fix: Fix potential null user-agent in CSRF generator

• fix: Fix potential null user-agent in CSRF generator

Relates to eclipsefdn/it/websites/membership.eclipse.org#660 (closed)

persistence/runtime/src/main/java/org/eclipsefoundation/persistence/model/DistributedCSRFGenerator.java

@@ -17,6 +17,7 @@ import java.util.Arrays;
 import java.util.List;
 import java.util.StringTokenizer;
 
+import org.apache.commons.lang3.StringUtils;
 import org.eclipsefoundation.http.model.FlatRequestWrapper;
 import org.eclipsefoundation.persistence.dao.PersistenceDao;
 import org.eclipsefoundation.persistence.dto.DistributedCSRFToken;
@@ -112,6 +113,9 @@ public class DistributedCSRFGenerator extends DefaultCSRFGenerator {
         // Iss #109 - Truncate the value if it's too long to keep table entries managable
         if (userAgent.length() > 255) {
             userAgent = userAgent.substring(0, 250);
+        } else if (StringUtils.isBlank(userAgent)) {
+            // Membership Issue #660 - Ensure non-null
+            userAgent = "";
         }
         Principal user = context.getUserPrincipal();
         MultivaluedMap<String, String> params = new MultivaluedHashMap<>();