search

wso2 / product-is

Welcome to the WSO2 Identity Server source code! For info on working with the WSO2 Identity Server repository and contributing code, click the link below.
http://wso2.github.io/
Apache License 2.0
748 stars 729 forks source link

NPE when deleting an authorized API without scopes #19781

Closed ThaminduR closed 5 months ago

ThaminduR commented 9 months ago

Describe the issue:

$subject

How to reproduce:

  1. Authorize an API without scopes to an application
  2. Delete the authorized API
  3. An error will be displayed and server error will be logged in the terminal
indeewari commented 8 months ago

This is reproducing in IS 7 - RC7

User should now allow to save the API authorization without a scope.

[2024-03-01 12:09:24,383] [3a86ca1b-f151-46d5-9224-441c3d6d604a] ERROR {org.wso2.carbon.identity.api.dispatcher.core.DefaultExceptionMapper} - Server encountered an error while serving the request. java.lang.NullPointerException at org.wso2.carbon.identity.oauth.listener.IdentityOauthEventHandler.handleEvent(IdentityOauthEventHandler.java:284) at org.wso2.carbon.identity.event.services.IdentityEventServiceImpl.handleEvent(IdentityEventServiceImpl.java:56) at org.wso2.carbon.identity.application.mgt.publisher.ApplicationAuthorizedAPIManagementEventPublisherProxy.doPublishEvent(ApplicationAuthorizedAPIManagementEventPublisherProxy.java:122) at org.wso2.carbon.identity.application.mgt.publisher.ApplicationAuthorizedAPIManagementEventPublisherProxy.publishPreDeleteAuthorizedAPIForApplication(ApplicationAuthorizedAPIManagementEventPublisherProxy.java:92) at org.wso2.carbon.identity.application.mgt.AuthorizedAPIManagementServiceImpl.deleteAuthorizedAPI(AuthorizedAPIManagementServiceImpl.java:89) at org.wso2.carbon.identity.api.server.application.management.v1.core.ServerApplicationManagementService.deleteAuthorizedAPI(ServerApplicationManagementService.java:1435) at org.wso2.carbon.identity.api.server.application.management.v1.impl.ApplicationsApiServiceImpl.deleteAuthorizedAPI(ApplicationsApiServiceImpl.java:149) at org.wso2.carbon.identity.api.server.application.management.v1.ApplicationsApi.deleteAuthorizedAPI(ApplicationsApi.java:242) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.base/java.lang.reflect.Method.invoke(Method.java:566) at org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:179) at org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:96) at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:201) at org.apache.cxf.jaxrs.JAXRSInvoker.invoke(JAXRSInvoker.java:104)

pathberiya commented 6 months ago

I can see this error when we delete the scope attached to the API resource (which is already added to an application). Can we fix this soon with proper error message rather than a null pointer ?

indeewari commented 6 months ago

Hi @pathberiya, Is it IS 7 version you see this error ?