1. connect2id Avatar connect2id
  2. OAuth
  3. OAuth 2.0 SDK with OpenID Connect extensions
  4. Issues

JSON object member with key "scope" has null value

Issue #281 resolved
Vincent Ricard created an issue

Hi,

I use Spring security 5 to make some oauth authorizations. One of my partners returns this kind of oauth response:

{"access_token":"valid access token with a lot of characters","expires_in":1800,"
token_type":"bearer","scope":null,"refresh_token":"valid refresh token"}

With this response, i get the following exception:

com.nimbusds.oauth2.sdk.ParseException: JSON object member with key "scope" has null value

According to the specification, the ‘scope’ attribute is optional. I read through the source code, and it seems the Scope#parse method handles the null value:

if (s == null)
   return null;

So, do you think you can remove the check about the exception?

Regards

Comments (4)

  1. Vincent Ricard reporter

    Maybe we could change (in BearerAccessToken#parse)

    if (jsonObject.containsKey("scope"))
   scope = Scope.parse(JSONObjectUtils.getString(jsonObject, "scope"));

    to

    if (jsonObject.containsKey("scope"))
   scope = Scope.parse(JSONObjectUtils.getString(jsonObject, "scope", null));

  5. Log in to comment
Assignee
Type
bug
Priority
major
Status
resolved
Milestone
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!