Skip to content

Commit 64b5d7f

Browse files
committed
Make the Issuer on the Response Optional
1 parent 73d2b2c commit 64b5d7f

3 files changed

Lines changed: 15 additions & 32 deletions

File tree

core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java

Lines changed: 8 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -649,13 +649,15 @@ public List<String> getIssuers() throws XPathExpressionException, ValidationErro
649649
List<String> issuers = new ArrayList<String>();
650650
String value;
651651
NodeList responseIssuer = Util.query(samlResponseDocument, "/samlp:Response/saml:Issuer");
652-
if (responseIssuer.getLength() == 1) {
653-
value = responseIssuer.item(0).getTextContent();
654-
if (!issuers.contains(value)) {
655-
issuers.add(value);
652+
if (responseIssuer.getLength() > 1) {
653+
if (responseIssuer.getLength() == 1) {
654+
value = responseIssuer.item(0).getTextContent();
655+
if (!issuers.contains(value)) {
656+
issuers.add(value);
657+
}
658+
} else {
659+
throw new ValidationError("Issuer of the Response is multiple.", ValidationError.ISSUER_MULTIPLE_IN_RESPONSE);
656660
}
657-
} else {
658-
throw new ValidationError("Issuer of the Response not found or multiple.", ValidationError.ISSUER_NOT_FOUND_IN_RESPONSE);
659661
}
660662

661663
NodeList assertionIssuer = this.queryAssertion("/saml:Issuer");

core/src/main/java/com/onelogin/saml2/exception/ValidationError.java

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ public class ValidationError extends Exception {
3131
public static final int WRONG_DESTINATION = 24;
3232
public static final int EMPTY_DESTINATION = 25;
3333
public static final int WRONG_AUDIENCE = 26;
34-
public static final int ISSUER_NOT_FOUND_IN_RESPONSE = 27;
34+
public static final int ISSUER_MULTIPLE_IN_RESPONSE = 27;
3535
public static final int ISSUER_NOT_FOUND_IN_ASSERTION = 28;
3636
public static final int WRONG_ISSUER = 29;
3737
public static final int SESSION_EXPIRED = 30;

core/src/test/java/com/onelogin/saml2/test/authn/AuthnResponseTest.java

Lines changed: 6 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -716,31 +716,12 @@ public void testGetIssuers() throws IOException, Error, XPathExpressionException
716716
samlResponseEncoded = Util.getFileAsString("data/responses/signed_assertion_response.xml.base64");
717717
samlResponse = new SamlResponse(settings, newHttpRequest(samlResponseEncoded));
718718
assertEquals(expectedIssuers, samlResponse.getIssuers());
719-
}
720-
721-
/**
722-
* Tests the getIssuers method of SamlResponse
723-
* Case: Issuer of the response not found
724-
*
725-
* @throws Error
726-
* @throws IOException
727-
* @throws ValidationError
728-
* @throws SettingsException
729-
* @throws SAXException
730-
* @throws ParserConfigurationException
731-
* @throws XPathExpressionException
732-
*
733-
* @see com.onelogin.saml2.authn.SamlResponse#getIssuers
734-
*/
735-
@Test
736-
public void testGetIssuersNoInResponse() throws IOException, Error, XPathExpressionException, ParserConfigurationException, SAXException, SettingsException, ValidationError {
737-
expectedEx.expect(ValidationError.class);
738-
expectedEx.expectMessage("Issuer of the Response not found or multiple.");
739719

740-
Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build();
741-
String samlResponseEncoded = Util.getFileAsString("data/responses/invalids/no_issuer_response.xml.base64");
742-
SamlResponse samlResponse = new SamlResponse(settings, newHttpRequest(samlResponseEncoded));
743-
List<String> issuers = samlResponse.getIssuers();
720+
expectedIssuers = new ArrayList<String>();
721+
expectedIssuers.add("https://app.onelogin.com/saml/metadata/13590");
722+
samlResponseEncoded = Util.getFileAsString("data/responses/invalids/no_issuer_response.xml.base64");
723+
samlResponse = new SamlResponse(settings, newHttpRequest(samlResponseEncoded));
724+
assertEquals(expectedIssuers, samlResponse.getIssuers());
744725
}
745726

746727
/**
@@ -1630,7 +1611,7 @@ public void testIsInValidIssuer() throws IOException, Error, XPathExpressionExce
16301611
settings.setStrict(true);
16311612
samlResponse = new SamlResponse(settings, newHttpRequest(samlResponseEncoded));
16321613
assertFalse(samlResponse.isValid());
1633-
assertEquals("Invalid issuer in the Assertion/Response", samlResponse.getError());
1614+
assertEquals("No Signature found. SAML Response rejected", samlResponse.getError());
16341615

16351616
}
16361617

0 commit comments

Comments
 (0)