SEC-1820: Added null check for attributesToFetch in OpenID4JavaConsumer.
This commit is contained in:
parent
4a000d040c
commit
a573e7b395
|
@ -195,7 +195,7 @@ public class OpenID4JavaConsumer implements OpenIDConsumer {
|
||||||
List<OpenIDAttribute> fetchAxAttributes(Message authSuccess, List<OpenIDAttribute> attributesToFetch)
|
List<OpenIDAttribute> fetchAxAttributes(Message authSuccess, List<OpenIDAttribute> attributesToFetch)
|
||||||
throws OpenIDConsumerException {
|
throws OpenIDConsumerException {
|
||||||
|
|
||||||
if (!authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
|
if (attributesToFetch == null || !authSuccess.hasExtension(AxMessage.OPENID_NS_AX)) {
|
||||||
return Collections.emptyList();
|
return Collections.emptyList();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue