- attached response.json
Nullpointer Exception with JSONParser
Hi I discovered a NullPointerException.
We have a service running for several weeks now and it suddenly stopped working because of a NullPointer. The code is fairly simple
try (CloseableHttpClient httpClient = yesHttpClient.getHttpClient(); CloseableHttpResponse response = httpClient.execute(httpGet)) { JSONParser jsonParser = new JSONParser(JSONParser.MODE_JSON_SIMPLE); String jsonResponse = IOUtils.toString(response.getEntity().getContent()); log.trace("jsonResponse: {}", jsonResponse); this.yesConfiguration = jsonParser.parse(jsonResponse, YesServiceConfiguration.class); log.info("loaded YES-service-configuration: \n{}", this.yesConfiguration.toString()); }
you should be able to reproduce it. The URL of the YES-service is public and available for testing:
https://api.sandbox.yes.de/issuer/.well-known/openid-configuration
the result I am getting from the yes-service is:
jsonResponse: { "issuer" : "https:\/\/api.sandbox.yes.de\/issuer", "subject_types_supported" : [ "public", "pairwise" ], "jwks_uri" : "https:\/\/api.sandbox.yes.de\/issuer\/jwks.json", "authorization_endpoint" : "https:\/\/ui.sandbox.yes.de", "token_endpoint" : "https:\/\/api.sandbox.yes.de\/issuer\/token", "userinfo_endpoint" : "https:\/\/api.sandbox.yes.de\/issuer\/userinfo", "registration_endpoint" : "https:\/\/api.sandbox.yes.de\/issuer\/clients", "introspection_endpoint" : "https:\/\/api.sandbox.yes.de\/issuer\/token\/introspect", "revocation_endpoint" : "https:\/\/api.sandbox.yes.de\/issuer\/token\/revoke", "scopes_supported" : [ "openid", "email", "address", "phone", "https:\/\/yes.de\/person_data", "https:\/\/yes.de\/document.consent", "https:\/\/yes.de\/iban", "https:\/\/yes.de\/account_holder" ], "response_types_supported" : [ "code", "id_token", "id_token token", "code id_token", "code id_token token" ], "response_modes_supported" : [ "query", "fragment", "form_post" ], "grant_types_supported" : [ "implicit", "authorization_code", "refresh_token", "password", "client_credentials", "urn:ietf:params:oauth:grant-type:jwt-bearer" ], "code_challenge_methods_supported" : [ "S256", "plain" ], "acr_values_supported" : [ "0" ], "token_endpoint_auth_methods_supported" : [ "client_secret_basic", "client_secret_post", "client_secret_jwt", "private_key_jwt", "none" ], "token_endpoint_auth_signing_alg_values_supported" : [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384", "ES512" ], "request_object_signing_alg_values_supported" : [ "HS256", "HS384", "HS512", "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384", "ES512", "none" ], "id_token_signing_alg_values_supported" : [ "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512", "none" ], "id_token_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "RSA-OAEP-256", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "dir", "A128KW", "A192KW", "A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW" ], "id_token_encryption_enc_values_supported" : [ "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM" ], "userinfo_signing_alg_values_supported" : [ "RS256", "RS384", "RS512", "PS256", "PS384", "PS512", "ES256", "ES384", "ES512", "HS256", "HS384", "HS512" ], "userinfo_encryption_alg_values_supported" : [ "RSA1_5", "RSA-OAEP", "RSA-OAEP-256", "ECDH-ES", "ECDH-ES+A128KW", "ECDH-ES+A192KW", "ECDH-ES+A256KW", "dir", "A128KW", "A192KW", "A256KW", "A128GCMKW", "A192GCMKW", "A256GCMKW" ], "userinfo_encryption_enc_values_supported" : [ "A128CBC-HS256", "A192CBC-HS384", "A256CBC-HS512", "A128GCM", "A192GCM", "A256GCM" ], "display_values_supported" : [ "page", "popup" ], "claim_types_supported" : [ "normal" ], "claims_supported" : [ "sub", "iss", "auth_time", "acr", "address", "email", "email_verified", "phone_number", "phone_number_verified", "https:\/\/yes.de\/salutation", "https:\/\/yes.de\/title", "https:\/\/yes.de\/given_name", "https:\/\/yes.de\/family_name", "https:\/\/yes.de\/gender", "https:\/\/yes.de\/place_of_birth", "https:\/\/yes.de\/birthdate", "https:\/\/yes.de\/nationality" ], "ui_locales_supported" : [ "en" ], "claims_parameter_supported" : true, "request_parameter_supported" : true, "request_uri_parameter_supported" : true, "require_request_uri_registration" : true, "frontchannel_logout_supported" : false, "backchannel_logout_supported" : false, "request_uri_quota" : 10 }
And this results in the following stacktrace
Context initialization failed org.springframework.beans.factory.UnsatisfiedDependencyException: Error creating bean with name 'yesLegacyProtocolController': Unsatisfied dependency expressed through field 'yesClient'; nested exception is org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'yesClient': Invocation of init method failed; nested exception is java.lang.NullPointerException at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:588) at org.springframework.beans.factory.annotation.InjectionMetadata.inject(InjectionMetadata.java:88) at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor.postProcessPropertyValues(AutowiredAnnotationBeanPostProcessor.java:366) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.populateBean(AbstractAutowireCapableBeanFactory.java:1264) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:553) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:197) at org.springframework.beans.factory.support.DefaultListableBeanFactory.preInstantiateSingletons(DefaultListableBeanFactory.java:761) at org.springframework.context.support.AbstractApplicationContext.finishBeanFactoryInitialization(AbstractApplicationContext.java:867) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:543) at org.springframework.web.context.ContextLoader.configureAndRefreshWebApplicationContext(ContextLoader.java:443) at org.springframework.web.context.ContextLoader.initWebApplicationContext(ContextLoader.java:325) at org.springframework.web.context.ContextLoaderListener.contextInitialized(ContextLoaderListener.java:107) at org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4743) at org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5207) at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) at org.apache.catalina.core.ContainerBase.addChildInternal(ContainerBase.java:752) at org.apache.catalina.core.ContainerBase.addChild(ContainerBase.java:728) at org.apache.catalina.core.StandardHost.addChild(StandardHost.java:734) at org.apache.catalina.startup.HostConfig.manageApp(HostConfig.java:1702) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:300) at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819) at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:801) at org.apache.catalina.mbeans.MBeanFactory.createStandardContext(MBeanFactory.java:482) at org.apache.catalina.mbeans.MBeanFactory.createStandardContext(MBeanFactory.java:431) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.apache.tomcat.util.modeler.BaseModelMBean.invoke(BaseModelMBean.java:300) at com.sun.jmx.interceptor.DefaultMBeanServerInterceptor.invoke(DefaultMBeanServerInterceptor.java:819) at com.sun.jmx.mbeanserver.JmxMBeanServer.invoke(JmxMBeanServer.java:801) at javax.management.remote.rmi.RMIConnectionImpl.doOperation(RMIConnectionImpl.java:1468) at javax.management.remote.rmi.RMIConnectionImpl.access$300(RMIConnectionImpl.java:76) at javax.management.remote.rmi.RMIConnectionImpl$PrivilegedOperation.run(RMIConnectionImpl.java:1309) at javax.management.remote.rmi.RMIConnectionImpl.doPrivilegedOperation(RMIConnectionImpl.java:1401) at javax.management.remote.rmi.RMIConnectionImpl.invoke(RMIConnectionImpl.java:829) at sun.reflect.GeneratedMethodAccessor615.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at sun.rmi.server.UnicastServerRef.dispatch(UnicastServerRef.java:357) at sun.rmi.transport.Transport$1.run(Transport.java:200) at sun.rmi.transport.Transport$1.run(Transport.java:197) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.Transport.serviceCall(Transport.java:196) at sun.rmi.transport.tcp.TCPTransport.handleMessages(TCPTransport.java:568) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run0(TCPTransport.java:826) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.lambda$run$0(TCPTransport.java:683) at java.security.AccessController.doPrivileged(Native Method) at sun.rmi.transport.tcp.TCPTransport$ConnectionHandler.run(TCPTransport.java:682) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) at java.lang.Thread.run(Thread.java:748) Caused by: org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'yesClient': Invocation of init method failed; nested exception is java.lang.NullPointerException at org.springframework.beans.factory.annotation.InitDestroyAnnotationBeanPostProcessor.postProcessBeforeInitialization(InitDestroyAnnotationBeanPostProcessor.java:137) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.applyBeanPostProcessorsBeforeInitialization(AbstractAutowireCapableBeanFactory.java:409) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.initializeBean(AbstractAutowireCapableBeanFactory.java:1620) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.doCreateBean(AbstractAutowireCapableBeanFactory.java:555) at org.springframework.beans.factory.support.AbstractAutowireCapableBeanFactory.createBean(AbstractAutowireCapableBeanFactory.java:483) at org.springframework.beans.factory.support.AbstractBeanFactory$1.getObject(AbstractBeanFactory.java:306) at org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.getSingleton(DefaultSingletonBeanRegistry.java:230) at org.springframework.beans.factory.support.AbstractBeanFactory.doGetBean(AbstractBeanFactory.java:302) at org.springframework.beans.factory.support.AbstractBeanFactory.getBean(AbstractBeanFactory.java:202) at org.springframework.beans.factory.config.DependencyDescriptor.resolveCandidate(DependencyDescriptor.java:208) at org.springframework.beans.factory.support.DefaultListableBeanFactory.doResolveDependency(DefaultListableBeanFactory.java:1138) at org.springframework.beans.factory.support.DefaultListableBeanFactory.resolveDependency(DefaultListableBeanFactory.java:1066) at org.springframework.beans.factory.annotation.AutowiredAnnotationBeanPostProcessor$AutowiredFieldElement.inject(AutowiredAnnotationBeanPostProcessor.java:585) ... 59 more Caused by: java.lang.NullPointerException at java.util.concurrent.ConcurrentHashMap.putVal(ConcurrentHashMap.java:1011) at java.util.concurrent.ConcurrentHashMap.putIfAbsent(ConcurrentHashMap.java:1535) at net.minidev.json.writer.JsonReader.getMapper(JsonReader.java:152) at net.minidev.json.writer.JsonReader.getMapper(JsonReader.java:99) at net.minidev.json.writer.BeansMapper$Bean.startArray(BeansMapper.java:80) at net.minidev.json.parser.JSONParserBase.readMain(JSONParserBase.java:406) at net.minidev.json.parser.JSONParserBase.readObject(JSONParserBase.java:546) at net.minidev.json.parser.JSONParserBase.readFirst(JSONParserBase.java:301) at net.minidev.json.parser.JSONParserBase.parse(JSONParserBase.java:158) at net.minidev.json.parser.JSONParserString.parse(JSONParserString.java:58) at net.minidev.json.parser.JSONParser.parse(JSONParser.java:279) at de.governikus.aic.yes.config.YesConfigurationLoader.getYesConfiguration(YesConfigurationLoader.java:81) at de.governikus.aic.yes.actors.YesClient.initializeConfiguration(YesClient.java:120) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498)
Comments (8)
-
-
- attached stacktrace.txt
-
- attached code.txt
-
- changed status to open
Thanks for the report!
-
This code doesn't seem to be related to the JWT library, but to JSON Smart. Which JSON Smart version have you got?
Why don't you try parsing with OIDCProviderMetadata.parse(String) from the OIDC SDK (5.1):
Just tried it out, and it worked.
-
The OIDC SDK uses this code internally to parse:
new JSONParser(JSONParser.USE_HI_PRECISION_FLOAT | JSONParser.ACCEPT_TAILLING_SPACE).parse(s)
The bug you encounter seems to be related to the JSON Smart mapper, perhaps it will be more appropriate to report it there (if you're using the latest version):
-
ah okay. Sorry for the mistake. we are using json-smart 2.3 I think I will give the bug report to them then :-) thx for the support so far. :-)
-
- changed status to invalid
Closing the ticket as not applicable.
Happy coding! :)
- Log in to comment
sorry for this horrible bug report... I attach some files that are formatted appropriately