURRENT_DYNAMIC_TENANT_CONFIG); if (oidcConfig == null) { - oidcConfig = tenantConfigResolver.get().resolve(context, blockingRequestContext).memoize().indefinitely(); + oidcConfig = tenantConfigResolver.get().resolve(context, blockingRequestContext); + if (oidcConfig == null) { + //shouldn't happen, but guard against it anyway + oidcConfig = Uni.createFrom().nullItem(); + } + oidcConfig = oidcConfig.memoize().indefinitely(); if (oidcConfig == null) { //shouldn't happen, but guard against it anyway oidcConfig = Uni.createFrom().nullItem();