From f8c00375d7eb509abcb4177850d397a6b70023bc Mon Sep 17 00:00:00 2001
From: Ace <ruwany.ace@gmail.com>
Date: Fri, 19 Jun 2020 18:15:37 +0530
Subject: [PATCH] Fixing null pointer during APIM scope validation

---
 .../oauth/extensions/handlers/ScopeValidationHandler.java  | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/ScopeValidationHandler.java b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/ScopeValidationHandler.java
index bef3cda94e..38bae19058 100644
--- a/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/ScopeValidationHandler.java
+++ b/components/identity-extensions/org.wso2.carbon.device.mgt.oauth.extensions/src/main/java/org/wso2/carbon/device/mgt/oauth/extensions/handlers/ScopeValidationHandler.java
@@ -17,6 +17,7 @@
  */
 package org.wso2.carbon.device.mgt.oauth.extensions.handlers;
 
+import org.apache.commons.lang3.tuple.Pair;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.wso2.carbon.device.mgt.oauth.extensions.internal.OAuthExtensionsDataHolder;
@@ -26,6 +27,7 @@ import org.wso2.carbon.identity.oauth.cache.OAuthCacheKey;
 import org.wso2.carbon.identity.oauth2.IdentityOAuth2Exception;
 import org.wso2.carbon.identity.oauth2.dao.TokenManagementDAO;
 import org.wso2.carbon.identity.oauth2.dao.TokenManagementDAOImpl;
+import org.wso2.carbon.identity.oauth2.dao.TokenMgtDAO;
 import org.wso2.carbon.identity.oauth2.model.AccessTokenDO;
 import org.wso2.carbon.identity.oauth2.model.ResourceScopeCacheEntry;
 import org.wso2.carbon.identity.oauth2.validators.OAuth2ScopeValidator;
@@ -109,7 +111,10 @@ public class ScopeValidationHandler extends OAuth2ScopeValidator {
         if (!cacheHit) {
             TokenManagementDAO tokenMgtDAO = new TokenManagementDAOImpl();
             try {
-                resourceScope = tokenMgtDAO.findTenantAndScopeOfResource(resource).getLeft();
+                Pair<String, Integer> scopeReference = tokenMgtDAO.findTenantAndScopeOfResource(resource);
+                if(scopeReference!=null) {
+                    resourceScope = scopeReference.getLeft();
+                }
             } catch (IdentityOAuth2Exception e) {
                 log.error("Error occurred while retrieving scope for resource '" + resource + "'");
             }