After implementing the code for adding and checking groups from the opening of Chapter 8.1,
my app is failing with this NPE:
java.lang.NullPointerException: Cannot invoke "java.util.List.iterator()" because "groups" is null
at com.manning.apisecurityinaction.controllers.UserController.lambda$requirePermissions$1(UserController.java:123)
This is because the code in requirePermissions method doesn't count with the possibility for the request attribute "groups" not being present at all (null).
However, the implementation shown in the book only calls request.attribute("groups", ...) in UserController#authenticate.
That method is solely used for Basic authentication though (it returns very early if non-basic auth is used.
Since I'm using OAuth Token authentication (as implemented in chapter 7), it's failing for me.
Did I miss something or it's implemented later in the book?
Or is it just not supposed to be used with token authentication at the moment?
After implementing the code for adding and checking groups from the opening of Chapter 8.1,
my app is failing with this NPE:
This is because the code in requirePermissions method doesn't count with the possibility for the request attribute "groups" not being present at all (null).
However, the implementation shown in the book only calls
request.attribute("groups", ...)inUserController#authenticate.That method is solely used for Basic authentication though (it returns very early if non-basic auth is used.
Since I'm using OAuth Token authentication (as implemented in chapter 7), it's failing for me.
Did I miss something or it's implemented later in the book?
Or is it just not supposed to be used with token authentication at the moment?