From f1f9a5be9b08c696600773506c6a7123c9b9ea8f Mon Sep 17 00:00:00 2001
From: Jottyfan <jottyfan@mail.de>
Date: Tue, 26 Dec 2023 21:01:06 +0100
Subject: [PATCH] fixed null on token

---
 build.gradle                                    |  2 +-
 .../jottyfan/bico/modules/CommonController.java | 17 +++++++++++++----
 src/main/resources/application.properties       |  3 ---
 3 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/build.gradle b/build.gradle
index cd42a9e..c24d33d 100644
--- a/build.gradle
+++ b/build.gradle
@@ -8,7 +8,7 @@ plugins {
 }
 
 group = 'de.jottyfan.bico'
-version = '0.0.6'
+version = '0.0.7'
 
 description = """BibleClassOrganizer"""
 
diff --git a/src/main/java/de/jottyfan/bico/modules/CommonController.java b/src/main/java/de/jottyfan/bico/modules/CommonController.java
index 8485aa3..c5304d4 100644
--- a/src/main/java/de/jottyfan/bico/modules/CommonController.java
+++ b/src/main/java/de/jottyfan/bico/modules/CommonController.java
@@ -3,6 +3,8 @@ package de.jottyfan.bico.modules;
 import java.security.Principal;
 import java.util.List;
 
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -19,6 +21,8 @@ import de.jottyfan.bico.modules.profile.ProfileService;
  */
 public abstract class CommonController {
 
+	private static final Logger LOGGER = LogManager.getLogger(CommonController.class);
+
 	@Autowired
 	private ProfileService profileService;
 
@@ -28,10 +32,15 @@ public abstract class CommonController {
 	@ModelAttribute("hasBUrole")
 	public Boolean hasBURole(Principal principal) {
 		OAuth2AuthenticationToken token = (OAuth2AuthenticationToken) principal;
-		OAuth2User user = token.getPrincipal();
-		@SuppressWarnings("unchecked")
-		List<String> roles = (List<String>) user.getAttributes().get("roles");
-		return roles.contains("Bibelunterricht");
+		if (token != null) {
+			OAuth2User user = token.getPrincipal();
+			@SuppressWarnings("unchecked")
+			List<String> roles = (List<String>) user.getAttributes().get("roles");
+			return roles.contains("Bibelunterricht");
+		} else {
+			LOGGER.warn("token is null, no roles can be detected");
+			return false;
+		}
 	}
 
 	/**
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index 9608248..3f48596 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -9,9 +9,6 @@ spring.datasource.password = ${db.password}
 
 server.servlet.context-path = ${my.context-path:/BiCO}
 
-# for development only
-server.port = ${server.port}
-
 # nextcloud open ID connection
 spring.security.oauth2.client.provider.nextcloud.issuer-uri = ${nextcloud.issuer-uri}
 spring.security.oauth2.client.registration.nextcloud.client-id = ${nextcloud.client-id}