[JIRA] (JENKINS-36706) When OAuth session expires, an ugly NPE is shown in Jenkins

3 views
Skip to first unread message

guillermo@elasticbox.com (JIRA)

unread,
Jul 15, 2016, 4:24:02 AM7/15/16
to jenkinsc...@googlegroups.com
Guillermo Sanchez Urien created an issue
 
Jenkins / Bug JENKINS-36706
When OAuth session expires, an ugly NPE is shown in Jenkins
Issue Type: Bug Bug
Assignee: recampbell
Attachments: Screen Shot 2016-07-15 at 10.08.46.png
Components: google-login-plugin
Created: 2016/Jul/15 8:23 AM
Environment: Tested with both:
- Jenkins ver. 1.642.1 & google-login-plugin 1.1
- Jenkins ver. 1.644 & google-login 1.2.1
Labels: plugin authentication
Priority: Major Major
Reporter: Guillermo Sanchez Urien

When you use google-login to authenticate in Jenkins, and you spend some time without doing anything, the OAuth session expires and an ugly NullPointerException error is show in Jenkins.
(See screenshot)

The error is caused by:
return OAuthSession.getCurrent().doFinishLogin(request);
when "OAuthSession.getCurrent()" is null.

Could you please manage this event and show a graceful message for the expiration and also asking the user to log in again?

When this error happens, it is also anoying that you have to press back in the browser (and depending where you were, that may end up with another error, if you were in a page that requires authorization), and then click on the login link in the upper right, so if the situation is controlled, it would offer a faster way for the user to log in again.

Thanks!
Add Comment Add Comment
 
This message was sent by Atlassian JIRA (v7.1.7#71011-sha1:2526d7c)
Atlassian logo

ryan.campbell@gmail.com (JIRA)

unread,
Feb 4, 2017, 1:36:01 PM2/4/17
to jenkinsc...@googlegroups.com
recampbell commented on Bug JENKINS-36706
 
Re: When OAuth session expires, an ugly NPE is shown in Jenkins

What would make this bug report more useful:

  • Cut and paste the entire error message. Your screen shot cuts off the most important part and I can't cut&paste this into my editor to find the relevant lines.
  • Provide actual steps to reproduce. I have no idea what you mean by "oauth session expires" I'm just guessing, but I think this is?
  1. Login to google with at least two accounts
  2. Setup the security realm with a valid oauth token and secret
  3. Attempt to login to Jenkins using the login link in the upper right hand side
  4. You are presented with a list of accounts to use for login
  5. Wait for some long period?
  6. Finally select the account you want to login with

Is that what you mean?

ryan.campbell@gmail.com (JIRA)

unread,
Feb 4, 2017, 1:39:01 PM2/4/17
to jenkinsc...@googlegroups.com

OK, I was able to reproduce this by restarting Jenkins instead of step 5 above.

And you were nice enough to tell me exactly where the bug was, so thanks for that.

The full stack trace:

javax.servlet.ServletException: java.lang.NullPointerException
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:778)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858)
	at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:210)
	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:631)
	at org.kohsuke.stapler.Stapler.service(Stapler.java:225)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:96)
	at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:88)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:174)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:79)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:553)
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)
	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
	at org.eclipse.jetty.server.Server.handle(Server.java:499)
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
	at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
	at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.NullPointerException
	at org.jenkinsci.plugins.googlelogin.GoogleOAuth2SecurityRealm.doFinishLogin(GoogleOAuth2SecurityRealm.java:246)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:483)
	at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298)
	at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161)
	at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96)
	at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:120)
	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728)
	... 59 more

scm_issue_link@java.net (JIRA)

unread,
Feb 4, 2017, 3:53:01 PM2/4/17
to jenkinsc...@googlegroups.com

Code changed in jenkins
User: Ryan Campbell
Path:
src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java
src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java
http://jenkins-ci.org/commit/google-login-plugin/36670d149a2c5748c61f087a2cd035108461bc5c
Log:
JENKINS-36706: Handle session timeout better

scm_issue_link@java.net (JIRA)

unread,
Feb 4, 2017, 3:58:01 PM2/4/17
to jenkinsc...@googlegroups.com

Code changed in jenkins
User: Ryan Campbell
Path:
src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java
src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java


Log:
JENKINS-36706 Handle session timeout better

jenkins-ci@carlossanchez.eu (JIRA)

unread,
May 29, 2018, 8:55:02 AM5/29/18
to jenkinsc...@googlegroups.com
Carlos Sanchez started work on Bug JENKINS-36706
 
Change By: Carlos Sanchez
Status: Open In Progress
This message was sent by Atlassian JIRA (v7.3.0#73011-sha1:3c73d0e)
Atlassian logo

jenkins-ci@carlossanchez.eu (JIRA)

unread,
May 29, 2018, 8:55:03 AM5/29/18
to jenkinsc...@googlegroups.com
Change By: Carlos Sanchez
Status: In Progress Review

vincent@latombe.net (JIRA)

unread,
May 29, 2018, 8:57:04 AM5/29/18
to jenkinsc...@googlegroups.com
Change By: Vincent Latombe
Status: In Review Resolved
Resolution: Fixed

scm_issue_link@java.net (JIRA)

unread,
May 29, 2018, 8:57:04 AM5/29/18
to jenkinsc...@googlegroups.com

Code changed in jenkins
User: Vincent Latombe
Path:
src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java
src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java
http://jenkins-ci.org/commit/google-login-plugin/bca0482c0543f921f71ab1594f6dd4d3f519445a
Log:
Merge pull request #8 from jenkinsci/JENKINS-36706

JENKINS-36706: Handle session timeout better

Compare: https://github.com/jenkinsci/google-login-plugin/compare/62a911674f5c...bca0482c0543
*NOTE:* This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/

Functionality will be removed from GitHub.com on January 31st, 2019.
Reply all
Reply to author
Forward
0 new messages