[1/2] syncope git commit: Avoid an NPE if the SAML Response Issuer is null

Thu, 10 Aug 2017 09:56:34 -0700 

Repository: syncope
Updated Branches:
  refs/heads/master 97744afe7 -> 8e73cd830


Avoid an NPE if the SAML Response Issuer is null


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/13230e26
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/13230e26
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/13230e26

Branch: refs/heads/master
Commit: 13230e268b9361dbb056c8960a2e10e7cb7333b1
Parents: 97744af
Author: Colm O hEigeartaigh <cohei...@apache.org>
Authored: Thu Aug 10 13:15:51 2017 +0100
Committer: Colm O hEigeartaigh <cohei...@apache.org>
Committed: Thu Aug 10 13:15:51 2017 +0100

----------------------------------------------------------------------
 .../src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java | 3 +++
 1 file changed, 3 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/13230e26/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
----------------------------------------------------------------------
diff --git 
a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
 
b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
index f6953e6..87b7eb6 100644
--- 
a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
+++ 
b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
@@ -363,6 +363,9 @@ public class SAML2SPLogic extends 
AbstractSAML2Logic<AbstractBaseBean> {
         }
 
         // 3. validate the SAML response and, if needed, decrypt the provided 
assertion(s)
+        if (samlResponse.getIssuer() == null || 
samlResponse.getIssuer().getValue() == null) {
+            throw new IllegalArgumentException("The SAML Response must contain 
an Issuer");
+        }
         final SAML2IdPEntity idp = getIdP(samlResponse.getIssuer().getValue());
         if (idp.getConnObjectKeyItem() == null) {
             throw new IllegalArgumentException("No mapping provided for SAML 
2.0 IdP '" + idp.getId() + "'");

Reply via email to