Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-06-24 21:12:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

SEC-1390: Added null check on claimedIdentifier returned by DiscoveryInformation to prevent NPE.

Browse Source
This commit is contained in:
Luke Taylor 2010-01-28 16:34:45 +00:00
parent b1243416fc
commit 8720966d20
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
openid/src/main/java/org/springframework/security/openid/OpenID4JavaConsumer.java
View File

@ -158,7 +158,7 @@ public class OpenID4JavaConsumer implements OpenIDConsumer {
}
} catch (MessageException e) {
attributes.clear();
throw new OpenIDConsumerException("Attribute retrievel failed", e);
throw new OpenIDConsumerException("Attribute retrieval failed", e);
}
if (debug) {
logger.debug("Retrieved attributes" + attributes);
@ -169,8 +169,9 @@ public class OpenID4JavaConsumer implements OpenIDConsumer {
Identifier verified = verification.getVerifiedId();
if (verified == null) {
Identifier id = discovered.getClaimedIdentifier();
return new OpenIDAuthenticationToken(OpenIDAuthenticationStatus.FAILURE,
discovered.getClaimedIdentifier().getIdentifier(),
id == null ? "Unknown" : id.getIdentifier(),
"Verification status message: [" + verification.getStatusMsg() + "]", attributes);
}