requestContext.setMessageDecoder(decoder);
decoder.decode(requestContext);
log.debug("Decoded request");
+
+ if (!(requestContext.getInboundMessage() instanceof Request)) {
+ log.error("Incomming message was not a Request, it was a {}", requestContext.getInboundMessage()
+ .getClass().getName());
+ requestContext
+ .setFailureStatus(buildStatus(StatusCode.REQUESTER, null, "Invalid SAML Request message."));
+ throw new ProfileException("Invalid SAML Request message.");
+ }
+
return requestContext;
} catch (MessageDecodingException e) {
log.error("Error decoding attribute query message", e);
throw new ProfileException("Message did not meet security policy requirements", e);
} finally {
// Set as much information as can be retrieved from the decoded message
-
Request request = requestContext.getInboundSAMLMessage();
if (request == null) {
log.error("Decoder did not contain an attribute query, an error occured decoding the message");
throw new ProfileException("Unable to decode message.");
}
AttributeQuery query = request.getAttributeQuery();
- if(query != null){
+ if (query != null) {
requestContext.setSubjectNameIdentifier(query.getSubject().getNameIdentifier());
}
requestContext.setMessageDecoder(decoder);
decoder.decode(requestContext);
log.debug("Decoded request");
+
+ if (!(requestContext.getInboundMessage() instanceof AttributeQuery)) {
+ log.error("Incomming message was not a AttributeQuery, it was a {}", requestContext.getInboundMessage()
+ .getClass().getName());
+ requestContext.setFailureStatus(buildStatus(StatusCode.REQUESTER_URI, null,
+ "Invalid SAML AttributeQuery message."));
+ throw new ProfileException("Invalid SAML AttributeQuery message.");
+ }
+
return requestContext;
} catch (MessageDecodingException e) {
log.error("Error decoding attribute query message", e);
} finally {
// Set as much information as can be retrieved from the decoded message
AttributeQuery query = requestContext.getInboundSAMLMessage();
- if(query != null){
+ if (query != null) {
requestContext.setSubjectNameIdentifier(query.getSubject().getNameID());
}
-
+
String relyingPartyId = requestContext.getInboundMessageIssuer();
RelyingPartyConfiguration rpConfig = getRelyingPartyConfiguration(relyingPartyId);
if (rpConfig == null) {
*
* @return request context with decoded information
*
- * @throws ProfileException thrown if the incomming message failed decoding
+ * @throws ProfileException thrown if the incoming message failed decoding
*/
protected SSORequestContext decodeRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport)
throws ProfileException {
SAMLMessageDecoder decoder = getMessageDecoders().get(getInboundBinding());
requestContext.setMessageDecoder(decoder);
decoder.decode(requestContext);
+ log.debug("Decoded request");
+
+ if (!(requestContext.getInboundMessage() instanceof AuthnRequest)) {
+ log.error("Incomming message was not a AuthnRequest, it was a {}", requestContext.getInboundMessage()
+ .getClass().getName());
+ requestContext.setFailureStatus(buildStatus(StatusCode.REQUESTER_URI, null,
+ "Invalid SAML AuthnRequest message."));
+ throw new ProfileException("Invalid SAML AuthnRequest message.");
+ }
+
return requestContext;
} catch (MessageDecodingException e) {
log.error("Error decoding authentication request message", e);
projects / java-idp.git / commitdiff