8000 Missing null checks in IdentityProviderResource lead to NPE · Issue #38938 · keycloak/keycloak · GitHub 8000
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
Missing null checks in IdentityProviderResource lead to NPE #38938
New issue
New issue
Closed
#38939
Closed
Missing null checks in IdentityProviderResource lead to NPE#38938
#38939
Labels
area/admin/apikind/bugCategorizes a PR related to a bugrelease/26.3.0team/core-shared
@thomasdarimont

Description

@thomasdarimont
thomasdarimont
opened on Apr 14, 2025

Before reporting an issue

  • I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.

Area

admin/api

Describe the bug

We should add the missing null checks to IdentityProviderResource to make the resource more robust.

Version

26.2.0

Regression

  • The issue is a regression

Expected behavior

When an Identity provider is not found, requests to sub resources should produce an 404 response rather than a 500 Server 6E52 Error.

Actual behavior

A missing Idp will yield an NPE for GET/PUT calls to management/permissions.

How to Reproduce?

  1. Try to call GET on management/permissions for a non-existing Identity Provider.

Anything else?

Example StackTrace

2025-04-14 16:42:15,424 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-6) Uncaught server error: java.lang.NullPointerException: Cannot invoke "org.keycloak.models.IdentityProviderModel.getInternalId()" because "idp" is null
	at org.keycloak.services.resources.admin.permissions.IdentityProviderPermissions.getResourceName(IdentityProviderPermissions.java:64)
	at org.keycloak.services.resources.admin.permissions.IdentityProviderPermissions.isPermissionsEnabled(IdentityProviderPermissions.java:113)
	at org.keycloak.services.resources.admin.IdentityProviderResource.getManagementPermissions(IdentityProviderResource.java:448)
	at org.keycloak.services.resources.admin.IdentityProviderResource$quarkusrestinvoker$getManagementPermissions_3b85618d68db8fe7ad2afa0963ccc2dc07a4bf70.invoke(Unknown Source)
	at org.jboss.resteasy.reactive.server.handlers.InvocationHandler.handle(InvocationHandler.java:29)
	at io.quarkus.resteasy.reactive.server.runtime.QuarkusResteasyReactiveRequestContext.invokeHandler(QuarkusResteasyReactiveRequestContext.java:141)
	at org.jboss.resteasy.reactive.common.core.AbstractResteasyReactiveContext.run(AbstractResteasyReactiveContext.java:147)
	at io.quarkus.vertx.core.runtime.VertxCoreRecorder$15.runWith(VertxCoreRecorder.java:638)
	at org.jboss.threads.EnhancedQueueExecutor$Task.doRunWith(EnhancedQueueExecutor.java:2675)
	at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2654)
	at org.jboss.threads.EnhancedQueueExecutor.runThreadBody(EnhancedQueueExecutor.java:1627)
	at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1594)
	at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:11)
	at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:11)
	at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
	at java.base/java.lang.Thread.run(Thread.java:1583)

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/admin/apikind/bugCategorizes a PR related to a bugrelease/26.3.0team/core-shared

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0