You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by re...@apache.org on 2016/05/26 21:45:58 UTC

[30/50] [abbrv] cxf git commit: NPE fix

NPE fix


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/05b12529
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/05b12529
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/05b12529

Branch: refs/heads/master-jaxrs-2.1
Commit: 05b12529f2bb037aa2c73564455c1b511ef715aa
Parents: 1e4b961
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Mon May 23 17:11:33 2016 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Mon May 23 17:13:20 2016 +0100

----------------------------------------------------------------------
 .../rs/security/oauth2/client/MemoryClientCodeStateManager.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/05b12529/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
----------------------------------------------------------------------
diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
index 33a95df..90b9e5c 100644
--- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
+++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/client/MemoryClientCodeStateManager.java
@@ -56,7 +56,7 @@ public class MemoryClientCodeStateManager implements ClientCodeStateManager {
                                                             MultivaluedMap<String, String> redirectState) {
         String stateParam = redirectState.getFirst(OAuthConstants.STATE);
         String sessionToken = OAuthUtils.getSessionToken(mc, "state");
-        if (!sessionToken.equals(stateParam)) {
+        if (sessionToken == null || !sessionToken.equals(stateParam)) {
             throw new OAuthServiceException("Invalid session token");
         }
         return map.remove(stateParam);