When an IDP returns a claim with a null value, the /whoami return a 500 error because of a NullPointerException in Spring Security (claimValue is null in Assert lambda in ClaimAccessor::getClaimAsStringList, which handles non-existing claim or existing not null claim, but does not handle existing null claims).
Fixed by removing null claims from the decoded token before giving it to Spring Security.
When an IDP returns a claim with a null value, the /whoami return a 500 error because of a NullPointerException in Spring Security (claimValue is null in Assert lambda in ClaimAccessor::getClaimAsStringList, which handles non-existing claim or existing not null claim, but does not handle existing null claims).
Fixed by removing null claims from the decoded token before giving it to Spring Security.