[1/3] syncope git commit: NPE guards for both the RelayState and Response

Wed, 02 Aug 2017 09:57:47 -0700 

Repository: syncope
Updated Branches:
  refs/heads/2_0_X e1a9e9e7f -> 8746f9f8e


NPE guards for both the RelayState and Response


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/ebd3e2e2
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/ebd3e2e2
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/ebd3e2e2

Branch: refs/heads/2_0_X
Commit: ebd3e2e2cf8e6ccbc933bf3ab3e7e8b650512928
Parents: e1a9e9e
Author: Colm O hEigeartaigh <cohei...@apache.org>
Authored: Wed Aug 2 15:31:47 2017 +0100
Committer: Colm O hEigeartaigh <cohei...@apache.org>
Committed: Wed Aug 2 17:10:26 2017 +0100

----------------------------------------------------------------------
 .../main/java/org/apache/syncope/core/logic/SAML2SPLogic.java  | 6 ++++++
 1 file changed, 6 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/ebd3e2e2/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
----------------------------------------------------------------------
diff --git 
a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
 
b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
index 222d3cf..28a1ef0 100644
--- 
a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
+++ 
b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
@@ -421,6 +421,9 @@ public class SAML2SPLogic extends 
AbstractSAML2Logic<AbstractBaseBean> {
         check();
 
         // 1. first checks for the provided relay state
+        if (response.getRelayState() == null) {
+            throw new IllegalArgumentException("No Relay State was provided");
+        }
         JwsJwtCompactConsumer relayState = new 
JwsJwtCompactConsumer(response.getRelayState());
         if (!relayState.verifySignatureWith(jwsSignatureVerifier)) {
             throw new IllegalArgumentException("Invalid signature found in 
Relay State");
@@ -429,6 +432,9 @@ public class SAML2SPLogic extends 
AbstractSAML2Logic<AbstractBaseBean> {
                 
relayState.getJwtClaims().getClaim(JWT_CLAIM_IDP_DEFLATE).toString());
 
         // 2. parse the provided SAML response
+        if (response.getSamlResponse() == null) {
+            throw new IllegalArgumentException("No SAML Response was 
provided");
+        }
         Response samlResponse;
         try {
             XMLObject responseObject = saml2rw.read(useDeflateEncoding, 
response.getSamlResponse());

Reply via email to