Auth0.Android icon indicating copy to clipboard operation
Auth0.Android copied to clipboard
verified publisher icon auth0

NullPointException in OAuthManager

Open MarcusCwl opened this issue 3 years ago • 2 comments

Hi team

We recently found the Auth0 SDK contributing crash

Please check line 204 of OAuthManager

In the function AssertNoError The SDK forces an optional argument errorDescription as non-null which causes the NPE.

//Helper Methods
    @Throws(AuthenticationException::class)
    private fun assertNoError(errorValue: String?, errorDescription: String?) {
        if (errorValue == null) {
            return
        }
        ...
        ...
        when {
            ...
            ERROR_VALUE_UNAUTHORIZED.equals(errorValue, ignoreCase = true) -> {
                //Should not force errorDescription non-null
                throw AuthenticationException(ERROR_VALUE_UNAUTHORIZED, errorDescription!!)
            }
           ...
           ...
        }
    }

Please help check and fix.

MarcusCwl avatar Sep 01 '22 04:09 MarcusCwl

@MarcusCwl Thanks for raising this. Yes, we would have to fix this, but can you reproduce this issue? It would be better to understand more in details

poovamraj avatar Sep 09 '22 12:09 poovamraj

@poovamraj Thanks for your reply. Unfortunately, we can't reproduce by our self.

But I could share the stacktrace reported to our Prod Firebase dashboard

Caused by java.lang.NullPointerException
       at com.auth0.android.provider.OAuthManager.assertNoError(OAuthManager.kt:204)
       at com.auth0.android.provider.OAuthManager.resume(OAuthManager.kt:93)
       at com.auth0.android.provider.WebAuthProvider.resume(WebAuthProvider.java:70)
       at com.auth0.android.provider.AuthenticationActivity.deliverAuthenticationResult$auth0_release(AuthenticationActivity.kt:84)
       at com.auth0.android.provider.AuthenticationActivity.onResume(AuthenticationActivity.kt:53)
       at android.app.Instrumentation.callActivityOnResume(Instrumentation.java:1459)
       at android.app.Activity.performResume(Activity.java:8292)
       at android.app.ActivityThread.performResumeActivity(ActivityThread.java:4625)
       at android.app.ActivityThread.handleResumeActivity(ActivityThread.java:4667)
       at android.app.servertransaction.ResumeActivityItem.execute(ResumeActivityItem.java:52)
       at android.app.servertransaction.TransactionExecutor.executeLifecycleState(TransactionExecutor.java:176)
       at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:97)
       at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2172)
       at android.os.Handler.dispatchMessage(Handler.java:106)
       at android.os.Looper.loop(Looper.java:237)
       at android.app.ActivityThread.main(ActivityThread.java:8163)
       at java.lang.reflect.Method.invoke(Method.java)
       at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:656)
       at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:972)

MarcusCwl avatar Sep 21 '22 05:09 MarcusCwl

Hi @MarcusCwl are there still cases of this in your Firebase dashboard? If this is too frequent, we can avoid forced unwrapping or else we have to check this on the server end as there should be no cases in which the error description is null

poovamraj avatar Nov 06 '22 18:11 poovamraj

@MarcusCwl are you using this SDK to work with Auth0 or is it some other IdP?

poovamraj avatar Nov 16 '22 14:11 poovamraj

We will close this for now since it is not reproducible on our end and there is no community engagement on this. Please feel free to reopen this with more information.

poovamraj avatar Nov 27 '22 22:11 poovamraj

Hi @poovamraj Is there any updates? We are still seeing this crash on our firebase. I thought easier way for you is just Don't throw exception inside your SDK...

MarcusCwl avatar Feb 11 '23 09:02 MarcusCwl