Uploaded image for project: 'WildFly Elytron'
  1. WildFly Elytron
  2. ELY-2797

NullPointerException in OidcClientConfiguration.resolveUrls if parameter "request_parameter_supported" is not present in openid-configuration

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done
    • Icon: Major Major
    • 2.5.2.Final
    • 2.5.1.Final
    • None

      If openid-configuration does not contain request_parameter_supported (which is an optional value, see [1]) a NullPointerException is thrown in OidcClientConfiguration.resolveUrls.

      Wildfly/Elytron just logs "Unable to load OpenID provider metadata from XXX" and no further information is shown.

      We have analyzed this issue and the cause is that OidcProviderMetadata#requestParameterSupported is of type Boolean but in OidcClientConfiguration.resolveUrls it is cast without null check to boolean:

      [1]https://openid.net/specs/openid-connect-discovery-1_0.html

            rsearls r searls
            beth-soptim Thomas Beckers (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: