Merge pull request #6934 from ORCID/NPEOnSocialSignin

Fix NPE on social sign in
ORCID · Nov 16, 2023 · 4bf960c · 4bf960c
2 parents b531efe + 963a781
commit 4bf960c
Show file tree

Hide file tree

Showing 9 changed files with 36 additions and 42 deletions.
diff --git a/orcid-core/src/main/java/org/orcid/core/common/manager/EventManager.java b/orcid-core/src/main/java/org/orcid/core/common/manager/EventManager.java
@@ -11,6 +11,6 @@
  */
 public interface EventManager {
 
-    void createEvent(String orcid, EventType eventType, HttpServletRequest request);
+    void createEvent(EventType eventType, HttpServletRequest request);
 
 }
diff --git a/orcid-core/src/main/java/org/orcid/core/common/manager/impl/EventManagerImpl.java b/orcid-core/src/main/java/org/orcid/core/common/manager/impl/EventManagerImpl.java
@@ -39,42 +39,36 @@ public class EventManagerImpl implements EventManager {
     private RecordNameManagerReadOnly recordNameManagerReadOnly;   
 
     @Override
-    public void createEvent(String orcid, EventType eventType, HttpServletRequest request) {
+    public void createEvent(EventType eventType, HttpServletRequest request) {
         String label = "Website";
         String clientId = null;
-        String publicPage = null;
 
-        if (eventType == EventType.PUBLIC_PAGE) {
-            publicPage = orcid;
-            orcid = null;
-        } else {
-            if (request != null) {
-                Boolean isOauth2ScreensRequest = (Boolean) request.getSession().getAttribute(OrcidOauth2Constants.OAUTH_2SCREENS);
-                RequestInfoForm requestInfoForm = (RequestInfoForm) request.getSession().getAttribute("requestInfoForm");
-                if (requestInfoForm != null) {
-                    clientId = requestInfoForm.getClientId();
-                    label = "OAuth " + requestInfoForm.getMemberName() + " " + requestInfoForm.getClientName();
-                } else if (isOauth2ScreensRequest != null && isOauth2ScreensRequest) {
-                    String queryString = (String) request.getSession().getAttribute(OrcidOauth2Constants.OAUTH_QUERY_STRING);
-                    clientId = getParameterValue(queryString, "client_id");
-                    ClientDetailsEntity clientDetailsEntity = clientDetailsEntityCacheManager.retrieve(clientId);
-                    String memberName = "";
-                    String clientName = clientDetailsEntity.getClientName();
+        if (request != null) {
+            Boolean isOauth2ScreensRequest = (Boolean) request.getSession().getAttribute(OrcidOauth2Constants.OAUTH_2SCREENS);
+            RequestInfoForm requestInfoForm = (RequestInfoForm) request.getSession().getAttribute("requestInfoForm");
+            if (requestInfoForm != null) {
+                clientId = requestInfoForm.getClientId();
+                label = "OAuth " + requestInfoForm.getMemberName() + " " + requestInfoForm.getClientName();
+            } else if (isOauth2ScreensRequest != null && isOauth2ScreensRequest) {
+                String queryString = (String) request.getSession().getAttribute(OrcidOauth2Constants.OAUTH_QUERY_STRING);
+                clientId = getParameterValue(queryString, "client_id");
+                ClientDetailsEntity clientDetailsEntity = clientDetailsEntityCacheManager.retrieve(clientId);
+                String memberName = "";
+                String clientName = clientDetailsEntity.getClientName();
 
-                    if (ClientType.PUBLIC_CLIENT.equals(clientDetailsEntity.getClientType())) {
-                        memberName = "PubApp";
-                    } else if (!PojoUtil.isEmpty(clientDetailsEntity.getGroupProfileId())) {
-                        Name name = recordNameManagerReadOnly.getRecordName(clientDetailsEntity.getGroupProfileId());
-                        if (name != null) {
-                            memberName = name.getCreditName() != null ? name.getCreditName().getContent() : "";
-                        }
+                if (ClientType.PUBLIC_CLIENT.equals(clientDetailsEntity.getClientType())) {
+                    memberName = "PubApp";
+                } else if (!PojoUtil.isEmpty(clientDetailsEntity.getGroupProfileId())) {
+                    Name name = recordNameManagerReadOnly.getRecordName(clientDetailsEntity.getGroupProfileId());
+                    if (name != null) {
+                        memberName = name.getCreditName() != null ? name.getCreditName().getContent() : "";
                     }
+                }
 
-                    if (StringUtils.isBlank(memberName)) {
-                        memberName = clientName;
-                    }
-                    label = "OAuth " + memberName + " " + clientName;
+                if (StringUtils.isBlank(memberName)) {
+                    memberName = clientName;
                 }
+                label = "OAuth " + memberName + " " + clientName;
             }
         }
 

diff --git a/orcid-web/src/main/java/org/orcid/frontend/oauth2/OauthController.java b/orcid-web/src/main/java/org/orcid/frontend/oauth2/OauthController.java
@@ -97,7 +97,7 @@ public class OauthController {
             if (responseParam != null && !responseParam.isEmpty() && !PojoUtil.isEmpty(responseParam.get(0))) {
                 isResponseSet = true;
                 if (Features.EVENTS.isActive()) {
-                    eventManager.createEvent(requestInfoForm.getUserOrcid(), EventType.REAUTHORIZE, request);
+                    eventManager.createEvent(EventType.REAUTHORIZE, request);
                 }
             }
         }

diff --git a/orcid-web/src/main/java/org/orcid/frontend/spring/AjaxAuthenticationSuccessHandler.java b/orcid-web/src/main/java/org/orcid/frontend/spring/AjaxAuthenticationSuccessHandler.java
@@ -26,7 +26,7 @@ public class AjaxAuthenticationSuccessHandler extends AjaxAuthenticationSuccessH
     public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
     	String targetUrl = getTargetUrl(request, response, authentication);
         if (Features.EVENTS.isActive()) {
-            eventManager.createEvent(authentication.getPrincipal().toString(), EventType.SIGN_IN, request);
+            eventManager.createEvent(EventType.SIGN_IN, request);
         }
         response.setContentType("application/json");
         response.getWriter().println("{\"success\": true, \"url\": \"" + targetUrl.replaceAll("^/", "") + "\"}");        

diff --git a/orcid-web/src/main/java/org/orcid/frontend/web/controllers/LoginController.java b/orcid-web/src/main/java/org/orcid/frontend/web/controllers/LoginController.java
@@ -3,7 +3,6 @@
 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
 import java.net.MalformedURLException;
-import java.util.Iterator;
 import java.util.UUID;
 
 import javax.annotation.Resource;
@@ -335,24 +334,25 @@ private ModelAndView processSocialLogin(HttpServletRequest request, HttpServletR
             } else {
                 // Forward to account link page
                 view = socialLinking(request);
-            }   
+            }            
         } else {
             // Store relevant data in the session
             socialSignInUtils.setSignedInData(request, userData);
             // Store user info
             userConnectionId = createUserConnection(socialType, providerUserId, userData.getString(OrcidOauth2Constants.EMAIL),
                     userData.getString(OrcidOauth2Constants.DISPLAY_NAME), accessToken, expiresIn);
             // Forward to account link page
-            view = socialLinking(request);
+            view = socialLinking(request);            
         }
         if (userConnectionId == null) {
             throw new IllegalArgumentException("Unable to find userConnectionId for providerUserId = " + providerUserId);
         }
+
         if (Features.EVENTS.isActive()) {
-            eventManager.createEvent(userConnection.getOrcid(), EventType.SIGN_IN, request);
+            eventManager.createEvent(EventType.SIGN_IN, request);
         }
-        userCookieGenerator.addCookie(userConnectionId, response);
-
+        userCookieGenerator.addCookie(userConnectionId, response);        
+        
         if ("social_2FA".equals(view.getViewName())) {
             return new ModelAndView("redirect:" + calculateRedirectUrl("/2fa-signin?social=true"));
         }

diff --git a/orcid-web/src/main/java/org/orcid/frontend/web/controllers/OauthAuthorizeController.java b/orcid-web/src/main/java/org/orcid/frontend/web/controllers/OauthAuthorizeController.java
@@ -276,7 +276,7 @@ public ModelAndView loginGetHandler(HttpServletRequest request, HttpServletRespo
             } else {
                 orcid = auth.getPrincipal().toString();
             }
-            eventManager.createEvent(orcid, eventType, request);
+            eventManager.createEvent(eventType, request);
         }
         if(new HttpSessionRequestCache().getRequest(request, response) != null)
             new HttpSessionRequestCache().removeRequest(request, response);

diff --git a/orcid-web/src/main/java/org/orcid/frontend/web/controllers/PublicRecordController.java b/orcid-web/src/main/java/org/orcid/frontend/web/controllers/PublicRecordController.java
@@ -185,7 +185,7 @@ PublicRecord getPublicRecord(@PathVariable("orcid") String orcid) {
 
         try {
             if (Features.EVENTS.isActive()) {
-                eventManager.createEvent(orcid, EventType.PUBLIC_PAGE, null);
+                eventManager.createEvent(EventType.PUBLIC_PAGE, null);
             }
             // Check if the profile is deprecated or locked
             orcidSecurityManager.checkProfile(orcid);

diff --git a/orcid-web/src/main/java/org/orcid/frontend/web/controllers/RegistrationController.java b/orcid-web/src/main/java/org/orcid/frontend/web/controllers/RegistrationController.java
@@ -282,7 +282,7 @@ public void validateGrcaptcha(HttpServletRequest request, @RequestBody Registrat
             // Ip
             String ip = OrcidRequestUtil.getIpAddress(request);
             if (Features.EVENTS.isActive()) {
-                eventManager.createEvent(getCurrentUserOrcid(), EventType.NEW_REGISTRATION, request);
+                eventManager.createEvent(EventType.NEW_REGISTRATION, request);
             }
             createMinimalRegistrationAndLogUserIn(request, response, reg, usedCaptcha, locale, ip);
         } catch (Exception e) {

diff --git a/orcid-web/src/main/java/org/orcid/frontend/web/controllers/ShibbolethController.java b/orcid-web/src/main/java/org/orcid/frontend/web/controllers/ShibbolethController.java
@@ -173,7 +173,7 @@ public ModelAndView signinHandler(HttpServletRequest request, HttpServletRespons
                 processAuthentication(remoteUser, userConnectionEntity);
                 if (Features.EVENTS.isActive()) {
                     OrcidProfileUserDetails orcidProfileUserDetails = getOrcidProfileUserDetails(userConnectionEntity.getOrcid());
-                    eventManager.createEvent(orcidProfileUserDetails.getOrcid(), EventType.SIGN_IN, request);
+                    eventManager.createEvent(EventType.SIGN_IN, request);
                 }
             } catch (AuthenticationException e) {
                 // this should never happen