Handle null pointers in server startup

Handle null pointers in server startup that would occur if management APIs are invoked during server startup with multiple threads. Fixes: #3571
wso2 · Oct 1, 2024 · da870c5 · da870c5
1 parent 5545f5f
commit da870c5
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 3 deletions.
diff --git a/...c/main/java/org/wso2/carbon/inbound/endpoint/internal/http/api/InternalAPIDispatcher.java b/...c/main/java/org/wso2/carbon/inbound/endpoint/internal/http/api/InternalAPIDispatcher.java
@@ -28,6 +28,7 @@
 import org.apache.synapse.rest.RESTConstants;
 import org.apache.synapse.rest.RESTUtils;
 
+import java.util.Arrays;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
@@ -110,7 +111,11 @@ private APIResource findResource(MessageContext synCtx, InternalAPI internalApi)
             subPath = "/";
         }
 
-        for (APIResource resource : internalApi.getResources()) {
+        APIResource[] resources = internalApi.getResources();
+        if (resources == null) {
+            return null;
+        }
+        for (APIResource resource : resources) {
             if (!resource.getMethods().contains(method)) {
                 continue;
             }

diff --git a/...anagement.apis/src/main/java/org/wso2/micro/integrator/management/apis/LoginResource.java b/...anagement.apis/src/main/java/org/wso2/micro/integrator/management/apis/LoginResource.java
@@ -74,15 +74,20 @@ public Set<String> getMethods() {
     public boolean invoke(MessageContext messageContext, org.apache.axis2.context.MessageContext axis2MessageContext,
                           SynapseConfiguration synapseConfiguration) {
 
-        if (!JWTConfig.getInstance().getJwtConfigDto().isJwtHandlerEngaged()) {
+        JWTConfig jwtConfig = JWTConfig.getInstance();
+        if (jwtConfig == null || jwtConfig.getJwtConfigDto() == null) {
+            handleServerError(axis2MessageContext, "JWT configuration error");
+            return true;
+        }
+        if (!jwtConfig.getJwtConfigDto().isJwtHandlerEngaged()) {
             LOG.error("/Login is accessible only when JWT based auth handler is engaged");
             handleServerError(axis2MessageContext, "Login is accessible only when JWT based auth handler is engaged");
             return true;
         }
 
         //Init token store
         JWTTokenStore tokenStore =
-                JWTInMemoryTokenStore.getInstance(JWTConfig.getInstance().getJwtConfigDto().getTokenStoreSize());
+                JWTInMemoryTokenStore.getInstance(jwtConfig.getJwtConfigDto().getTokenStoreSize());
 
         //UUID used as unique token
         UUID uuid = UUID.randomUUID();

diff --git a/...ava/org/wso2/micro/integrator/management/apis/security/handler/JWTInMemoryTokenStore.java b/...ava/org/wso2/micro/integrator/management/apis/security/handler/JWTInMemoryTokenStore.java
@@ -79,6 +79,9 @@ private static void setTokenStore(Map<String, JWTTokenInfoDTO> tokenStore) {
 
     @Override
     public JWTTokenInfoDTO getToken(String token) {
+        if (getTokenStore() == null) {
+            return null;
+        }
         return getTokenStore().get(token);
     }