From aba5f0b01b426a07cd0f585704ec3411b2cd0d4d Mon Sep 17 00:00:00 2001
From: Mauro Mugnaini <mauro.mugnaini@nubisware.com>
Date: Thu, 23 Mar 2023 12:34:38 +0100
Subject: [PATCH] Check for negatives groups id (returned for a not existing
 group) added. Solves issue #24831

---
 CHANGELOG.md                                                  | 2 ++
 pom.xml                                                       | 4 ++--
 .../portal/oidc/lr62/UserSitesToGroupsAndRolesMapper.java     | 4 ++++
 3 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 98f27e4..4d3ba7e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,8 @@
 This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 # Changelog for "oidc-library-portal"
+## [1.3.2-SNAPSHOT]
+ `UserSitesToGroupsAndRolesMapper` class is now more resilient to `Groups` that are not found in Liferay and for which the `LiferayGroupManager` returns -1 as its Id instead of exception throwing (#24831)
 
 ## [v1.3.1]
 The `UmaJWTProvider` has been removed from `authroization-common-client` and new provider from that library (`AccessTokenProvider`) is used to transport the `access-token` only to the client library
diff --git a/pom.xml b/pom.xml
index 8976bfa..70ae953 100644
--- a/pom.xml
+++ b/pom.xml
@@ -12,14 +12,14 @@
 
 	<groupId>org.gcube.portal</groupId>
 	<artifactId>oidc-library-portal</artifactId>
-	<version>1.3.1</version>
+	<version>1.3.2-SNAPSHOT</version>
 
 	<dependencyManagement>
 		<dependencies>
 			<dependency>
 				<groupId>org.gcube.distribution</groupId>
 				<artifactId>maven-portal-bom</artifactId>
-				<version>3.6.3</version>
+				<version>3.6.4</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>
diff --git a/src/main/java/org/gcube/portal/oidc/lr62/UserSitesToGroupsAndRolesMapper.java b/src/main/java/org/gcube/portal/oidc/lr62/UserSitesToGroupsAndRolesMapper.java
index 71edc8b..614c165 100644
--- a/src/main/java/org/gcube/portal/oidc/lr62/UserSitesToGroupsAndRolesMapper.java
+++ b/src/main/java/org/gcube/portal/oidc/lr62/UserSitesToGroupsAndRolesMapper.java
@@ -125,6 +125,10 @@ public class UserSitesToGroupsAndRolesMapper {
             log.error("Cannot retrieve group for site: " + actualSite.getName(), e);
             return;
         }
+        if (actualSiteGroupId < 0) {
+            log.info("Retrieved group id is not valid for the site: " + actualSite.getName());
+            return;
+        }
         try {
             if (groupManager.isVRE(actualSiteGroupId) && !actualGroupAndRoles.containsKey(actualSiteGroupId)) {
                 log.debug("Assigning user to new VRE site: " + actualSite.getName());