From 64c85a8fee42635dad18dc14ca800920ea9bde55 Mon Sep 17 00:00:00 2001
From: William Cheng <wing328hk@gmail.com>
Date: Tue, 12 Dec 2023 22:33:20 +0800
Subject: [PATCH] Fix NPE in codegen security (#17378)

* fix npe in codegen security

* add new test file
---
 .../openapitools/codegen/CodegenSecurity.java |  2 +-
 .../codegen/DefaultCodegenTest.java           | 13 ++++++
 .../src/test/resources/3_0/issue_17376.json   | 43 +++++++++++++++++++
 3 files changed, 57 insertions(+), 1 deletion(-)
 create mode 100644 modules/openapi-generator/src/test/resources/3_0/issue_17376.json

diff --git a/modules/openapi-generator/src/main/java/org/openapitools/codegen/CodegenSecurity.java b/modules/openapi-generator/src/main/java/org/openapitools/codegen/CodegenSecurity.java
index f0a43902099d..671585bc70b6 100644
--- a/modules/openapi-generator/src/main/java/org/openapitools/codegen/CodegenSecurity.java
+++ b/modules/openapi-generator/src/main/java/org/openapitools/codegen/CodegenSecurity.java
@@ -93,7 +93,7 @@ public class CodegenSecurity {
         // Since OAS 3.1.0, security scheme types other than "oauth2" and "openIdConnect" may have a list of role names
         // which are required for the execution, but are not otherwise defined or exchanged in-band.
         // In such cases, no filtering is performed.
-        if (!(isOAuth || isOpenId)) {
+        if (!(Boolean.TRUE.equals(isOAuth) || Boolean.TRUE.equals(isOpenId))) {
             filteredSecurity.scopes = filterScopes.stream()
                 .map(s -> new HashMap<String, Object>(Map.of("scope", s)))
                 .collect(Collectors.toList());
diff --git a/modules/openapi-generator/src/test/java/org/openapitools/codegen/DefaultCodegenTest.java b/modules/openapi-generator/src/test/java/org/openapitools/codegen/DefaultCodegenTest.java
index 0ca9eca9211d..96662023eb20 100644
--- a/modules/openapi-generator/src/test/java/org/openapitools/codegen/DefaultCodegenTest.java
+++ b/modules/openapi-generator/src/test/java/org/openapitools/codegen/DefaultCodegenTest.java
@@ -2571,6 +2571,19 @@ public class DefaultCodegenTest {
         assertEquals(securities.get(1).name, "api_key");
     }
 
+    @Test
+    public void testOpenIdConnectSecuritySchemes() {
+        final OpenAPI openAPI = TestUtils.parseFlattenSpec("src/test/resources/3_0/issue_17376.json");
+        final DefaultCodegen codegen = new DefaultCodegen();
+        codegen.setOpenAPI(openAPI);
+
+        final Map<String, SecurityScheme> securitySchemes = openAPI.getComponents().getSecuritySchemes();
+        final List<CodegenSecurity> securities = codegen.fromSecurity(securitySchemes);
+
+        assertEquals(securities.size(), 1);
+        assertEquals(securities.get(0).name, "Our Identity service");
+    }
+
     @Test
     public void testItemsPresent() {
         final OpenAPI openAPI = TestUtils.parseFlattenSpec("src/test/resources/3_0/issue_7613.yaml");
diff --git a/modules/openapi-generator/src/test/resources/3_0/issue_17376.json b/modules/openapi-generator/src/test/resources/3_0/issue_17376.json
new file mode 100644
index 000000000000..16c0ab40ef19
--- /dev/null
+++ b/modules/openapi-generator/src/test/resources/3_0/issue_17376.json
@@ -0,0 +1,43 @@
+{
+  "openapi": "3.0.0",
+  "info": {
+    "title": "My API",
+    "version": "1.0.0"
+  },
+  "paths": {
+    "/users": {
+      "get": {
+        "summary": "Get all users",
+        "responses": {
+          "200": {
+            "description": "Successful response"
+          }
+        },
+        "operationId": "V1GetAllUsers",
+        "description": "Retrieve a users.",
+        "security": [
+          {
+            "Our Identity service": []
+          }
+        ],
+        "tags": [
+          "Users"
+        ]
+      }
+    }
+  },
+  "components": {
+    "securitySchemes": {
+      "Our Identity service": {
+        "type": "openIdConnect",
+        "description": "To authenticate your calls to the API...",
+        "openIdConnectUrl": "https://id-something.somewhere.com/.well-known/openid-configuration"
+      }
+    }
+  },
+  "security": [
+    {
+      "Our Identity service": []
+    }
+  ]
+}