mirror of
https://github.com/spring-projects/spring-security.git
synced 2025-05-31 17:22:13 +00:00
95c2403968
It appears Nimbus does not check the presence of the Content-Type header before parsing it in some versions, and since prior to this commit, the code is .toString()-ing the result, a malformed response (such as that from a misbehaving cloud gateway) that does not include a Content-Type would currently throw a NullPointerException. In addition to this, I have added a little more information to the log output for this module on the standard and reactive implementations to aid in debugging authorization/authentication issues much more easily.