syncope-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [1/2] syncope git commit: Avoid an NPE if the SAML Response Issuer is null
Date Thu, 10 Aug 2017 16:56:10 GMT
Repository: syncope
Updated Branches:
  refs/heads/master 97744afe7 -> 8e73cd830


Avoid an NPE if the SAML Response Issuer is null


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/13230e26
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/13230e26
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/13230e26

Branch: refs/heads/master
Commit: 13230e268b9361dbb056c8960a2e10e7cb7333b1
Parents: 97744af
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Thu Aug 10 13:15:51 2017 +0100
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Thu Aug 10 13:15:51 2017 +0100

----------------------------------------------------------------------
 .../src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java | 3 +++
 1 file changed, 3 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/13230e26/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
index f6953e6..87b7eb6 100644
--- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
+++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
@@ -363,6 +363,9 @@ public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean>
{
         }
 
         // 3. validate the SAML response and, if needed, decrypt the provided assertion(s)
+        if (samlResponse.getIssuer() == null || samlResponse.getIssuer().getValue() == null)
{
+            throw new IllegalArgumentException("The SAML Response must contain an Issuer");
+        }
         final SAML2IdPEntity idp = getIdP(samlResponse.getIssuer().getValue());
         if (idp.getConnObjectKeyItem() == null) {
             throw new IllegalArgumentException("No mapping provided for SAML 2.0 IdP '" +
idp.getId() + "'");


Mime
View raw message