From 6fd8710309da431d54b6ea84b261d62a1d30348d Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 2 Feb 2024 11:04:23 +0100
Subject: fix(core): possible NullPointerException during get generic data from
 session

---
 .../impl/idp/controller/protocols/RequestImpl.java | 79 ++++++++++------------
 1 file changed, 37 insertions(+), 42 deletions(-)

(limited to 'eaaf_core')

diff --git a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
index f5703cab..ee4f2aaf 100644
--- a/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
+++ b/eaaf_core/src/main/java/at/gv/egiz/eaaf/core/impl/idp/controller/protocols/RequestImpl.java
@@ -109,7 +109,7 @@ public abstract class RequestImpl implements IRequest, Serializable {
   private boolean needUserConsent = false;
 
   private boolean currentlyInIframe = false;
-  
+
   private final Map<String, Object> genericDataStorage = new HashMap<>();
 
   /**
@@ -129,9 +129,10 @@ public abstract class RequestImpl implements IRequest, Serializable {
   /**
    * Initialize this pendingRequest object.
    *
-   * @param req        {@link HttpServletRequest}
-   * @param authConfig {@link IConfiguration}
-   * @param transactionId Unique ID for technical log correlation that should be used in this pendingRequest
+   * @param req           {@link HttpServletRequest}
+   * @param authConfig    {@link IConfiguration}
+   * @param transactionId Unique ID for technical log correlation that should be
+   *                      used in this pendingRequest
    * @throws EaafException
    *
    */
@@ -144,11 +145,13 @@ public abstract class RequestImpl implements IRequest, Serializable {
   /**
    * Initialize this pendingRequest object.
    *
-   * @param req           {@link HttpServletRequest}
-   * @param authConfig    {@link IConfiguration}
-   * @param transactionId Unique ID for technical log correlation that should be used in this pendingRequest
-   * @param piiTransactionId Unique ID for PII data correlation that should be used in this pendingRequest
-   *                      for logging. If 'null' a new one will be generated
+   * @param req              {@link HttpServletRequest}
+   * @param authConfig       {@link IConfiguration}
+   * @param transactionId    Unique ID for technical log correlation that should
+   *                         be used in this pendingRequest
+   * @param piiTransactionId Unique ID for PII data correlation that should be
+   *                         used in this pendingRequest for logging. If 'null' a
+   *                         new one will be generated
    *
    * @throws EaafException
    *
@@ -235,7 +238,6 @@ public abstract class RequestImpl implements IRequest, Serializable {
     this.passiv = passiv;
   }
 
-
   public final void setForce(final boolean force) {
     this.force = force;
   }
@@ -335,7 +337,7 @@ public abstract class RequestImpl implements IRequest, Serializable {
 
   /**
    * Inject Service-Provider configuration into that authentication process.
-   * 
+   *
    * @param spConfig SP configuration
    */
   @JsonIgnore
@@ -370,8 +372,8 @@ public abstract class RequestImpl implements IRequest, Serializable {
   }
 
   /**
-   * Set an unique transaction identifier to correlate technical logging
-   *     in one single transaction.
+   * Set an unique transaction identifier to correlate technical logging in one
+   * single transaction.
    *
    * @param id Unique identifier
    */
@@ -381,8 +383,8 @@ public abstract class RequestImpl implements IRequest, Serializable {
   }
 
   /**
-   * Set an unique session identifier to correlate technical logging over a set of transactions,
-   *   like SSO as one example.
+   * Set an unique session identifier to correlate technical logging over a set of
+   * transactions, like SSO as one example.
    *
    * @param id Unique identifier
    */
@@ -394,7 +396,9 @@ public abstract class RequestImpl implements IRequest, Serializable {
   /**
    * Set an unique transaction identifier to correlate PII related data.
    *
-   * <p>This identifier will be not used for technical logging.</p>
+   * <p>
+   * This identifier will be not used for technical logging.
+   * </p>
    *
    * @param id Unique identifier
    */
@@ -403,7 +407,6 @@ public abstract class RequestImpl implements IRequest, Serializable {
 
   }
 
-
   public void setProcessInstanceId(final String id) {
     this.processInstanceId = id;
 
@@ -488,44 +491,35 @@ public abstract class RequestImpl implements IRequest, Serializable {
   @Override
   public void setProcessInFrame(boolean flag) {
     this.currentlyInIframe = flag;
-    
-  }
-  
-  @Override
-  public final Object getRawData(final String key) {
-    if (StringUtils.isNotEmpty(key)) {
-      return objectSaveJsonDeserialization(genericDataStorage.get(key));
 
-    }
-
-    log.info("Can not load generic request-data with key='null'");
-    return null;
   }
 
   @Override
-  public final <T> T getRawData(final String key, final Class<T> clazz) {
+  public final Object getRawData(final String key) {
     if (StringUtils.isNotEmpty(key)) {
       final Object data = genericDataStorage.get(key);
-
       if (data == null) {
         return null;
 
       }
+      return objectSaveJsonDeserialization(genericDataStorage.get(key));
 
-      try {
-        Object deserializedObject = objectSaveJsonDeserialization(data);
-        return deserializedObject != null ? (T) deserializedObject : null;
-
-      } catch (final Exception e) {
-        log.warn("Generic request-data object can not be casted to requested type", e);
-        return null;
-
-      }
     }
 
     log.info("Can not load generic request-data with key='null'");
     return null;
+  }
+
+  @Override
+  public final <T> T getRawData(final String key, final Class<T> clazz) {
+    try {
+      final Object deserializedObject = getRawData(key);
+      return deserializedObject != null ? (T) deserializedObject : null;
 
+    } catch (final Exception e) {
+      log.warn("Generic request-data object can not be casted to requested type", e);
+      return null;
+    }
   }
 
   @Override
@@ -572,6 +566,7 @@ public abstract class RequestImpl implements IRequest, Serializable {
 
   }
 
+  @Override
   public final void removeRawDataFromTransaction(String key) {
     genericDataStorage.remove(key);
 
@@ -584,7 +579,7 @@ public abstract class RequestImpl implements IRequest, Serializable {
           .clazzzType(object.getClass().getName())
           .build());
 
-    } catch (EaafJsonMapperException e) {
+    } catch (final EaafJsonMapperException e) {
       throw new EaafStorageException("Can no serialize object to JSON", e);
 
     }
@@ -593,9 +588,9 @@ public abstract class RequestImpl implements IRequest, Serializable {
   private Object objectSaveJsonDeserialization(Object data) {
     try {
       if (data instanceof String) {
-        RawDataHolder holder = (RawDataHolder) DefaultJsonMapper.deserialize(
+        final RawDataHolder holder = (RawDataHolder) DefaultJsonMapper.deserialize(
             (String) data, RawDataHolder.class);
-        Class<?> clz = Class.forName(holder.getClazzzType());
+        final Class<?> clz = Class.forName(holder.getClazzzType());
         return DefaultJsonMapper.deserialize(holder.getObject(), clz);
 
       } else {
-- 
cgit v1.2.3