[BUG][Java][feign] NPE on OAuth2 when 'expires_in' data is not provided by authentication server
Created by: thibaudsowa
Bug Report Checklist
-
Have you provided a full/minimal spec to reproduce the issue? -
Have you validated the input using an OpenAPI validator (example)? -
What's the version of OpenAPI Generator used? -
Have you search for related issues/PRs? -
What's the actual output vs expected output? -
[Optional] Bounty to sponsor the fix (example)
Description
If OAuth server doesn't provide time of token expiration with the attribute expires_in a NPE append. For my example: Salesforce API.
openapi-generator version
Swagger Codegen 2.2.3
OpenAPI declaration file content or url
---
swagger: '2.0'
info:
version: v1
title: Test oauth
paths:
"/test":
post:
consumes:
- application/json
produces:
- application/json
responses:
'201':
description: Success
securityDefinitions:
OAuth:
type: oauth2
flow: password
tokenUrl: https://test.salesforce.com/services/oauth2/token
security:
- OAuth: []Command line used for generation
java -jar swagger-codegen-cli.jar generate \
-i swagger.yaml \
-l java \
-o ./generated \
--library feignSteps to reproduce
Just try to request an authenticated resource with OAuth2 on an authentication server that does not provide expires_in data:
ApiClient apiClient = new ApiClient("OAuth", "clientId", "secret", "username", "password");
apiClient.setBasePath("https://test.my.salesforce.com");
DefaultApi defaultApi = apiClient.buildClient(DefaultApi.class);
defaultApi.testPost();Suggest a fix
If expires_in is not provided by authentication server we can not know the time of expiration, so the authentication token should be asked on every request?
Or at least provide a default timeout that can be customized?