You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@syncope.apache.org by co...@apache.org on 2017/08/10 16:56:10 UTC

[1/2] syncope git commit: Avoid an NPE if the SAML Response Issuer is null

Repository: syncope
Updated Branches:
  refs/heads/master 97744afe7 -> 8e73cd830


Avoid an NPE if the SAML Response Issuer is null


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/13230e26
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/13230e26
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/13230e26

Branch: refs/heads/master
Commit: 13230e268b9361dbb056c8960a2e10e7cb7333b1
Parents: 97744af
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Aug 10 13:15:51 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Aug 10 13:15:51 2017 +0100

----------------------------------------------------------------------
 .../src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java | 3 +++
 1 file changed, 3 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/13230e26/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
index f6953e6..87b7eb6 100644
--- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
+++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/SAML2SPLogic.java
@@ -363,6 +363,9 @@ public class SAML2SPLogic extends AbstractSAML2Logic<AbstractBaseBean> {
         }
 
         // 3. validate the SAML response and, if needed, decrypt the provided assertion(s)
+        if (samlResponse.getIssuer() == null || samlResponse.getIssuer().getValue() == null) {
+            throw new IllegalArgumentException("The SAML Response must contain an Issuer");
+        }
         final SAML2IdPEntity idp = getIdP(samlResponse.getIssuer().getValue());
         if (idp.getConnObjectKeyItem() == null) {
             throw new IllegalArgumentException("No mapping provided for SAML 2.0 IdP '" + idp.getId() + "'");

[2/2] syncope git commit: Support EC keys for signing in the SAML SSO module

Posted by co...@apache.org.

Support EC keys for signing in the SAML SSO module


Project: http://git-wip-us.apache.org/repos/asf/syncope/repo
Commit: http://git-wip-us.apache.org/repos/asf/syncope/commit/8e73cd83
Tree: http://git-wip-us.apache.org/repos/asf/syncope/tree/8e73cd83
Diff: http://git-wip-us.apache.org/repos/asf/syncope/diff/8e73cd83

Branch: refs/heads/master
Commit: 8e73cd830305a5ed72fe3d57b225c2ed5a7a9280
Parents: 13230e2
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Thu Aug 10 17:02:26 2017 +0100
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Thu Aug 10 17:02:26 2017 +0100

----------------------------------------------------------------------
 .../org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java    | 3 +++
 1 file changed, 3 insertions(+)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/syncope/blob/8e73cd83/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
----------------------------------------------------------------------
diff --git a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
index 096dccb..e83af5e 100644
--- a/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
+++ b/ext/saml2sp/logic/src/main/java/org/apache/syncope/core/logic/saml2/SAML2ReaderWriter.java
@@ -103,6 +103,9 @@ public class SAML2ReaderWriter {
         if (pubKeyAlgo.equalsIgnoreCase("DSA")) {
             sigAlgo = SignatureConstants.ALGO_ID_SIGNATURE_DSA_SHA1;
             jceSigAlgo = "SHA1withDSA";
+        } else if (pubKeyAlgo.equalsIgnoreCase("EC")) {
+            sigAlgo = SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA1;
+            jceSigAlgo = "SHA1withECDSA";
         }
 
         callbackHandler = new SAMLSPCallbackHandler(loader.getKeyPass());