Menu
▾
▴
Re: [Unity-idm-discuss] NullPointerException on OAuth Auth endpoint
|
From: Roman K. <ro...@un...> - 2025-12-01 09:29:55
|
Good morning Sander, Definitely better error handling is required in this situation, I'll create a ticket to cover this. With regards to your second question, this is not supported by Unity, and in general the redirect uri w/o scheme is not valid in OAuth (RFC 6749) Best regards, Roman pon., 24 lis 2025 o 09:46 Sander Apweiler <sa....@fz...> napisał(a): > Hi Krzysztof, > hi Roman, > > we got a report where an user got a NullPointerException on the auth > endpoint, using the OIDC-agent: > > HTTP ERROR 500 java.lang.NullPointerException: Cannot invoke > "String.equals(Object)" because "scheme" is null > URI: /oauth2-as/oauth2-authz > STATUS: 500 > MESSAGE: java.lang.NullPointerException: Cannot invoke > "String.equals(Object)" because "scheme" is null > SERVLET: pl.edu.icm.unity.oauth.as.webauthz.OAuthParseServlet-12f306f7 > CAUSED BY: java.lang.NullPointerException: Cannot invoke > "String.equals(Object)" because "scheme" is null > Caused by: > java.lang.NullPointerException: Cannot invoke "String.equals(Object)" > because "scheme" is null > at pl.edu.icm.unity.oauth.as > .webauthz.OAuthWebRequestValidator.assertPrivateUseURIIsSane(OAuthWebRequestValidator.java:375) > at pl.edu.icm.unity.oauth.as > .webauthz.OAuthWebRequestValidator.validateReturnURI(OAuthWebRequestValidator.java:350) > at pl.edu.icm.unity.oauth.as > .webauthz.OAuthWebRequestValidator.validate(OAuthWebRequestValidator.java:130) > at pl.edu.icm.unity.oauth.as > .webauthz.OAuthParseServlet.processRequestInterruptible(OAuthParseServlet.java:206) > at pl.edu.icm.unity.oauth.as > .webauthz.OAuthParseServlet.processRequest(OAuthParseServlet.java:120) > at pl.edu.icm.unity.oauth.as > .webauthz.OAuthParseServlet.doGet(OAuthParseServlet.java:112) > > The user used this return URL: edu.kit.data.oidc-agent:/ > > I have two questions about this. First of all is such an URL supported > by unity? The second question would be if it would make sense to catch > this Exception and show a proper error message instead? > > Best regards, > Sander > > -- > Large-Scale Data Science > Juelich Supercomputing Centre > > phone: +49 2461 61 8847 > fax: +49 2461 61 6656 > email: sa....@fz... > > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > Forschungszentrum Jülich GmbH > 52425 Jülich > Sitz der Gesellschaft: Jülich > Eingetragen im Handelsregister des Amtsgerichts Düren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Stefan Müller > Geschäftsführung: Prof. Dr. Astrid Lambrecht (Vorsitzende), > Dr. Stephanie Bauer (stellvertretende Vorsitzende), > Prof. Dr. Ir. Pieter Jansens, Prof. Dr. Laurens Kuipers > ----------------------------------------------------------------------- > ----------------------------------------------------------------------- > > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > |
