null pointer exception with a bad code on Authorization code token granter

[xorkk]

Hello,
There is a null pointer exception, when we call getOAuth2Authentication from AuthorizationCodeTokenGranter with a bad code.

when the call arrive to this.authorizationCodeServices.consumeAuthorizationCode(authorizationCode);
-> OAuth2Authentication auth = this.remove(code);
-> GormAuthorizationCodeService -> remove(code)
-> def gormAuthorizationCode = AuthorizationCode.findWhere((codePropertyName): code) -> null
-> def serializedAuthentication = gormAuthorizationCode?."$authenticationPropertyName"
authentication = oauth2AuthenticationSerializer.deserialize(serializedAuthentication)

Null pointer exception, So we cannot have a correct error code for this ...
I suggest to check if the gormAuthorizationCode exists before deserializing, and put a correct error message.

[enr]

Hi @xorkk ,
I don't find the mentioned code in this repo, maybe you are referring to grails-spring-security-oauth2-provider plugin ?
I see a pattern similar to that described in https://github.com/bluesliverx/grails-spring-security-oauth2-provider/blob/master/grails-app/services/grails/plugin/springsecurity/oauthprovider/GormAuthorizationCodeService.groovy#L35

Let me know, cheers
Enrico

[xorkk]

Yes it is on the plugin,  sorry for the inconvenience
Le 4 nov. 2015 8:46 AM, Enrico Comiti notifications@github.com a écrit :Hi @xorkk ,
I don't find the mentioned code in this repo, maybe you are referring to grails-spring-security-oauth2-provider plugin ?
I see a pattern similar to that described in https://github.com/bluesliverx/grails-spring-security-oauth2-provider/blob/master/grails-app/services/grails/plugin/springsecurity/oauthprovider/GormAuthorizationCodeService.groovy#L35

Let me know, cheers
Enrico

—Reply to this email directly or view it on GitHub.