Fix null check for privileges in OktaOAuthAuthenticationService

Added code to handle scenarios where the 'privileges' set could potentially be null in OktaOAuthAuthenticationService. This prevents null pointer exceptions and ensures the set is initialized before usage. The 'addNhanesPrivileges' method has been updated accordingly.
hms-dbmi · Feb 14, 2024 · 087f528 · 087f528
1 parent ed225e0
commit 087f528
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/.../java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OktaOAuthAuthenticationService.java b/.../java/edu/harvard/hms/dbmi/avillach/auth/service/auth/OktaOAuthAuthenticationService.java
@@ -157,7 +157,10 @@ private User loadUser(JsonNode introspectResponse) {
     }
 
     private Set<Privilege> addNhanesPrivileges(Set<Privilege> privileges) {
-
+        if (privileges == null) {
+            privileges = new HashSet<>();
+        }
+
         String consent_concept_path = JAXRSConfiguration.fence_parent_consent_group_concept_path;
         if (!consent_concept_path.contains("\\\\")) {
             //these have to be escaped again so that jaxson can convert it correctly