ncsa / oa4mp

Open Authorization for MyProxy
https://oa4mp.org/
Other
8 stars 10 forks source link

Forking a flow after multiple refreshes throws an NPE #211

Open jjg-123 opened 1 month ago

jjg-123 commented 1 month ago

An implicit assumption is that forking the flow happens right after the initial provisioning. If there are several refreshes and exchanges done, resolving the state does not work because "the wrong token" is expected and an NPE is raised. That is too constrictive for sure. Also, a better error should be sent, never an NPE!

This is a critical feature to fix since vault or htgettoken automatically issue refreshes and exchanges initially and users who want to fork flows have no control over this.