You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@cxf.apache.org by "Levi Miller (JIRA)" <ji...@apache.org> on 2019/01/15 21:06:00 UTC

[jira] [Created] (CXF-7944) OAuthClientUtils hides error message if it contains a comma

Levi Miller created CXF-7944:
--------------------------------

             Summary: OAuthClientUtils hides error message if it contains a comma
                 Key: CXF-7944
                 URL: https://issues.apache.org/jira/browse/CXF-7944
             Project: CXF
          Issue Type: Bug
    Affects Versions: 3.2.7
            Reporter: Levi Miller


OAuthClientUtils.getAccessToken hides the response error if the error message contains a comma.

The root cause of this is that OAuthJSONProvider.readJSONResponse uses String.split(",") to parse the json string, which throws
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1{code}
if there are unexpected commas.

 

Stack trace:
{code:java}
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
	at java.lang.String.substring(Unknown Source)
	at org.apache.cxf.rs.security.oauth2.provider.OAuthJSONProvider.readJSONResponse(OAuthJSONProvider.java:310)
	at org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:312)
	at org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:231)
	at org.apache.cxf.rs.security.oauth2.client.OAuthClientUtils.getAccessToken(OAuthClientUtils.java:179){code}



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)