Allow for a NameIDPolicy without a specified format
[java-idp.git] / src / edu / internet2 / middleware / shibboleth / idp / profile / saml2 / AbstractSAML2ProfileHandler.java
index a5c900b..338b392 100644 (file)
@@ -410,8 +410,13 @@ public abstract class AbstractSAML2ProfileHandler extends AbstractSAMLProfileHan
 
         ShibbolethSAMLAttributeRequestContext<NameID, AttributeQuery> queryContext;
 
+        if(requestContext.getSamlRequest() instanceof AttributeQuery){
         queryContext = new ShibbolethSAMLAttributeRequestContext<NameID, AttributeQuery>(getMetadataProvider(),
                 requestContext.getRelyingPartyConfiguration(), (AttributeQuery) requestContext.getSamlRequest());
+        }else{
+            queryContext = new ShibbolethSAMLAttributeRequestContext<NameID, AttributeQuery>(getMetadataProvider(),
+                    requestContext.getRelyingPartyConfiguration(), null);
+        }
         queryContext.setAttributeRequester(requestContext.getAssertingPartyId());
         queryContext.setPrincipalName(requestContext.getPrincipalName());
         queryContext.setProfileConfiguration(requestContext.getProfileConfiguration());
@@ -638,7 +643,7 @@ public abstract class AbstractSAML2ProfileHandler extends AbstractSAMLProfileHan
             AuthnRequest authnRequest = (AuthnRequest) requestContext.getSamlRequest();
             if (authnRequest.getNameIDPolicy() != null) {
                 nameFormat = authnRequest.getNameIDPolicy().getFormat();
-                if (assertingPartySupportedFormats.contains(nameFormat)) {
+                if (!DatatypeHelper.isEmpty(nameFormat) && assertingPartySupportedFormats.contains(nameFormat)) {
                     nameFormats.add(nameFormat);
                 } else {
                     requestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER_URI,
@@ -725,6 +730,9 @@ public abstract class AbstractSAML2ProfileHandler extends AbstractSAMLProfileHan
         auditLogEntry.setRequestId(context.getSamlRequest().getID());
         auditLogEntry.setResponseBinding(context.getMessageEncoder().getBindingURI());
         auditLogEntry.setResponseId(context.getSamlResponse().getID());
+        if(context.getPrincipalAttributes() != null){
+            auditLogEntry.getReleasedAttributes().addAll(context.getPrincipalAttributes().keySet());
+        }
         getAduitLog().log(Level.CRITICAL, auditLogEntry);
     }