search

AzureAD / azure-activedirectory-library-for-android

The ADAL SDK for Android gives you the ability to add support for Work Accounts to your application with just a few lines of additional code. This SDK gives your application the full functionality of Microsoft Azure AD, including industry standard protocol support for OAuth2, Web API integration with user level consent, and two factor authentication support.
http://www.windowsazure.com/en-us/services/active-directory/
MIT License
177 stars 108 forks source link

Attempt to invoke virtual method 'java.security.PrivateKey java.security.KeyPair.getPrivate()' on a null object reference #1769

Closed rossholdway closed 8 months ago

rossholdway commented 10 months ago

Expected behavior

Null object reference should be handled.

Actual behavior

App (sometimes) crashes with java.lang.NullPointerException.

Steps to reproduce the problem

Seen on Android 13 to 11 (so far)

Specifications like the version of the library, operating system etc.

Release com.microsoft.aad:adal:4.7.1

Relevant logs and traces

Exception java.lang.NullPointerException: Attempt to invoke virtual method 'java.security.PrivateKey java.security.KeyPair.getPrivate()' on a null object reference
  at com.microsoft.aad.adal.StorageHelper.unwrap (StorageHelper.java:673)
  at com.microsoft.aad.adal.StorageHelper.getUnwrappedSecretKey (StorageHelper.java:622)
  at com.microsoft.aad.adal.StorageHelper.getKey (StorageHelper.java:406)
  at com.microsoft.aad.adal.StorageHelper.decrypt (StorageHelper.java:276)
  at com.microsoft.aad.adal.DefaultTokenCacheStore.decrypt (DefaultTokenCacheStore.java:152)
  at com.microsoft.aad.adal.DefaultTokenCacheStore.getItem (DefaultTokenCacheStore.java:170)
  at com.microsoft.aad.adal.DelegatingCache.getItem (DelegatingCache.java:64)
  at com.microsoft.aad.adal.TokenCacheAccessor.getRegularRefreshTokenCacheItem (TokenCacheAccessor.java:181)
  at com.microsoft.aad.adal.TokenCacheAccessor.getATFromCache (TokenCacheAccessor.java:144)
  at com.microsoft.aad.adal.AcquireTokenSilentHandler.getAccessToken (AcquireTokenSilentHandler.java:110)
  at com.microsoft.aad.adal.AcquireTokenRequest.tryAcquireTokenSilentLocally (AcquireTokenRequest.java:587)
  at com.microsoft.aad.adal.AcquireTokenRequest.acquireTokenSilentFlow (AcquireTokenRequest.java:552)
  at com.microsoft.aad.adal.AcquireTokenRequest.tryAcquireTokenSilent (AcquireTokenRequest.java:445)
  at com.microsoft.aad.adal.AcquireTokenRequest.performAcquireTokenRequest (AcquireTokenRequest.java:424)
  at com.microsoft.aad.adal.AcquireTokenRequest.access$200 (AcquireTokenRequest.java:63)
  at com.microsoft.aad.adal.AcquireTokenRequest$1.run (AcquireTokenRequest.java:137)
  at java.util.concurrent.ThreadPoolExecutor.runWorker (ThreadPoolExecutor.java:1137)
  at java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:637)
  at java.lang.Thread.run (Thread.java:1012)
rossholdway commented 8 months ago

This is caused by Android deleting the "AdalKey" alias, which can happen after a device is restored from cloud backup. If the alias is missing you can clear the cache to restore functionality.