Repository: syncope Updated Branches: refs/heads/2_0_X 84a7b68e4 -> 3b24fd10f
Avoid an NPE if the SAML Response Issuer is null Project: http://git-wip-us.apache.org/repos/asf/syncope/repo Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/d70b33aa Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/d70b33aa Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/d70b33aa Branch: refs/heads/2_0_X Commit: d70b33aa4cd2b257432651aeb18fe343933cf395 Parents: 84a7b68 Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Thu Aug 10 13:15:51 2017 +0100 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Thu Aug 10 17:56:30 2017 +0100 ---------------------------------------------------------------------- .../src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java | 3 +++ 1 file changed, 3 insertions(+) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/syncope/blob/d70b33aa/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java ---------------------------------------------------------------------- diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java index f6953e6..87b7eb6 100644 --- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java +++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java @@ -363,6 +363,9 @@ public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> { } // 3. validate the SAML response and, if needed, decrypt the provided assertion(s) + if (samlResponse.getIssuer() == null || samlResponse.getIssuer().getValue() == null) { + throw new IllegalArgumentException("The SAML Response must contain an Issuer"); + } final SAML2IdPEntity idp = getIdP(samlResponse.getIssuer().getValue()); if (idp.getConnObjectKeyItem() == null) { throw new IllegalArgumentException("No mapping provided for SAML 2.0 IdP '" + idp.getId() + "'");