[2/2] cxf git commit: NPE fix

Fri, 13 Nov 2015 05:38:00 -0800 

NPE fix


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/c5413a80
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/c5413a80
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/c5413a80

Branch: refs/heads/master
Commit: c5413a80e67b9b9a319ab8e3112486f093892528
Parents: 0b8ac3e
Author: Colm O hEigeartaigh <cohei...@apache.org>
Authored: Fri Nov 13 11:15:30 2015 +0000
Committer: Colm O hEigeartaigh <cohei...@apache.org>
Committed: Fri Nov 13 12:39:30 2015 +0000

----------------------------------------------------------------------
 .../rs/security/oauth2/services/RedirectionBasedGrantService.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/c5413a80/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
----------------------------------------------------------------------
diff --git 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index 51ea97e..667de92 100644
--- 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++ 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -271,7 +271,7 @@ public abstract class RedirectionBasedGrantService extends 
AbstractOAuthService
             sessionTokenParamName = OAuthConstants.SESSION_AUTHENTICITY_TOKEN;
         }
         String sessionToken = params.getFirst(sessionTokenParamName);
-        if (!compareRequestAndSessionTokens(sessionToken, params, 
userSubject)) {
+        if (sessionToken == null || 
!compareRequestAndSessionTokens(sessionToken, params, userSubject)) {
             throw ExceptionUtils.toBadRequestException(null, null);     
         }

Reply via email to