Uploaded image for project: 'ZZZ-WSO2 Identity Server'
  1. ZZZ-WSO2 Identity Server
  2. IDENTITY-5581

oauth2/authorize call throws a NPE when the session is expired

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: High
    • Resolution: Fixed
    • Affects Version/s: 5.2.0-RC, 5.3.0-RC2
    • Fix Version/s: 5.4.0-M1
    • Component/s: oauth
    • Labels:
      None
    • Severity:
      Major
    • Estimated Complexity:
      Moderate
    • Test cases added:
      Yes

      Description

      How to reproduce:

      Configure Oauth2/Openid service provider and login in to playground2 application. Wait for the session to expire in IS (15min in default). Then call

       https://localhost:9443/oauth2/authorize?client_id=<CLIENTID>&scope=openid&response_type=code&prompt=none&redirect_uri=<REDIRECT URI> 

      NPE is thrown from [1]

      [1] https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/master/components/org.wso2.carbon.identity.oauth.endpoint/src/main/java/org/wso2/carbon/identity/oauth/endpoint/authz/OAuth2AuthzEndpoint.java#L339

        Attachments

          Activity

            People

            • Assignee:
              lanka@wso2.com Pushpalanka Jayawardhana
              Reporter:
              nuwandiw@wso2.com Nuwandi Wickramasinghe
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: