diff --git a/components/mediation/inbound-endpoints/org.wso2.micro.integrator.inbound.endpoint/src/main/java/org/wso2/carbon/inbound/endpoint/internal/http/api/InternalAPIDispatcher.java b/components/mediation/inbound-endpoints/org.wso2.micro.integrator.inbound.endpoint/src/main/java/org/wso2/carbon/inbound/endpoint/internal/http/api/InternalAPIDispatcher.java index 613ea8820b..0e74df3727 100644 --- a/components/mediation/inbound-endpoints/org.wso2.micro.integrator.inbound.endpoint/src/main/java/org/wso2/carbon/inbound/endpoint/internal/http/api/InternalAPIDispatcher.java +++ b/components/mediation/inbound-endpoints/org.wso2.micro.integrator.inbound.endpoint/src/main/java/org/wso2/carbon/inbound/endpoint/internal/http/api/InternalAPIDispatcher.java @@ -28,6 +28,7 @@ import org.apache.synapse.rest.RESTConstants; import org.apache.synapse.rest.RESTUtils; +import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -110,7 +111,11 @@ private APIResource findResource(MessageContext synCtx, InternalAPI internalApi) subPath = "/"; } - for (APIResource resource : internalApi.getResources()) { + APIResource[] resources = internalApi.getResources(); + if (resources == null) { + return null; + } + for (APIResource resource : resources) { if (!resource.getMethods().contains(method)) { continue; } diff --git a/components/org.wso2.micro.integrator.extensions/org.wso2.micro.integrator.management.apis/src/main/java/org/wso2/micro/integrator/management/apis/LoginResource.java b/components/org.wso2.micro.integrator.extensions/org.wso2.micro.integrator.management.apis/src/main/java/org/wso2/micro/integrator/management/apis/LoginResource.java index 72de2d986a..cf8395def8 100644 --- a/components/org.wso2.micro.integrator.extensions/org.wso2.micro.integrator.management.apis/src/main/java/org/wso2/micro/integrator/management/apis/LoginResource.java +++ b/components/org.wso2.micro.integrator.extensions/org.wso2.micro.integrator.management.apis/src/main/java/org/wso2/micro/integrator/management/apis/LoginResource.java @@ -74,7 +74,12 @@ public Set getMethods() { public boolean invoke(MessageContext messageContext, org.apache.axis2.context.MessageContext axis2MessageContext, SynapseConfiguration synapseConfiguration) { - if (!JWTConfig.getInstance().getJwtConfigDto().isJwtHandlerEngaged()) { + JWTConfig jwtConfig = JWTConfig.getInstance(); + if (jwtConfig == null || jwtConfig.getJwtConfigDto() == null) { + handleServerError(axis2MessageContext, "JWT configuration error"); + return true; + } + if (!jwtConfig.getJwtConfigDto().isJwtHandlerEngaged()) { LOG.error("/Login is accessible only when JWT based auth handler is engaged"); handleServerError(axis2MessageContext, "Login is accessible only when JWT based auth handler is engaged"); return true; @@ -82,7 +87,7 @@ public boolean invoke(MessageContext messageContext, org.apache.axis2.context.Me //Init token store JWTTokenStore tokenStore = - JWTInMemoryTokenStore.getInstance(JWTConfig.getInstance().getJwtConfigDto().getTokenStoreSize()); + JWTInMemoryTokenStore.getInstance(jwtConfig.getJwtConfigDto().getTokenStoreSize()); //UUID used as unique token UUID uuid = UUID.randomUUID(); diff --git a/components/org.wso2.micro.integrator.extensions/org.wso2.micro.integrator.management.apis/src/main/java/org/wso2/micro/integrator/management/apis/security/handler/JWTInMemoryTokenStore.java b/components/org.wso2.micro.integrator.extensions/org.wso2.micro.integrator.management.apis/src/main/java/org/wso2/micro/integrator/management/apis/security/handler/JWTInMemoryTokenStore.java index 27716dfe75..69077950f2 100644 --- a/components/org.wso2.micro.integrator.extensions/org.wso2.micro.integrator.management.apis/src/main/java/org/wso2/micro/integrator/management/apis/security/handler/JWTInMemoryTokenStore.java +++ b/components/org.wso2.micro.integrator.extensions/org.wso2.micro.integrator.management.apis/src/main/java/org/wso2/micro/integrator/management/apis/security/handler/JWTInMemoryTokenStore.java @@ -79,6 +79,9 @@ private static void setTokenStore(Map tokenStore) { @Override public JWTTokenInfoDTO getToken(String token) { + if (getTokenStore() == null) { + return null; + } return getTokenStore().get(token); }