Check for negatives groups id (returned for a not existing group) added. Solves issue #24831

CHANGELOG.md

@@ -1,6 +1,8 @@
 This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 # Changelog for "oidc-library-portal"
+## [1.3.2-SNAPSHOT]
+ `UserSitesToGroupsAndRolesMapper` class is now more resilient to `Groups` that are not found in Liferay and for which the `LiferayGroupManager` returns -1 as its Id instead of exception throwing (#24831)
 
 ## [v1.3.1]
 The `UmaJWTProvider` has been removed from `authroization-common-client` and new provider from that library (`AccessTokenProvider`) is used to transport the `access-token` only to the client library

pom.xml

@@ -12,14 +12,14 @@
 
 	<groupId>org.gcube.portal</groupId>
 	<artifactId>oidc-library-portal</artifactId>
-	<version>1.3.1</version>
+	<version>1.3.2-SNAPSHOT</version>
 
 	<dependencyManagement>
 		<dependencies>
 			<dependency>
 				<groupId>org.gcube.distribution</groupId>
 				<artifactId>maven-portal-bom</artifactId>
-				<version>3.6.3</version>
+				<version>3.6.4</version>
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>

src/main/java/org/gcube/portal/oidc/lr62/UserSitesToGroupsAndRolesMapper.java

@@ -125,6 +125,10 @@ public class UserSitesToGroupsAndRolesMapper {
             log.error("Cannot retrieve group for site: " + actualSite.getName(), e);
             return;
         }
+        if (actualSiteGroupId < 0) {
+            log.info("Retrieved group id is not valid for the site: " + actualSite.getName());
+            return;
+        }
         try {
             if (groupManager.isVRE(actualSiteGroupId) && !actualGroupAndRoles.containsKey(actualSiteGroupId)) {
                 log.debug("Assigning user to new VRE site: " + actualSite.getName());