[JENKINS-36706] When OAuth session expires, an ugly NPE is shown in Jenkins

Type: Bug
Resolution: Fixed
Priority: Major
Component/s: google-login-plugin
Labels:
- authentication
- plugin
Environment:
Tested with both:
- Jenkins ver. 1.642.1 & google-login-plugin 1.1
- Jenkins ver. 1.644 & google-login 1.2.1

Similar Issues:
Powered by SuggestiMate

Show

When you use google-login to authenticate in Jenkins, and you spend some time without doing anything, the OAuth session expires and an ugly NullPointerException error is show in Jenkins.
(See screenshot)

The error is caused by:
return OAuthSession.getCurrent().doFinishLogin(request);
when "OAuthSession.getCurrent()" is null.

Could you please manage this event and show a graceful message for the expiration and also asking the user to log in again?

When this error happens, it is also anoying that you have to press back in the browser (and depending where you were, that may end up with another error, if you were in a page that requires authorization), and then click on the login link in the upper right, so if the situation is controlled, it would offer a faster way for the user to log in again.

Thanks!

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

Screen Shot 2016-07-15 at 10.08.46.png
638 kB
2016-07-15 08:20

links to

PR

Ryan Campbell added a comment - 2017-02-04 18:35

What would make this bug report more useful:

Cut and paste the entire error message. Your screen shot cuts off the most important part and I can't cut&paste this into my editor to find the relevant lines.
Provide actual steps to reproduce. I have no idea what you mean by "oauth session expires" I'm just guessing, but I think this is?

Login to google with at least two accounts
Setup the security realm with a valid oauth token and secret
Attempt to login to Jenkins using the login link in the upper right hand side
You are presented with a list of accounts to use for login
Wait for some long period?
Finally select the account you want to login with

Is that what you mean?

Ryan Campbell added a comment - 2017-02-04 18:35 What would make this bug report more useful: Cut and paste the entire error message. Your screen shot cuts off the most important part and I can't cut&paste this into my editor to find the relevant lines. Provide actual steps to reproduce. I have no idea what you mean by "oauth session expires" I'm just guessing, but I think this is? Login to google with at least two accounts Setup the security realm with a valid oauth token and secret Attempt to login to Jenkins using the login link in the upper right hand side You are presented with a list of accounts to use for login Wait for some long period? Finally select the account you want to login with Is that what you mean?

Ryan Campbell added a comment - 2017-02-04 18:38

OK, I was able to reproduce this by restarting Jenkins instead of step 5 above.

And you were nice enough to tell me exactly where the bug was, so thanks for that.

The full stack trace:

javax.servlet.ServletException: java.lang.NullPointerException
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:778)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858)
	at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:210)
	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858)
	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:631)
	at org.kohsuke.stapler.Stapler.service(Stapler.java:225)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669)
	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:96)
	at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:88)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
	at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:174)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:79)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:553)
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)
	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
	at org.eclipse.jetty.server.Server.handle(Server.java:499)
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
	at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
	at java.lang.Thread.run(Thread.java:745)
Caused by: java.lang.NullPointerException
	at org.jenkinsci.plugins.googlelogin.GoogleOAuth2SecurityRealm.doFinishLogin(GoogleOAuth2SecurityRealm.java:246)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:483)
	at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298)
	at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161)
	at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96)
	at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:120)
	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728)
	... 59 more

Ryan Campbell added a comment - 2017-02-04 18:38 OK, I was able to reproduce this by restarting Jenkins instead of step 5 above. And you were nice enough to tell me exactly where the bug was, so thanks for that. The full stack trace: javax.servlet.ServletException: java.lang.NullPointerException at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:778) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858) at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:210) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:631) at org.kohsuke.stapler.Stapler.service(Stapler.java:225) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:96) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:88) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:174) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:79) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:553) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215) at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) at org.eclipse.jetty.server.Server.handle(Server.java:499) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555) at java.lang. Thread .run( Thread .java:745) Caused by: java.lang.NullPointerException at org.jenkinsci.plugins.googlelogin.GoogleOAuth2SecurityRealm.doFinishLogin(GoogleOAuth2SecurityRealm.java:246) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:483) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:120) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728) ... 59 more

SCM/JIRA link daemon added a comment - 2017-02-04 20:52

Code changed in jenkins
User: Ryan Campbell
Path:
src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java
src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java
http://jenkins-ci.org/commit/google-login-plugin/36670d149a2c5748c61f087a2cd035108461bc5c
Log:
~~JENKINS-36706~~: Handle session timeout better

SCM/JIRA link daemon added a comment - 2017-02-04 20:52 Code changed in jenkins User: Ryan Campbell Path: src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java http://jenkins-ci.org/commit/google-login-plugin/36670d149a2c5748c61f087a2cd035108461bc5c Log: JENKINS-36706 : Handle session timeout better

SCM/JIRA link daemon added a comment - 2017-02-04 20:57

Code changed in jenkins
User: Ryan Campbell
Path:
src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java
src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java
http://jenkins-ci.org/commit/google-login-plugin/3d999a0a3ab79f3b0715c7cb293a4a9e58a7881f
Log:
~~JENKINS-36706~~ Handle session timeout better

SCM/JIRA link daemon added a comment - 2017-02-04 20:57 Code changed in jenkins User: Ryan Campbell Path: src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java http://jenkins-ci.org/commit/google-login-plugin/3d999a0a3ab79f3b0715c7cb293a4a9e58a7881f Log: JENKINS-36706 Handle session timeout better

SCM/JIRA link daemon added a comment - 2018-05-29 12:56

Code changed in jenkins
User: Vincent Latombe
Path:
src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java
src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java
http://jenkins-ci.org/commit/google-login-plugin/bca0482c0543f921f71ab1594f6dd4d3f519445a
Log:
Merge pull request #8 from jenkinsci/~~JENKINS-36706~~

~~JENKINS-36706~~: Handle session timeout better

Compare: https://github.com/jenkinsci/google-login-plugin/compare/62a911674f5c...bca0482c0543
*NOTE:* This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/

Functionality will be removed from GitHub.com on January 31st, 2019.

SCM/JIRA link daemon added a comment - 2018-05-29 12:56 Code changed in jenkins User: Vincent Latombe Path: src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java http://jenkins-ci.org/commit/google-login-plugin/bca0482c0543f921f71ab1594f6dd4d3f519445a Log: Merge pull request #8 from jenkinsci/ JENKINS-36706 JENKINS-36706 : Handle session timeout better Compare: https://github.com/jenkinsci/google-login-plugin/compare/62a911674f5c...bca0482c0543 * NOTE: * This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/ Functionality will be removed from GitHub.com on January 31st, 2019.

Details

Description

Attachments

Attachments

Issue Links

Activity

Collapse comment: Ryan Campbell added a comment - 2017-02-04 18:35

Expand comment: Ryan Campbell added a comment - 2017-02-04 18:35

Collapse comment: Ryan Campbell added a comment - 2017-02-04 18:38

Expand comment: Ryan Campbell added a comment - 2017-02-04 18:38

Collapse comment: SCM/JIRA link daemon added a comment - 2017-02-04 20:52

Expand comment: SCM/JIRA link daemon added a comment - 2017-02-04 20:52

Collapse comment: SCM/JIRA link daemon added a comment - 2017-02-04 20:57

Expand comment: SCM/JIRA link daemon added a comment - 2017-02-04 20:57

Collapse comment: SCM/JIRA link daemon added a comment - 2018-05-29 12:56

Expand comment: SCM/JIRA link daemon added a comment - 2018-05-29 12:56

People

Dates