NPE guards for both the RelayState and Response
Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/c7a50578 Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/c7a50578 Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/c7a50578 Branch: refs/heads/master Commit: c7a505783c87c7b595f20512c706ba7f4edbfa37 Parents: bfce004 Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Wed Aug 2 15:31:47 2017 +0100 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Wed Aug 2 17:10:05 2017 +0100 ---------------------------------------------------------------------- .../main/java/org/apache/syncope/core/logic/SAML2SPLogic.java | 6 ++++++ 1 file changed, 6 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/syncope/blob/c7a50578/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java ---------------------------------------------------------------------- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java index 222d3cf..28a1ef0 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java @@ -421,6 +421,9 @@ public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> { check(); // 1. first checks for the provided relay state + if (response.getRelayState() == null) { + throw new IllegalArgumentException("No Relay State was provided"); + } JwsJwtCompactConsumer relayState = new JwsJwtCompactConsumer(response.getRelayState()); if (!relayState.verifySignatureWith(jwsSignatureVerifier)) { throw new IllegalArgumentException("Invalid signature found in Relay State"); @@ -429,6 +432,9 @@ public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> { relayState.getJwtClaims().getClaim(JWT_CLAIM_IDP_DEFLATE).toString()); // 2. parse the provided SAML response + if (response.getSamlResponse() == null) { + throw new IllegalArgumentException("No SAML Response was provided"); + } Response samlResponse; try { XMLObject responseObject = saml2rw.read(useDeflateEncoding, response.getSamlResponse());