Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-36706

When OAuth session expires, an ugly NPE is shown in Jenkins

    Details

    • Type: Bug
    • Status: Resolved (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Component/s: google-login-plugin
    • Environment:
      Tested with both:
      - Jenkins ver. 1.642.1 & google-login-plugin 1.1
      - Jenkins ver. 1.644 & google-login 1.2.1
    • Similar Issues:

      Description

      When you use google-login to authenticate in Jenkins, and you spend some time without doing anything, the OAuth session expires and an ugly NullPointerException error is show in Jenkins.
      (See screenshot)

      The error is caused by:
      return OAuthSession.getCurrent().doFinishLogin(request);
      when "OAuthSession.getCurrent()" is null.

      Could you please manage this event and show a graceful message for the expiration and also asking the user to log in again?

      When this error happens, it is also anoying that you have to press back in the browser (and depending where you were, that may end up with another error, if you were in a page that requires authorization), and then click on the login link in the upper right, so if the situation is controlled, it would offer a faster way for the user to log in again.

      Thanks!

        Attachments

          Issue Links

            Activity

            Hide
            recampbell Ryan Campbell added a comment -

            What would make this bug report more useful:

            • Cut and paste the entire error message. Your screen shot cuts off the most important part and I can't cut&paste this into my editor to find the relevant lines.
            • Provide actual steps to reproduce. I have no idea what you mean by "oauth session expires" I'm just guessing, but I think this is?
            1. Login to google with at least two accounts
            2. Setup the security realm with a valid oauth token and secret
            3. Attempt to login to Jenkins using the login link in the upper right hand side
            4. You are presented with a list of accounts to use for login
            5. Wait for some long period?
            6. Finally select the account you want to login with

            Is that what you mean?

            Show
            recampbell Ryan Campbell added a comment - What would make this bug report more useful: Cut and paste the entire error message. Your screen shot cuts off the most important part and I can't cut&paste this into my editor to find the relevant lines. Provide actual steps to reproduce. I have no idea what you mean by "oauth session expires" I'm just guessing, but I think this is? Login to google with at least two accounts Setup the security realm with a valid oauth token and secret Attempt to login to Jenkins using the login link in the upper right hand side You are presented with a list of accounts to use for login Wait for some long period? Finally select the account you want to login with Is that what you mean?
            Hide
            recampbell Ryan Campbell added a comment -

            OK, I was able to reproduce this by restarting Jenkins instead of step 5 above.

            And you were nice enough to tell me exactly where the bug was, so thanks for that.

            The full stack trace:

            javax.servlet.ServletException: java.lang.NullPointerException
            	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:778)
            	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858)
            	at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:210)
            	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
            	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728)
            	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858)
            	at org.kohsuke.stapler.Stapler.invoke(Stapler.java:631)
            	at org.kohsuke.stapler.Stapler.service(Stapler.java:225)
            	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
            	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812)
            	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669)
            	at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:96)
            	at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:88)
            	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
            	at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48)
            	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
            	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84)
            	at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51)
            	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
            	at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117)
            	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
            	at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125)
            	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
            	at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135)
            	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
            	at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271)
            	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
            	at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:174)
            	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
            	at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:79)
            	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
            	at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249)
            	at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67)
            	at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87)
            	at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76)
            	at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164)
            	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
            	at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46)
            	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
            	at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81)
            	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652)
            	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585)
            	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
            	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:553)
            	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223)
            	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127)
            	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515)
            	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
            	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061)
            	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
            	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215)
            	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110)
            	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
            	at org.eclipse.jetty.server.Server.handle(Server.java:499)
            	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311)
            	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
            	at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544)
            	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
            	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
            	at java.lang.Thread.run(Thread.java:745)
            Caused by: java.lang.NullPointerException
            	at org.jenkinsci.plugins.googlelogin.GoogleOAuth2SecurityRealm.doFinishLogin(GoogleOAuth2SecurityRealm.java:246)
            	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
            	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
            	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
            	at java.lang.reflect.Method.invoke(Method.java:483)
            	at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298)
            	at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161)
            	at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96)
            	at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:120)
            	at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53)
            	at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728)
            	... 59 more
            
            Show
            recampbell Ryan Campbell added a comment - OK, I was able to reproduce this by restarting Jenkins instead of step 5 above. And you were nice enough to tell me exactly where the bug was, so thanks for that. The full stack trace: javax.servlet.ServletException: java.lang.NullPointerException at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:778) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858) at org.kohsuke.stapler.MetaClass$4.doDispatch(MetaClass.java:210) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:858) at org.kohsuke.stapler.Stapler.invoke(Stapler.java:631) at org.kohsuke.stapler.Stapler.service(Stapler.java:225) at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:812) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1669) at hudson.util.PluginServletFilter$1.doFilter(PluginServletFilter.java:96) at hudson.util.PluginServletFilter.doFilter(PluginServletFilter.java:88) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at hudson.security.csrf.CrumbFilter.doFilter(CrumbFilter.java:48) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:84) at hudson.security.UnwrapSecurityExceptionFilter.doFilter(UnwrapSecurityExceptionFilter.java:51) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.ExceptionTranslationFilter.doFilter(ExceptionTranslationFilter.java:117) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.providers.anonymous.AnonymousProcessingFilter.doFilter(AnonymousProcessingFilter.java:125) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.rememberme.RememberMeProcessingFilter.doFilter(RememberMeProcessingFilter.java:135) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.AbstractProcessingFilter.doFilter(AbstractProcessingFilter.java:271) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.ui.basicauth.BasicProcessingFilter.doFilter(BasicProcessingFilter.java:174) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at jenkins.security.ApiTokenFilter.doFilter(ApiTokenFilter.java:79) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at org.acegisecurity.context.HttpSessionContextIntegrationFilter.doFilter(HttpSessionContextIntegrationFilter.java:249) at hudson.security.HttpSessionContextIntegrationFilter2.doFilter(HttpSessionContextIntegrationFilter2.java:67) at hudson.security.ChainedServletFilter$1.doFilter(ChainedServletFilter.java:87) at hudson.security.ChainedServletFilter.doFilter(ChainedServletFilter.java:76) at hudson.security.HudsonFilter.doFilter(HudsonFilter.java:164) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at org.kohsuke.stapler.compression.CompressionFilter.doFilter(CompressionFilter.java:46) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at hudson.util.CharacterEncodingFilter.doFilter(CharacterEncodingFilter.java:81) at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1652) at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:585) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143) at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:553) at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:223) at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1127) at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:515) at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1061) at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:215) at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:110) at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97) at org.eclipse.jetty.server.Server.handle(Server.java:499) at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:311) at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257) at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:544) at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635) at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555) at java.lang. Thread .run( Thread .java:745) Caused by: java.lang.NullPointerException at org.jenkinsci.plugins.googlelogin.GoogleOAuth2SecurityRealm.doFinishLogin(GoogleOAuth2SecurityRealm.java:246) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:483) at org.kohsuke.stapler.Function$InstanceFunction.invoke(Function.java:298) at org.kohsuke.stapler.Function.bindAndInvoke(Function.java:161) at org.kohsuke.stapler.Function.bindAndInvokeAndServeResponse(Function.java:96) at org.kohsuke.stapler.MetaClass$1.doDispatch(MetaClass.java:120) at org.kohsuke.stapler.NameBasedDispatcher.dispatch(NameBasedDispatcher.java:53) at org.kohsuke.stapler.Stapler.tryInvoke(Stapler.java:728) ... 59 more
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Ryan Campbell
            Path:
            src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java
            src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java
            http://jenkins-ci.org/commit/google-login-plugin/36670d149a2c5748c61f087a2cd035108461bc5c
            Log:
            JENKINS-36706: Handle session timeout better

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Ryan Campbell Path: src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java http://jenkins-ci.org/commit/google-login-plugin/36670d149a2c5748c61f087a2cd035108461bc5c Log: JENKINS-36706 : Handle session timeout better
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Ryan Campbell
            Path:
            src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java
            src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java
            http://jenkins-ci.org/commit/google-login-plugin/3d999a0a3ab79f3b0715c7cb293a4a9e58a7881f
            Log:
            JENKINS-36706 Handle session timeout better

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Ryan Campbell Path: src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java http://jenkins-ci.org/commit/google-login-plugin/3d999a0a3ab79f3b0715c7cb293a4a9e58a7881f Log: JENKINS-36706 Handle session timeout better
            Hide
            scm_issue_link SCM/JIRA link daemon added a comment -

            Code changed in jenkins
            User: Vincent Latombe
            Path:
            src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java
            src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java
            http://jenkins-ci.org/commit/google-login-plugin/bca0482c0543f921f71ab1594f6dd4d3f519445a
            Log:
            Merge pull request #8 from jenkinsci/JENKINS-36706

            JENKINS-36706: Handle session timeout better

            Compare: https://github.com/jenkinsci/google-login-plugin/compare/62a911674f5c...bca0482c0543
            *NOTE:* This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/

            Functionality will be removed from GitHub.com on January 31st, 2019.

            Show
            scm_issue_link SCM/JIRA link daemon added a comment - Code changed in jenkins User: Vincent Latombe Path: src/main/java/org/jenkinsci/plugins/googlelogin/GoogleOAuth2SecurityRealm.java src/main/java/org/jenkinsci/plugins/googlelogin/OAuthSession.java http://jenkins-ci.org/commit/google-login-plugin/bca0482c0543f921f71ab1594f6dd4d3f519445a Log: Merge pull request #8 from jenkinsci/ JENKINS-36706 JENKINS-36706 : Handle session timeout better Compare: https://github.com/jenkinsci/google-login-plugin/compare/62a911674f5c...bca0482c0543 * NOTE: * This service been marked for deprecation: https://developer.github.com/changes/2018-04-25-github-services-deprecation/ Functionality will be removed from GitHub.com on January 31st, 2019.

              People

              • Assignee:
                recampbell Ryan Campbell
                Reporter:
                gsanchezu Guillermo Sanchez Urien
              • Votes:
                1 Vote for this issue
                Watchers:
                4 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: