Details
-
Bug
-
Resolution: Done
-
Major
-
RH-SSO-7.0.0.GA
-
None
-
None
Description
When Account page is accessed with ?referrer set to one that does not exist, and referrer_uri set, the NPE is thrown:
Caused by: java.lang.NullPointerException at org.keycloak.protocol.oidc.utils.RedirectUtils.verifyRedirectUri(RedirectUtils.java:44) at org.keycloak.services.resources.AccountService.getReferrer(AccountService.java:816) at org.keycloak.services.resources.AccountService.setReferrerOnPage(AccountService.java:242) at org.keycloak.services.resources.AccountService.forwardToPage(AccountService.java:222) at org.keycloak.services.resources.AccountService.accountPage(AccountService.java:269)
It looks like incorrect argument is passed to RedirectUtils#verifyRedirectUri() causing client in this line to be null.
The code there is wrong, and should either be:
if (client != null) { referrerUri = RedirectUtils.verifyRedirectUri(uriInfo, referrerUri, realm, client); ... }
Or:
if (referrerClient != null) { referrerUri = RedirectUtils.verifyRedirectUri(uriInfo, referrerUri, realm, referrerClient); ... }
I assume the idea was to use the first solution in order to allow a fallback to referrer_uri when referrer is not found, but that won't work. The reason is that the fallback client represents current /account page, and has a preconfigured Valid Redirect URIs which don't include any other app redirecting to Account page. Passed referrer_uri which is app specific is thus rejected as valid, and resulting referrerUri is null.
This whole code block is thus effectively a no-op.