You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/10/19 14:21:05 UTC
[cxf-fediz] branch 1.4.x-fixes updated: Fixing some issues thrown
up by Spotbugs
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch 1.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git
The following commit(s) were added to refs/heads/1.4.x-fixes by this push:
new 60b9c3b Fixing some issues thrown up by Spotbugs
60b9c3b is described below
commit 60b9c3b687a89b4ce75dfecf6e921ad9b5840ffb
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Fri Oct 19 15:20:35 2018 +0100
Fixing some issues thrown up by Spotbugs
---
.../cxf/fediz/core/processor/FederationProcessorImpl.java | 2 +-
.../idp/beans/samlsso/AbstractSamlResponseCreator.java | 13 +++++++------
2 files changed, 8 insertions(+), 7 deletions(-)
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
index b31cee7..bb9af1c 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/FederationProcessorImpl.java
@@ -135,7 +135,7 @@ public class FederationProcessorImpl extends AbstractFedizProcessor {
el = DOMUtils.getFirstElement(el);
}
if (el == null || !"RequestSecurityTokenResponse".equals(el.getLocalName())) {
- LOG.warn("Unexpected root element of wresult: '" + el.getLocalName() + "'");
+ LOG.warn("Unexpected root element of wresult: '" + (el == null ? "null" : el.getLocalName()) + "'");
throw new ProcessingException(TYPE.INVALID_REQUEST);
}
el = DOMUtils.getFirstElement(el);
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AbstractSamlResponseCreator.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AbstractSamlResponseCreator.java
index 0e9c802..2baad7b 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AbstractSamlResponseCreator.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AbstractSamlResponseCreator.java
@@ -80,15 +80,13 @@ abstract class AbstractSamlResponseCreator {
return;
}
Crypto issuerCrypto = CertsUtils.getCryptoFromCertificate(idp.getCertificate());
- String issuerKeyName = issuerCrypto.getDefaultX509Identifier();
- String issuerKeyPassword = idp.getCertificatePassword();
- Signature signature = OpenSAMLUtil.buildSignature();
- signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
- CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
- cryptoType.setAlias(issuerKeyName);
X509Certificate[] issuerCerts = null;
+ String issuerKeyName = null;
if (issuerCrypto != null) {
+ CryptoType cryptoType = new CryptoType(CryptoType.TYPE.ALIAS);
+ issuerKeyName = issuerCrypto.getDefaultX509Identifier();
+ cryptoType.setAlias(issuerKeyName);
issuerCerts = issuerCrypto.getX509Certificates(cryptoType);
}
if (issuerCerts == null || issuerCerts.length == 0) {
@@ -108,6 +106,7 @@ abstract class AbstractSamlResponseCreator {
LOG.debug("Using Signature algorithm {}", sigAlgo);
PrivateKey privateKey;
try {
+ String issuerKeyPassword = idp.getCertificatePassword();
privateKey = issuerCrypto.getPrivateKey(issuerKeyName, issuerKeyPassword);
} catch (Exception ex) {
throw new WSSecurityException(WSSecurityException.ErrorCode.FAILURE, ex);
@@ -117,6 +116,8 @@ abstract class AbstractSamlResponseCreator {
new Object[] {"No private key was found using issuer name: " + issuerKeyName});
}
+ Signature signature = OpenSAMLUtil.buildSignature();
+ signature.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
signature.setSignatureAlgorithm(sigAlgo);
BasicX509Credential signingCredential =