NPE fix
Project: http://git-wip-us.apache.org/repos/asf/cxf/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c5413a80 Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c5413a80 Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c5413a80 Branch: refs/heads/master Commit: c5413a80e67b9b9a319ab8e3112486f093892528 Parents: 0b8ac3e Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Fri Nov 13 11:15:30 2015 +0000 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Fri Nov 13 12:39:30 2015 +0000 ---------------------------------------------------------------------- .../rs/security/oauth2/services/RedirectionBasedGrantService.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf/blob/c5413a80/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java ---------------------------------------------------------------------- diff --git a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java index 51ea97e..667de92 100644 --- a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java +++ b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java @@ -271,7 +271,7 @@ public abstract class RedirectionBasedGrantService extends AbstractOAuthService sessionTokenParamName = OAuthConstants.SESSION_AUTHENTICITY_TOKEN; } String sessionToken = params.getFirst(sessionTokenParamName); - if (!compareRequestAndSessionTokens(sessionToken, params, userSubject)) { + if (sessionToken == null || !compareRequestAndSessionTokens(sessionToken, params, userSubject)) { throw ExceptionUtils.toBadRequestException(null, null); }