Describe the bug
AtlassianOauthConfig.java lines 153-154 perform unsafe (String) casts on PluginConfigVariable.getValue() which returns Object. If the underlying value is not a String, this throws ClassCastException at runtime.
this.accessToken = (String) oauth2Config.getAccessToken().getValue();
this.refreshToken = (String) oauth2Config.getRefreshToken().getValue();
To Reproduce
- Configure Confluence/Jira source with OAuth2 authentication
- If the PluginConfigVariable implementation wraps the value in a non-String type,
renewCredentials() in AtlassianOauthConfig throws ClassCastException
Expected behavior
Should use instanceof String check before casting, or use value.toString() as fallback, to handle any Object type safely without crashing.
Screenshots
If applicable, add screenshots to help explain your problem.
Additional context
Found during review of #6856. Kept out of scope to avoid mixing OAuth2 changes with bearer token changes. The fix should follow the same pattern established in AtlassianBearerTokenAuthConfig.getBearerToken() after #6856
Describe the bug
AtlassianOauthConfig.javalines 153-154 perform unsafe(String)casts onPluginConfigVariable.getValue()which returnsObject. If the underlying value is not a String, this throwsClassCastExceptionat runtime.To Reproduce
renewCredentials()inAtlassianOauthConfigthrowsClassCastExceptionExpected behavior
Should use instanceof String check before casting, or use value.toString() as fallback, to handle any Object type safely without crashing.
Screenshots
If applicable, add screenshots to help explain your problem.
Additional context
Found during review of #6856. Kept out of scope to avoid mixing OAuth2 changes with bearer token changes. The fix should follow the same pattern established in
AtlassianBearerTokenAuthConfig.getBearerToken()after #6856