Skip to content

Commit 1a7b0da

Browse files
committed
Trim values obtained with getTextContent() on any XML node
This change extends the previous one, made for SamlResponse name id, so that surrounding whitespace is removed for any value obtained from a XML element where this is indeed the expected behaviour (like in issuers, audiences, status messages, name ids).
1 parent c4907d4 commit 1a7b0da

File tree

4 files changed

+46
-16
lines changed

4 files changed

+46
-16
lines changed

core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java

Lines changed: 17 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -601,7 +601,11 @@ public HashMap<String, List<String>> getAttributes() throws XPathExpressionExcep
601601
}
602602
for (int j = 0; j < childrens.getLength(); j++) {
603603
if ("AttributeValue".equals(childrens.item(j).getLocalName())) {
604-
attrValues.add(childrens.item(j).getTextContent());
604+
String attrValue = childrens.item(j).getTextContent();
605+
if(attrValue != null) {
606+
attrValue = attrValue.toString();
607+
}
608+
attrValues.add(attrValue);
605609
}
606610
}
607611

@@ -704,8 +708,9 @@ public List<String> getAudiences() throws XPathExpressionException {
704708
for (int i = 0; i < entries.getLength(); i++) {
705709
if (entries.item(i) != null) {
706710
String value = entries.item(i).getTextContent();
707-
if(value != null)
711+
if(value != null) {
708712
value = value.trim();
713+
}
709714
if(!StringUtils.isEmpty(value)) {
710715
audiences.add(value);
711716
}
@@ -729,7 +734,11 @@ public String getResponseIssuer() throws XPathExpressionException, ValidationErr
729734
NodeList responseIssuer = Util.query(samlResponseDocument, "/samlp:Response/saml:Issuer");
730735
if (responseIssuer.getLength() > 0) {
731736
if (responseIssuer.getLength() == 1) {
732-
return responseIssuer.item(0).getTextContent();
737+
String value = responseIssuer.item(0).getTextContent();
738+
if(value != null) {
739+
value = value.trim();
740+
}
741+
return value;
733742
} else {
734743
throw new ValidationError("Issuer of the Response is multiple.", ValidationError.ISSUER_MULTIPLE_IN_RESPONSE);
735744
}
@@ -752,7 +761,11 @@ public String getResponseIssuer() throws XPathExpressionException, ValidationErr
752761
public String getAssertionIssuer() throws XPathExpressionException, ValidationError {
753762
NodeList assertionIssuer = this.queryAssertion("/saml:Issuer");
754763
if (assertionIssuer.getLength() == 1) {
755-
return assertionIssuer.item(0).getTextContent();
764+
String value = assertionIssuer.item(0).getTextContent();
765+
if(value != null) {
766+
value = value.trim();
767+
}
768+
return value;
756769
} else {
757770
throw new ValidationError("Issuer of the Assertion not found or multiple.", ValidationError.ISSUER_NOT_FOUND_IN_ASSERTION);
758771
}

core/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java

Lines changed: 15 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -586,7 +586,11 @@ public static Map<String, String> getNameIdData(Document samlLogoutRequestDocume
586586
Map<String, String> nameIdData = new HashMap<String, String>();
587587

588588
if (nameIdElem != null) {
589-
nameIdData.put("Value", nameIdElem.getTextContent());
589+
String value = nameIdElem.getTextContent();
590+
if(value != null) {
591+
value = value.trim();
592+
}
593+
nameIdData.put("Value", value);
590594

591595
if (nameIdElem.hasAttribute("Format")) {
592596
nameIdData.put("Format", nameIdElem.getAttribute("Format"));
@@ -702,9 +706,11 @@ public static String getIssuer(Document samlLogoutRequestDocument) throws XPathE
702706
NodeList nodes = Util.query(samlLogoutRequestDocument, "/samlp:LogoutRequest/saml:Issuer");
703707

704708
if (nodes.getLength() == 1) {
705-
issuer = nodes.item(0).getTextContent();
706-
}
707-
709+
issuer = nodes.item(0).getTextContent();
710+
}
711+
if(issuer != null) {
712+
issuer = issuer.trim();
713+
}
708714
return issuer;
709715
}
710716

@@ -740,7 +746,11 @@ public static List<String> getSessionIndexes(Document samlLogoutRequestDocument)
740746
NodeList nodes = Util.query(samlLogoutRequestDocument, "/samlp:LogoutRequest/samlp:SessionIndex");
741747

742748
for (int i = 0; i < nodes.getLength(); i++) {
743-
sessionIndexes.add(nodes.item(i).getTextContent());
749+
String sessionIndex = nodes.item(i).getTextContent();
750+
if(sessionIndex != null) {
751+
sessionIndex = sessionIndex.trim();
752+
sessionIndexes.add(sessionIndex);
753+
}
744754
}
745755

746756
return sessionIndexes;

core/src/main/java/com/onelogin/saml2/logout/LogoutResponse.java

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -299,12 +299,15 @@ public Boolean isValid() {
299299
* @throws XPathExpressionException
300300
*/
301301
public String getIssuer() throws XPathExpressionException {
302-
String issuer = null;
303-
NodeList issuers = this.query("/samlp:LogoutResponse/saml:Issuer");
304-
if (issuers.getLength() == 1) {
305-
issuer = issuers.item(0).getTextContent();
306-
}
307-
return issuer;
302+
String issuer = null;
303+
NodeList issuers = this.query("/samlp:LogoutResponse/saml:Issuer");
304+
if (issuers.getLength() == 1) {
305+
issuer = issuers.item(0).getTextContent();
306+
}
307+
if (issuer != null) {
308+
issuer = issuer.toString();
309+
}
310+
return issuer;
308311
}
309312

310313
/**

core/src/main/java/com/onelogin/saml2/util/Util.java

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1647,7 +1647,11 @@ public static SamlResponseStatus getStatus(String statusXpath, Document dom) thr
16471647

16481648
NodeList messageEntry = Util.query(dom, statusXpath + "/samlp:StatusMessage", (Element) statusEntry.item(0));
16491649
if (messageEntry.getLength() == 1) {
1650-
status.setStatusMessage(messageEntry.item(0).getTextContent());
1650+
String statusMessage = messageEntry.item(0).getTextContent();
1651+
if(statusMessage != null) {
1652+
statusMessage = statusMessage.trim();
1653+
}
1654+
status.setStatusMessage(statusMessage);
16511655
}
16521656

16531657
return status;

0 commit comments

Comments
 (0)