Security: NPE if user has no roles

[joha78]

🆕🐥 First Timers Only

This issue is reserved for people who never contributed to Rico or Open Source before. We know that the process of creating a pull request is the biggest barrier for new contributors. This issue is for you 💝

👾 Description of the issue

UserKeycloakImpl.getRoles() throws a NPE if the user has no roles.

public Set<String> getRoles() {

    return Collections.unmodifiableSet(this.keycloakSecurityContext.getToken().getRealmAccess().getRoles());

}

It's because KeycloakSecurityContext.getToken().getRealmAccess() return null. It would be better if it would return an empty list.

📋 Step by Step

To solve this issue and contribute a fix you should check the following step-by-step list. A more detailed documentation of the workflow can be found here.

• Claim this issue: Comment below.
• Fork the repository in github by simply clicking the 'fork' button.
• Check out the forked repository
• Create a feature branch for the issue. We do not have any naming definition for branches.
• Commit your changes.
• Start a Pull Request.
• Done 👍 Ask in comments for a review :)
• If the reviewer find some missing peaces or a problem he will start a discussion with you and describe the next steps how the problem can be solved.
• You did it 🎉 We will merge the fix in the master branch.
• Thanks, thanks, thanks for being part of this project as an open source contributor ❤️

🎉 Contribute to Hacktoberfest

Solve this issue as part of the Hacktoberfest event and get a change to receive cool goodies like a T-Shirt. 🎽

🤔❓ Questions

If you have any questions just ask us directly in this issue by adding a comment. Next to this you can find a general manual about open source contributions here.