Fix to avoid error when one or more non-required elements are missing

Author: iguanajazz

README.md

@@ -1,9 +1,9 @@
 # OneLogin's SAML Java SAML
 
-Updating from 1.0-SNAPSHOT to 1.1
+Updating from 1.0-SNAPSHOT to 1.1.2
 ---------------------------------
 
-Version 1.1 adds many improvements on security. It is a recommended update for all Java SAML users.
+Version 1.1.2 adds many improvements on security. It is a recommended update for all Java SAML users.
 
 
 Overview

pom.xml

@@ -3,7 +3,7 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>com.onelogin</groupId>
   <artifactId>java-saml</artifactId>
-  <version>1.1.1</version>
+  <version>1.1.2</version>
 
   <properties>
     <slf4jVersion>1.7.12</slf4jVersion>

src/main/java/com/onelogin/saml/Response.java

@@ -147,23 +147,23 @@ public boolean isValid(String... requestId){
 				throw new Exception("There is an EncryptedAttribute in the Response and this SP not support them");
 			}
 
+			// Check Audience
+			Set<String> validAudiences = this.getAudiences();
+
+			if (!validAudiences.isEmpty() && !this.audienceUrl.equals(currentUrl)) {
+				throw new Exception( this.audienceUrl + " is not a valid audience for this Response");	
+			}
+			
 			// Check destination
 			if(rootElement.hasAttribute("Destination")){
 				String destinationUrl = rootElement.getAttribute("Destination");
 				if (destinationUrl != null) {
-					if(!destinationUrl.equals(currentUrl)){
+					if(!destinationUrl.isEmpty() && !destinationUrl.equals(currentUrl)){
 						throw new Exception("The response was received at " + currentUrl + " instead of " + destinationUrl);
 					}
 				}
 			}
 
-			// Check Audience
-			Set<String> validAudiences = this.getAudiences();
-
-			if (validAudiences.isEmpty() || !this.audienceUrl.equals(currentUrl)) {
-				throw new Exception( this.audienceUrl + " is not a valid audience for this Response");	
-			}
-
 			// Check the issuers
 			Set<String> issuers = this.getIssuers();
 			for(String issuer : issuers){
@@ -196,7 +196,7 @@ public boolean isValid(String... requestId){
 					if(subjectConfirmationDataNodes.item(c).getLocalName().equals("SubjectConfirmationData")){
 
 						Node recipient = subjectConfirmationDataNodes.item(c).getAttributes().getNamedItem("Recipient");					
-						if(recipient != null && !recipient.getNodeValue().equals(currentUrl)){
+						if(recipient != null && !recipient.getNodeValue().isEmpty() && !recipient.getNodeValue().equals(currentUrl)){
 							validSubjectConfirmation = false;
 						}
 
@@ -314,13 +314,17 @@ public Set<String> getAudiences() throws XPathExpressionException
 		NodeList entries = this.queryAssertion("/saml:Conditions/saml:AudienceRestriction/saml:Audience");
 
 		if(entries.getLength() > 0){
-			this.audienceUrl = entries.item(0).getChildNodes().item(0).getNodeValue();
+			if(entries.item(0)!= null && entries.item(0).getChildNodes().getLength() > 0){
+				this.audienceUrl = entries.item(0).getChildNodes().item(0).getNodeValue();
+			}
 		}
 
 		for(int i=0; i < entries.getLength(); i++) {
-			String value = entries.item(i).getTextContent().trim();
-			if (value != null && !value.isEmpty()) {
-				audiences.add(value);
+			if(entries.item(i) != null){
+				String value = entries.item(i).getTextContent();
+				if (value != null && !value.trim().isEmpty()) {
+					audiences.add(value.trim());
+				}
 			}
 		}
 		return audiences;