[1/2] cxf git commit: NPE fix

Fri, 13 Nov 2015 05:38:38 -0800 

Repository: cxf
Updated Branches:
  refs/heads/3.1.x-fixes e80086821 -> 2e8802825


NPE fix


Project: http://git-wip-us.apache.org/repos/asf/cxf/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf/commit/13521bd1
Tree: http://git-wip-us.apache.org/repos/asf/cxf/tree/13521bd1
Diff: http://git-wip-us.apache.org/repos/asf/cxf/diff/13521bd1

Branch: refs/heads/3.1.x-fixes
Commit: 13521bd10962d41f16f699f42876874b53a448f3
Parents: e800868
Author: Colm O hEigeartaigh <cohei...@apache.org>
Authored: Fri Nov 13 11:15:30 2015 +0000
Committer: Colm O hEigeartaigh <cohei...@apache.org>
Committed: Fri Nov 13 13:37:00 2015 +0000

----------------------------------------------------------------------
 .../rs/security/oauth2/services/RedirectionBasedGrantService.java  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf/blob/13521bd1/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
----------------------------------------------------------------------
diff --git 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
index 51ea97e..667de92 100644
--- 
a/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
+++ 
b/rt/rs/security/oauth-parent/oauth2/src/main/java/org/apache/cxf/rs/security/oauth2/services/RedirectionBasedGrantService.java
@@ -271,7 +271,7 @@ public abstract class RedirectionBasedGrantService extends 
AbstractOAuthService
             sessionTokenParamName = OAuthConstants.SESSION_AUTHENTICITY_TOKEN;
         }
         String sessionToken = params.getFirst(sessionTokenParamName);
-        if (!compareRequestAndSessionTokens(sessionToken, params, 
userSubject)) {
+        if (sessionToken == null || 
!compareRequestAndSessionTokens(sessionToken, params, userSubject)) {
             throw ExceptionUtils.toBadRequestException(null, null);     
         }

Reply via email to