This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 1.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git
The following commit(s) were added to refs/heads/1.4.x-fixes by this push:
new 60b9c3b Fixing some issues thrown up by Spotbugs
60b9c3b is described below
commit 60b9c3b687a89b4ce75dfecf6e921ad9b5840ffb
Author: Colm O hEigeartaigh <[email protected]>
AuthorDate: Fri Oct 19 15:20:35 2018 +0100
Fixing some issues thrown up by Spotbugs
---
.../cxf/fediz/core/processor/FederationProcessorImpl.java | 2 +-
.../idp/beans/samlsso/AbstractSamlResponseCreator.java | 13 +++++++------
2 files changed, 8 insertions(+), 7 deletions(-)
diff --git
a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
index b31cee7..bb9af1c 100644
---
a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
+++
b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
@@ -135,7 +135,7 @@ public class FederationProcessorImpl extends
AbstractFedizProcessor {
el = DOMUtils.getFirstElement(el);
}
if (el == null ||
!"RequestSecurityTokenResponse".equals(el.getLocalName())) {
- LOG.warn("Unexpected root element of wresult: '" +
el.getLocalName() + "'");
+ LOG.warn("Unexpected root element of wresult: '" + (el == null ?
"null" : el.getLocalName()) + "'");
throw new ProcessingException(TYPE.INVALID_REQUEST);
}
el = DOMUtils.getFirstElement(el);
diff --git
a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AbstractSamlResponseCreator.java
b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AbstractSamlResponseCreator.java
index 0e9c802..2baad7b 100644
---
a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AbstractSamlResponseCreator.java
+++
b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AbstractSamlResponseCreator.java
@@ -80,15 +80,13 @@ abstract class AbstractSamlResponseCreator {
return;
}
Crypto issuerCrypto =
CertsUtils.getCryptoFromCertificate(idp.getCertificate());
- String issuerKeyName = issuerCrypto.getDefaultX509Identifier();
- String issuerKeyPassword = idp.getCertificatePassword();
- Signature signature = OpenSAMLUtil.buildSignature();
-
signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
- CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(issuerKeyName);
X509Certificate[] issuerCerts = null;
+ String issuerKeyName = null;
if (issuerCrypto != null) {
+ CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+ issuerKeyName = issuerCrypto.getDefaultX509Identifier();
+ cryptoType.setAlias(issuerKeyName);
issuerCerts = issuerCrypto.getX509Certificates(cryptoType);
}
if (issuerCerts == null || issuerCerts.length == 0) {
@@ -108,6 +106,7 @@ abstract class AbstractSamlResponseCreator {
LOG.debug("Using Signature algorithm {}", sigAlgo);
PrivateKey privateKey;
try {
+ String issuerKeyPassword = idp.getCertificatePassword();
privateKey = issuerCrypto.getPrivateKey(issuerKeyName,
issuerKeyPassword);
} catch (Exception ex) {
throw new
WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
@@ -117,6 +116,8 @@ abstract class AbstractSamlResponseCreator {
new Object[] {"No private key was found using issuer name: " +
issuerKeyName});
}
+ Signature signature = OpenSAMLUtil.buildSignature();
+
signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
signature.setSignatureAlgorithm(sigAlgo);
BasicX509Credential signingCredential =
