diff options
author | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2019-12-13 08:36:02 +0100 |
---|---|---|
committer | Thomas Lenz <thomas.lenz@egiz.gv.at> | 2019-12-13 08:36:02 +0100 |
commit | d0f580d24d52f56b3a66e1d63f9e668a1ebcd721 (patch) | |
tree | fcdf0dea949c647f8da4e79d3860b1b2c5322529 /connector/src/main/java/at | |
parent | ed3410c2cf6a38e9f3c7d986853bd454e15f4637 (diff) | |
download | National_eIDAS_Gateway-d0f580d24d52f56b3a66e1d63f9e668a1ebcd721.tar.gz National_eIDAS_Gateway-d0f580d24d52f56b3a66e1d63f9e668a1ebcd721.tar.bz2 National_eIDAS_Gateway-d0f580d24d52f56b3a66e1d63f9e668a1ebcd721.zip |
fix possible NullPointerException1.1.0
add jUnit test
Diffstat (limited to 'connector/src/main/java/at')
-rw-r--r-- | connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java | 69 |
1 files changed, 36 insertions, 33 deletions
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java index 2e58d863..482e6761 100644 --- a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java +++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java @@ -162,47 +162,50 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor { // validate and process requested attributes boolean sectorDetected = false; - final List<XMLObject> requestedAttributes = authnReq.getExtensions().getUnknownXMLObjects(); - for (final XMLObject reqAttrObj : requestedAttributes) { - if (reqAttrObj instanceof EaafRequestedAttributes) { - final EaafRequestedAttributes reqAttr = (EaafRequestedAttributes) reqAttrObj; - if (reqAttr.getAttributes() != null && reqAttr.getAttributes().size() != 0) { - for (final EaafRequestedAttribute el : reqAttr.getAttributes()) { - log.trace("Processing req. attribute '" + el.getName() + "' ... "); - if (el.getName().equals(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME)) { - if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) { - final String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent(); - final ServiceProviderConfiguration spConfig = pendingReq.getServiceProviderConfiguration( - ServiceProviderConfiguration.class); - - try { - spConfig.setBpkTargetIdentifier(sectorId); - sectorDetected = true; - - } catch (final EaafException e) { - log.info("Requested sector: " + sectorId + " DOES NOT match to allowed sectors for SP: " - + spConfig.getUniqueIdentifier()); + + if (authnReq.getExtensions() != null) { + final List<XMLObject> requestedAttributes = authnReq.getExtensions().getUnknownXMLObjects(); + for (final XMLObject reqAttrObj : requestedAttributes) { + if (reqAttrObj instanceof EaafRequestedAttributes) { + final EaafRequestedAttributes reqAttr = (EaafRequestedAttributes) reqAttrObj; + if (reqAttr.getAttributes() != null && reqAttr.getAttributes().size() != 0) { + for (final EaafRequestedAttribute el : reqAttr.getAttributes()) { + log.trace("Processing req. attribute '" + el.getName() + "' ... "); + if (el.getName().equals(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME)) { + if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) { + final String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent(); + final ServiceProviderConfiguration spConfig = pendingReq.getServiceProviderConfiguration( + ServiceProviderConfiguration.class); + + try { + spConfig.setBpkTargetIdentifier(sectorId); + sectorDetected = true; + + } catch (final EaafException e) { + log.info("Requested sector: " + sectorId + " DOES NOT match to allowed sectors for SP: " + + spConfig.getUniqueIdentifier()); + } + + } else { + log.info("Req. attribute '" + el.getName() + + "' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute"); } - + } else { - log.info("Req. attribute '" + el.getName() - + "' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute"); + log.debug("Ignore req. attribute: " + el.getName()); } - - } else { - log.debug("Ignore req. attribute: " + el.getName()); + } - + + } else { + log.debug("No requested Attributes in Authn. Request"); } - + } else { - log.debug("No requested Attributes in Authn. Request"); + log.info("Ignore unknown requested attribute: " + reqAttrObj.getElementQName().toString()); } - - } else { - log.info("Ignore unknown requested attribute: " + reqAttrObj.getElementQName().toString()); + } - } if (!sectorDetected) { |