NullPointerException on calling User Info Endpoint

[vrustia-owens]

Upon successful login via open id connect, the service provider is successful in retrieving the claims from the user info endpoint. After updating the user profile or updating the Service Provider Configuration in WSO2 IS, I encountered this exception below. Upon quick inspection, the code segment and the exception implies that the cache entry is nullified because of the said actions on the UI, and since the code that triggered this doesn't handle null cache entry, therefore would cause NullPointerException on this code

Code origin of error:
https://github.com/wso2-extensions/identity-inbound-auth-oauth/blob/d89eda3083585eeed5763b2b4abf65a440c06a65/components/org.wso2.carbon.identity.oauth/src/main/java/org/wso2/carbon/identity/openidconnect/AbstractUserInfoResponseBuilder.java#L298

Exception encountered:

Caused by: java.lang.NullPointerException
	at org.wso2.carbon.identity.openidconnect.AbstractUserInfoResponseBuilder.getRequestObject(AbstractUserInfoResponseBuilder.java:298)
	at org.wso2.carbon.identity.openidconnect.AbstractUserInfoResponseBuilder.getResponseString(AbstractUserInfoResponseBuilder.java:82)
	at org.wso2.carbon.identity.oauth.endpoint.user.OpenIDConnectUserEndpoint.getUserClaims(OpenIDConnectUserEndpoint.java:80)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:497)
	at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:188)
	at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:104)

[vrustia-owens]

Any planned milestone for this one?
We are to use WSO2 Identity Server as OpenID Connect Provider on production hopefully early this year, probably around March. I hope we are able to get the fix for this one.

Thank you very much your attention.

[isharak]

Hi,
Thanks for pointing out. We will fix this soon and update the issue.

-Ishara

[erwinant]

Hi everyone, I'm wso2noob, can you explain, how to implement this on my source code?

[vrustia-owens]

Hi @erwin123
I can't understand the context you are coming from. Also if you want to understand how to use WSO2 IS, you can refer to the docs, here

[vrustia-owens]

Nice job, guys.
By the way is there any way to know which milestone would this bug fix be included and when?
Thanks!

[erwinant]

I have been gotten this error, it means, i ve done to running wso2. My question is, this issue has been solved right? And how i can implement this fixed version on my wso2?

[bhathiya]

@erwin123 Clone tag 5.5.168 of https://github.com/wso2-extensions/identity-inbound-auth-oauth and apply the fix in https://github.com/wso2-extensions/identity-inbound-auth-oauth/pull/752/files. Then build the jar and replace the same jar in <IS_HOME>/repository/components/plugins/.

[bhathiya]

@DMHP IMO it's necessary to have integration tests to maintain the stability of such critical functionalities.

[vrustia-owens]

any updates on this? =)

[ashensw]

Hi @vrustia-owens

We have planned to release this fix with IS 5.4.0-Update4 which is scheduled to be released on 11th of Jan 2018.

Thanks,
Ashen