Handling NPE on login

src/main/java/org/akhq/controllers/AbstractController.java

@@ -50,7 +50,13 @@ protected List<Group> getUserGroups() {
             return List.of();
         }
 
-        List<Group> groupBindings = AKHQSecurityRule.decompressGroups(authentication.get()).values()
+        var groups = AKHQSecurityRule.decompressGroups(authentication.get());
+
+        if (groups == null) {
+           return List.of();
+        }
+
+        List<Group> groupBindings = groups.values()
             .stream()
             .flatMap(Collection::stream)
             .map(gb -> new ObjectMapper().convertValue(gb, Group.class))

src/main/java/org/akhq/controllers/ErrorController.java

@@ -84,10 +84,10 @@ private HttpResponse<?> renderExecption(HttpRequest<?> request, Exception e) {
     public HttpResponse<?> error(HttpRequest<?> request, AuthorizationException e) throws URISyntaxException {
         if (request.getUri().toString().startsWith("/api")) {
             if (e.isForbidden()) {
-                if (request.getAttribute(HttpAttributes.ROUTE_INFO).isPresent() &&
-                    ((UriRouteMatch<?, ?>) request.getAttribute(HttpAttributes.ROUTE_INFO).get()).hasAnnotation(AKHQSecured.class)) {
+                if (request.getAttribute(HttpAttributes.ROUTE_MATCH).isPresent() &&
+                    ((UriRouteMatch<?, ?>) request.getAttribute(HttpAttributes.ROUTE_MATCH).get()).hasAnnotation(AKHQSecured.class)) {
                     AnnotationValue<AKHQSecured> annotation =
-                        ((UriRouteMatch<?, ?>) request.getAttribute(HttpAttributes.ROUTE_INFO).get()).getAnnotation(AKHQSecured.class);
+                        ((UriRouteMatch<?, ?>) request.getAttribute(HttpAttributes.ROUTE_MATCH).get()).getAnnotation(AKHQSecured.class);
 
                     return HttpResponse.status(HttpStatus.FORBIDDEN)
                         .body(new JsonError(String.format("Unauthorized: missing permission on resource %s and action %s",