Prevent NPE in AuthenticationManager.backchannelLogout (#23313)

Previously, if the user was already removed from the userSession and the log level was set to DEBUG, then an NPE was triggered by the debug log statement during backchannelLogout. Fixes #23306 (cherry picked from commit 04d16ed)
keycloak · Sep 18, 2023 · a3ec768 · a3ec768
1 parent 013991e
commit a3ec768
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java b/services/src/main/java/org/keycloak/services/managers/AuthenticationManager.java
@@ -287,7 +287,8 @@ public static BackchannelLogoutResponse backchannelLogout(KeycloakSession sessio
 
         if (logger.isDebugEnabled()) {
             UserModel user = userSession.getUser();
-            logger.debugv("Logging out: {0} ({1}) offline: {2}", user.getUsername(), userSession.getId(),
+            String username = user == null ? null : user.getUsername();
+            logger.debugv("Logging out: {0} ({1}) offline: {2}", username, userSession.getId(),
                     userSession.isOffline());
         }