From 720477bf5951aa4a307e1150e8a34d373f66e62b Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 24 Nov 2014 09:29:51 +0100
Subject: fix problem with SLO and interfederation

---
 .../pvp2x/builder/SingleLogOutBuilder.java          | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

(limited to 'id/server/idserverlib/src/main/java')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
index 01139d95c..50f42d928 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
@@ -43,6 +43,7 @@ import org.opensaml.saml2.core.StatusCode;
 import org.opensaml.saml2.core.StatusMessage;
 import org.opensaml.saml2.core.StatusResponseType;
 import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.IDPSSODescriptor;
 import org.opensaml.saml2.metadata.SPSSODescriptor;
 import org.opensaml.saml2.metadata.SSODescriptor;
 import org.opensaml.saml2.metadata.SingleLogoutService;
@@ -348,17 +349,29 @@ public class SingleLogOutBuilder {
 	public static SingleLogoutService getResponseSLODescriptor(PVPTargetConfiguration spRequest) throws NoMetadataInformationException, NOSLOServiceDescriptorException {
 		MOARequest moaReq = (MOARequest) spRequest.getRequest();
 		EntityDescriptor metadata = moaReq.getEntityMetadata();
-		SPSSODescriptor spsso = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
+		SSODescriptor ssodesc = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
+		
+		if (ssodesc == null) {
+			Logger.debug("No PVP SPSSO descriptor found --> search IDPSSO descriptor");
+			ssodesc = metadata.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
+						
+		}
+
+		if (ssodesc == null) {
+			Logger.error("Found no SLO ServiceDescriptor in Metadata");				
+			throw new NOSLOServiceDescriptorException("NO SLO ServiceDescriptor", null);
 			
+		}
+		
 		SingleLogoutService sloService = null;			
-		for (SingleLogoutService el : spsso.getSingleLogoutServices()) {
+		for (SingleLogoutService el : ssodesc.getSingleLogoutServices()) {
 			if (el.getBinding().equals(spRequest.getBinding()))
 				sloService = el;
 		}
 		
 		if (sloService == null)  {
-			if (spsso.getSingleLogoutServices().size() != 0)		
-				sloService = spsso.getSingleLogoutServices().get(0);
+			if (ssodesc.getSingleLogoutServices().size() != 0)		
+				sloService = ssodesc.getSingleLogoutServices().get(0);
 		
 			else {
 				Logger.error("Found no SLO ServiceDescriptor in Metadata");				
-- 
cgit v1.2.3