May get an NPE in URLEncoder.encode when OAuth provder gets bad clientId TS003459997

[barbj]

Describe the bug
In oauth, it appears that, when making an authorization request, when a clientId does not exist, you may get an NPE from URLEncode. Here is the stack trace:

2020-03-19T12:27:41.904+0000] 00000af8 id=d9aa0b80 .ibm.ws.webcontainer.security.WebAppSecurityCollaboratorImpl < resetSyncToOSThread Exit
[2020-03-19T12:27:41.896+0000] 00000ad4 id=00000000 com.ibm.ws.webcontainer.util.ApplicationErrorUtils E SRVE0777E: Exception thrown by application class 'java.net.URLEncoder.encode:225'
java.lang.NullPointerException
at java.net.URLEncoder.encode(URLEncoder.java:225)
at com.ibm.ws.security.oauth20.error.impl.OAuth20AuthorizeRequestExceptionHandler.handleResultException(OAuth20AuthorizeRequestExceptionHandler.java:251)
at com.ibm.ws.security.oauth20.web.UserAuthentication.renderErrorPage(UserAuthentication.java:487)
at com.ibm.ws.security.oauth20.web.OAuth20EndpointServices.handleEndpointRequest(OAuth20EndpointServices.java:252)
at com.ibm.ws.security.openidconnect.web.OidcEndpointServices.handleOidcRequest(OidcEndpointServices.java:274)
at com.ibm.ws.security.openidconnect.web.OidcEndpointServlet.doPost(OidcEndpointServlet.java:55)
at com.ibm.ws.security.openidconnect.web.OidcEndpointServlet.doGet(OidcEndpointServlet.java:49)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:686)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:791)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1230)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:729)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:426)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.invokeTarget(WebAppFilterChain.java:182)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:93)
at com.ibm.ws.security.openidconnect.web.OidcRequestFilter.setEndpointRequest(OidcRequestFilter.java:41)
at com.ibm.ws.security.oauth20.web.OAuth20RequestFilter.doFilter(OAuth20RequestFilter.java:93)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:201)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:90)
at com.ibm.ws.app.manager.wab.internal.OsgiDirectoryProtectionFilter.doFilter(OsgiDirectoryProtectionFilter.java:90)
at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:201)
at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:90)
at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:1001)
...

OAuth20AuthorizeRequestExceptionHandler.java:251 is the line in this try block

 String errorDesc = e2.formatSelf(req.getLocale(), encoding);
 try {
     errorDesc = URLEncoder.encode(errorDesc, "utf-8");
 } catch (UnsupportedEncodingException e1) {
      if (tc.isDebugEnabled())
         Tr.debug(tc, "Internal error encoding error description", new Object[] { e1 });
 }

I suggest two things here:

1. Don't run the URLEncoder.encode if errorDesc is null.
2. Change UnsupportedEncodingException to Excepton.

Expected behavior
Don't get an NPE in URLEncode

Diagnostic information:

• OpenLiberty Version: [e.g. 19.0.0.12]
• Java Version: [i.e. full output of java -version]
  Java(TM) SE Runtime Environment (8.0.6.5 - pxa6480sr6fp5ifix-20200304_01(SR6 FP5+IJ23018