Clean up some code so that requests contexts are always available even when message...

git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/branches/REL_2@2810 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

diff --git a/doc/RELEASE-NOTES.txt b/doc/RELEASE-NOTES.txt
index d22c699..f4c97fd 100644 (file)
--- a/doc/RELEASE-NOTES.txt
+++ b/doc/RELEASE-NOTES.txt
@@ -3,6 +3,7 @@ Changes in Release 2.1.1
 [SIDP-248] - Signing code in profile handlers and encoders should not just check that a signing credential is supplied, but that a signing key is available in that credential.
 [SIDP-249] - PreviousSession INFO message printed as ERROR message
 [SIDP-250] - AuthenticationEngine::returnToAuthenticationEngine() static method called before servlet init() when clustered.
+[SIDP-251[ - NPE when SAML1 Attribute Query Handler hit with GET request
 [SIDP-252] - IdPSessionFilter throws ArrayIndexOutOfBoundsException on validation of unexpected cookie
 
 Changes in Release 2.1.0

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/AbstractSAMLProfileHandler.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/AbstractSAMLProfileHandler.java
index 3627629..7063493 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/AbstractSAMLProfileHandler.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/AbstractSAMLProfileHandler.java
@@ -495,12 +495,22 @@ public abstract class AbstractSAMLProfileHandler extends
      */
     protected void encodeResponse(BaseSAMLProfileRequestContext requestContext) throws ProfileException {
         try {
-            SAMLMessageEncoder encoder = getMessageEncoders().get(requestContext.getPeerEntityEndpoint().getBinding());
-            if (encoder == null) {
-                log.error("No outbound message encoder configured for binding {}", requestContext
-                        .getPeerEntityEndpoint().getBinding());
-                throw new ProfileException("No outbound message encoder configured for binding "
-                        + requestContext.getPeerEntityEndpoint().getBinding());
+            SAMLMessageEncoder encoder = null;
+
+            Endpoint endpoint = requestContext.getPeerEntityEndpoint();
+            if (endpoint == null) {
+                log.error("No peer endpoint available for peer. Unable to send response.");
+                throw new ProfileException("No peer endpoint available for peer. Unable to send response.");
+            }
+
+            if (endpoint != null) {
+                encoder = getMessageEncoders().get(endpoint.getBinding());
+                if (encoder == null) {
+                    log.error("No outbound message encoder configured for binding: {}", requestContext
+                            .getPeerEntityEndpoint().getBinding());
+                    throw new ProfileException("No outbound message encoder configured for binding: "
+                            + requestContext.getPeerEntityEndpoint().getBinding());
+                }
             }
 
             AbstractSAMLProfileConfiguration profileConfig = (AbstractSAMLProfileConfiguration) requestContext

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/AbstractSAML1ProfileHandler.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/AbstractSAML1ProfileHandler.java
index ad48e2e..73322a7 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/AbstractSAML1ProfileHandler.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/AbstractSAML1ProfileHandler.java
@@ -431,11 +431,9 @@ public abstract class AbstractSAML1ProfileHandler extends AbstractSAMLProfileHan
             ResponseAbstractType response) {
         response.setID(getIdGenerator().generateIdentifier());
 
-        if (requestContext != null) {
-            SAMLObject samlMessage = requestContext.getInboundSAMLMessage();
-            if (samlMessage != null && samlMessage instanceof RequestAbstractType) {
-                response.setInResponseTo(((RequestAbstractType) samlMessage).getID());
-            }
+        SAMLObject samlMessage = requestContext.getInboundSAMLMessage();
+        if (samlMessage != null && samlMessage instanceof RequestAbstractType) {
+            response.setInResponseTo(((RequestAbstractType) samlMessage).getID());
         }
 
         response.setVersion(SAMLVersion.VERSION_11);
@@ -704,22 +702,23 @@ public abstract class AbstractSAML1ProfileHandler extends AbstractSAMLProfileHan
         /** {@inheritDoc} */
         public String toString() {
             StringBuilder entryString = new StringBuilder(super.toString());
-            
+
             NameIdentifier nameIdentifier = null;
             StringBuilder assertionIds = new StringBuilder();
             List<Assertion> assertions = samlResponse.getAssertions();
-            if(assertions != null && !assertions.isEmpty()){
-                for(Assertion assertion : assertions){
+            if (assertions != null && !assertions.isEmpty()) {
+                for (Assertion assertion : assertions) {
                     assertionIds.append(assertion.getID());
                     assertionIds.append(",");
-                    
-                    if(nameIdentifier == null){
+
+                    if (nameIdentifier == null) {
                         List<Statement> statements = assertion.getStatements();
-                        if(statements != null && !statements.isEmpty()){
-                            for(Statement statement : statements){
-                                if(statement instanceof SubjectStatement){
-                                    if(((SubjectStatement)statement).getSubject() != null){
-                                        nameIdentifier = ((SubjectStatement)statement).getSubject().getNameIdentifier();
+                        if (statements != null && !statements.isEmpty()) {
+                            for (Statement statement : statements) {
+                                if (statement instanceof SubjectStatement) {
+                                    if (((SubjectStatement) statement).getSubject() != null) {
+                                        nameIdentifier = ((SubjectStatement) statement).getSubject()
+                                                .getNameIdentifier();
                                     }
                                 }
                             }
@@ -727,15 +726,15 @@ public abstract class AbstractSAML1ProfileHandler extends AbstractSAMLProfileHan
                     }
                 }
             }
-            
-            if(nameIdentifier != null){
+
+            if (nameIdentifier != null) {
                 entryString.append(nameIdentifier.getNameIdentifier());
             }
             entryString.append("|");
-            
+
             entryString.append(assertionIds.toString());
             entryString.append("|");
-            
+
             return entryString.toString();
         }
     }

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ArtifactResolution.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ArtifactResolution.java
index 2f71579..97db7a9 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ArtifactResolution.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ArtifactResolution.java
@@ -93,7 +93,8 @@ public class ArtifactResolution extends AbstractSAML1ProfileHandler {
     public void processRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport) throws ProfileException {
         Response samlResponse;
 
-        ArtifactResolutionRequestContext requestContext = decodeRequest(inTransport, outTransport);
+        ArtifactResolutionRequestContext requestContext = new ArtifactResolutionRequestContext();
+        decodeRequest(requestContext, inTransport, outTransport);
 
         try {
             if (requestContext.getProfileConfiguration() == null) {
@@ -129,16 +130,14 @@ public class ArtifactResolution extends AbstractSAML1ProfileHandler {
      * 
      * @param inTransport inbound message transport
      * @param outTransport outbound message transport
-     * 
-     * @return the created request context
+     * @param requestContext request context to which decoded information should be added
      * 
      * @throws ProfileException throw if there is a problem decoding the request
      */
-    protected ArtifactResolutionRequestContext decodeRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport)
-            throws ProfileException {
+    protected void decodeRequest(ArtifactResolutionRequestContext requestContext, HTTPInTransport inTransport,
+            HTTPOutTransport outTransport) throws ProfileException {
         log.debug("Decoding message with decoder binding {}", getInboundBinding());
 
-        ArtifactResolutionRequestContext requestContext = new ArtifactResolutionRequestContext();
         requestContext.setCommunicationProfileId(getProfileId());
 
         MetadataProvider metadataProvider = getMetadataProvider();
@@ -157,11 +156,10 @@ public class ArtifactResolution extends AbstractSAML1ProfileHandler {
             requestContext.setMessageDecoder(decoder);
             decoder.decode(requestContext);
             log.debug("Decoded request");
-            return requestContext;
         } catch (MessageDecodingException e) {
             log.error("Error decoding artifact resolve message", e);
             requestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER, null, "Error decoding message"));
-            throw new ProfileException("Error decoding artifact resolve message",e);
+            throw new ProfileException("Error decoding artifact resolve message", e);
         } catch (SecurityException e) {
             log.error("Message did not meet security requirements", e);
             requestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER, StatusCode.REQUEST_DENIED,

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/AttributeQueryProfileHandler.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/AttributeQueryProfileHandler.java
index def74f8..af9f72e 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/AttributeQueryProfileHandler.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/AttributeQueryProfileHandler.java
@@ -74,11 +74,11 @@ public class AttributeQueryProfileHandler extends AbstractSAML1ProfileHandler {
 
     /** {@inheritDoc} */
     public void processRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport) throws ProfileException {
-        AttributeQueryContext requestContext = null;
+        AttributeQueryContext requestContext = new AttributeQueryContext();
         Response samlResponse;
         try {
-            requestContext = decodeRequest(inTransport, outTransport);
-            
+            decodeRequest(requestContext, inTransport, outTransport);
+
             if (requestContext.getProfileConfiguration() == null) {
                 log.error("SAML 1 Attribute Query profile is not configured for relying party "
                         + requestContext.getInboundMessageIssuer());
@@ -126,16 +126,14 @@ public class AttributeQueryProfileHandler extends AbstractSAML1ProfileHandler {
      * 
      * @param inTransport inbound message transport
      * @param outTransport outbound message transport
-     * 
-     * @return the created request context
+     * @param requestContext the request context to which decoded information should be added
      * 
      * @throws ProfileException throw if there is a problem decoding the request
      */
-    protected AttributeQueryContext decodeRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport)
-            throws ProfileException {
+    protected void decodeRequest(AttributeQueryContext requestContext, HTTPInTransport inTransport,
+            HTTPOutTransport outTransport) throws ProfileException {
         log.debug("Decoding message with decoder binding {}", getInboundBinding());
 
-        AttributeQueryContext requestContext = new AttributeQueryContext();
         requestContext.setCommunicationProfileId(getProfileId());
 
         MetadataProvider metadataProvider = getMetadataProvider();
@@ -165,8 +163,6 @@ public class AttributeQueryProfileHandler extends AbstractSAML1ProfileHandler {
                         "Invalid SAML Attribute Request message."));
                 throw new ProfileException("Invalid SAML Attribute Request message.");
             }
-
-            return requestContext;
         } catch (MessageDecodingException e) {
             log.error("Error decoding attribute query message", e);
             requestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER, null, "Error decoding message"));

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java
index 5448708..1996bd6 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml1/ShibbolethSSOProfileHandler.java
@@ -139,8 +139,9 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
 
         HttpServletRequest httpRequest = ((HttpServletRequestAdapter) inTransport).getWrappedRequest();
         HttpServletResponse httpResponse = ((HttpServletResponseAdapter) outTransport).getWrappedResponse();
+        ShibbolethSSORequestContext requestContext = new ShibbolethSSORequestContext();
 
-        ShibbolethSSORequestContext requestContext = decodeRequest(inTransport, outTransport);
+        decodeRequest(requestContext, inTransport, outTransport);
         ShibbolethSSOLoginContext loginContext = requestContext.getLoginContext();
 
         RelyingPartyConfiguration rpConfig = getRelyingPartyConfiguration(loginContext.getRelyingPartyId());
@@ -175,18 +176,16 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
      * 
      * @param inTransport inbound message transport
      * @param outTransport outbound message transport
-     * 
-     * @return the created request context
+     * @param requestContext the request context to which decoded information should be added
      * 
      * @throws ProfileException throw if there is a problem decoding the request
      */
-    protected ShibbolethSSORequestContext decodeRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport)
-            throws ProfileException {
+    protected void decodeRequest(ShibbolethSSORequestContext requestContext, HTTPInTransport inTransport,
+            HTTPOutTransport outTransport) throws ProfileException {
         log.debug("Decoding message with decoder binding {}", getInboundBinding());
 
         HttpServletRequest httpRequest = ((HttpServletRequestAdapter) inTransport).getWrappedRequest();
 
-        ShibbolethSSORequestContext requestContext = new ShibbolethSSORequestContext();
         requestContext.setCommunicationProfileId(getProfileId());
 
         requestContext.setMetadataProvider(getMetadataProvider());
@@ -219,8 +218,6 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
         loginContext.setAuthenticationEngineURL(authenticationManagerPath);
         loginContext.setProfileHandlerURL(HttpHelper.getRequestUriWithoutContext(httpRequest));
         requestContext.setLoginContext(loginContext);
-
-        return requestContext;
     }
 
     /**
@@ -358,8 +355,8 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
                 endpoint.setBinding(getSupportedOutboundBindings().get(0));
                 log.warn("Generating endpoint for anonymous relying party. ACS url {} and binding {}", new Object[] {
                         requestContext.getInboundMessageIssuer(), endpoint.getLocation(), endpoint.getBinding(), });
-            }else{
-               log.warn("Unable to generate endpoint for anonymous party.  No ACS url provided."); 
+            } else {
+                log.warn("Unable to generate endpoint for anonymous party.  No ACS url provided.");
             }
         } else {
             ShibbolethSSOEndpointSelector endpointSelector = new ShibbolethSSOEndpointSelector();
@@ -397,9 +394,9 @@ public class ShibbolethSSOProfileHandler extends AbstractSAML1ProfileHandler {
 
         Subject statementSubject;
         Endpoint endpoint = selectEndpoint(requestContext);
-        if(endpoint.getBinding().equals(SAMLConstants.SAML1_ARTIFACT_BINDING_URI)){
+        if (endpoint.getBinding().equals(SAMLConstants.SAML1_ARTIFACT_BINDING_URI)) {
             statementSubject = buildSubject(requestContext, "urn:oasis:names:tc:SAML:1.0:cm:artifact");
-        }else{
+        } else {
             statementSubject = buildSubject(requestContext, "urn:oasis:names:tc:SAML:1.0:cm:bearer");
         }
         statement.setSubject(statementSubject);

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/AbstractSAML2ProfileHandler.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/AbstractSAML2ProfileHandler.java
index 4f97a9e..bb2f659 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/AbstractSAML2ProfileHandler.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/AbstractSAML2ProfileHandler.java
@@ -396,12 +396,10 @@ public abstract class AbstractSAML2ProfileHandler extends AbstractSAMLProfileHan
     protected void populateStatusResponse(BaseSAML2ProfileRequestContext<?, ?, ?> requestContext,
             StatusResponseType response) {
         response.setID(getIdGenerator().generateIdentifier());
-        
-        if (requestContext != null && requestContext.getInboundSAMLMessage() != null) {
-            response.setInResponseTo(requestContext.getInboundSAMLMessageId());
-            response.setIssuer(buildEntityIssuer(requestContext));
-        }
-        
+
+        response.setInResponseTo(requestContext.getInboundSAMLMessageId());
+        response.setIssuer(buildEntityIssuer(requestContext));
+
         response.setVersion(SAMLVersion.VERSION_20);
     }
 
@@ -875,7 +873,6 @@ public abstract class AbstractSAML2ProfileHandler extends AbstractSAMLProfileHan
 
         return kekCredentialResolver.resolveSingle(criteriaSet);
     }
-    
 
     /**
      * Writes an audit log entry indicating the successful response to the attribute request.
@@ -900,7 +897,7 @@ public abstract class AbstractSAML2ProfileHandler extends AbstractSAMLProfileHan
 
         getAduitLog().info(auditLogEntry.toString());
     }
-    
+
     /** SAML 1 specific audit log entry. */
     protected class SAML2AuditLogEntry extends AuditLogEntry {
 
@@ -932,30 +929,30 @@ public abstract class AbstractSAML2ProfileHandler extends AbstractSAMLProfileHan
             NameID nameIdentifier = null;
             StringBuilder assertionIds = new StringBuilder();
 
-            if(samlResponse instanceof Response){
-            List<Assertion> assertions = ((Response)samlResponse).getAssertions();
-            if(assertions != null && !assertions.isEmpty()){
-                for(Assertion assertion : assertions){
-                    assertionIds.append(assertion.getID());
-                    assertionIds.append(",");
-                    
-                    if(nameIdentifier == null){
-                        if(assertion.getSubject() != null){
-                            nameIdentifier = assertion.getSubject().getNameID();
+            if (samlResponse instanceof Response) {
+                List<Assertion> assertions = ((Response) samlResponse).getAssertions();
+                if (assertions != null && !assertions.isEmpty()) {
+                    for (Assertion assertion : assertions) {
+                        assertionIds.append(assertion.getID());
+                        assertionIds.append(",");
+
+                        if (nameIdentifier == null) {
+                            if (assertion.getSubject() != null) {
+                                nameIdentifier = assertion.getSubject().getNameID();
+                            }
                         }
                     }
                 }
             }
-            }
-            
-            if(nameIdentifier != null){
+
+            if (nameIdentifier != null) {
                 entryString.append(nameIdentifier.getValue());
             }
             entryString.append("|");
-            
+
             entryString.append(assertionIds.toString());
             entryString.append("|");
-            
+
             return entryString.toString();
         }
     }

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/ArtifactResolution.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/ArtifactResolution.java
index 6a56cda..dddc21f 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/ArtifactResolution.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/ArtifactResolution.java
@@ -89,9 +89,10 @@ public class ArtifactResolution extends AbstractSAML2ProfileHandler {
     public void processRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport) throws ProfileException {
         ArtifactResponse samlResponse;
 
-        ArtifactResolutionRequestContext requestContext = decodeRequest(inTransport, outTransport);
-
+        ArtifactResolutionRequestContext requestContext = new ArtifactResolutionRequestContext();
         try {
+            decodeRequest(requestContext, inTransport, outTransport);
+            
             if (requestContext.getProfileConfiguration() == null) {
                 log.error("SAML 2 Artifact Resolve profile is not configured for relying party "
                         + requestContext.getInboundMessageIssuer());
@@ -145,16 +146,14 @@ public class ArtifactResolution extends AbstractSAML2ProfileHandler {
      * 
      * @param inTransport inbound message transport
      * @param outTransport outbound message transport
-     * 
-     * @return the created request context
+     * @param requestContext request context to which decoded information should be added
      * 
      * @throws ProfileException throw if there is a problem decoding the request
      */
-    protected ArtifactResolutionRequestContext decodeRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport)
-            throws ProfileException {
+    protected void decodeRequest(ArtifactResolutionRequestContext requestContext, HTTPInTransport inTransport,
+            HTTPOutTransport outTransport) throws ProfileException {
         log.debug("Decoding message with decoder binding {}", getInboundBinding());
 
-        ArtifactResolutionRequestContext requestContext = new ArtifactResolutionRequestContext();
         requestContext.setCommunicationProfileId(getProfileId());
 
         MetadataProvider metadataProvider = getMetadataProvider();
@@ -173,7 +172,6 @@ public class ArtifactResolution extends AbstractSAML2ProfileHandler {
             requestContext.setMessageDecoder(decoder);
             decoder.decode(requestContext);
             log.debug("Decoded request");
-            return requestContext;
         } catch (MessageDecodingException e) {
             log.error("Error decoding artifact resolve message", e);
             requestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER_URI, null, "Error decoding message"));
@@ -226,7 +224,9 @@ public class ArtifactResolution extends AbstractSAML2ProfileHandler {
      */
     protected void populateSAMLMessageInformation(BaseSAMLProfileRequestContext requestContext) throws ProfileException {
         ArtifactResolve samlMessage = (ArtifactResolve) requestContext.getInboundSAMLMessage();
-        ((ArtifactResolutionRequestContext) requestContext).setArtifact(samlMessage.getArtifact().getArtifact());
+        if(samlMessage != null && samlMessage.getArtifact() != null){
+            ((ArtifactResolutionRequestContext) requestContext).setArtifact(samlMessage.getArtifact().getArtifact());
+        }
     }
 
     /**

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/AttributeQueryProfileHandler.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/AttributeQueryProfileHandler.java
index 4773a23..8560e95 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/AttributeQueryProfileHandler.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/AttributeQueryProfileHandler.java
@@ -73,11 +73,11 @@ public class AttributeQueryProfileHandler extends AbstractSAML2ProfileHandler {
     public void processRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport) throws ProfileException {
         Response samlResponse;
 
-        AttributeQueryContext requestContext = null;
+        AttributeQueryContext requestContext = new AttributeQueryContext();
 
         try {
-            requestContext = decodeRequest(inTransport, outTransport);
-            
+            decodeRequest(requestContext, inTransport, outTransport);
+
             if (requestContext.getProfileConfiguration() == null) {
                 log.error("SAML 2 Attribute Query profile is not configured for relying party "
                         + requestContext.getInboundMessageIssuer());
@@ -130,17 +130,15 @@ public class AttributeQueryProfileHandler extends AbstractSAML2ProfileHandler {
      * Decodes an incoming request and populates a created request context with the resultant information.
      * 
      * @param inTransport inbound message transport
-     * @param outTransport outbound message transport
-     * 
-     * @return the created request context
+     * @param outTransport outbound message transport *
+     * @param requestContext request context to which decoded information should be added
      * 
      * @throws ProfileException throw if there is a problem decoding the request
      */
-    protected AttributeQueryContext decodeRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport)
-            throws ProfileException {
+    protected void decodeRequest(AttributeQueryContext requestContext, HTTPInTransport inTransport,
+            HTTPOutTransport outTransport) throws ProfileException {
         log.debug("Decoding message with decoder binding {}", getInboundBinding());
 
-        AttributeQueryContext requestContext = new AttributeQueryContext();
         requestContext.setCommunicationProfileId(getProfileId());
 
         MetadataProvider metadataProvider = getMetadataProvider();
@@ -167,8 +165,6 @@ public class AttributeQueryProfileHandler extends AbstractSAML2ProfileHandler {
                         "Invalid SAML AttributeQuery message."));
                 throw new ProfileException("Invalid SAML AttributeQuery message.");
             }
-
-            return requestContext;
         } catch (MessageDecodingException e) {
             log.error("Error decoding attribute query message", e);
             requestContext.setFailureStatus(buildStatus(StatusCode.RESPONDER_URI, null, "Error decoding message"));

diff --git a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java
index dc3dd17..4e5aae3 100644 (file)
--- a/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java
+++ b/src/main/java/edu/internet2/middleware/shibboleth/idp/profile/saml2/SSOProfileHandler.java
@@ -75,6 +75,7 @@ import edu.internet2.middleware.shibboleth.common.util.HttpHelper;
 import edu.internet2.middleware.shibboleth.idp.authn.LoginContext;
 import edu.internet2.middleware.shibboleth.idp.authn.PassiveAuthenticationException;
 import edu.internet2.middleware.shibboleth.idp.authn.Saml2LoginContext;
+import edu.internet2.middleware.shibboleth.idp.profile.saml1.ShibbolethSSOProfileHandler.ShibbolethSSORequestContext;
 import edu.internet2.middleware.shibboleth.idp.session.Session;
 
 /** SAML 2.0 SSO request profile handler. */
@@ -161,9 +162,10 @@ public class SSOProfileHandler extends AbstractSAML2ProfileHandler {
     protected void performAuthentication(HTTPInTransport inTransport, HTTPOutTransport outTransport)
             throws ProfileException {
         HttpServletRequest servletRequest = ((HttpServletRequestAdapter) inTransport).getWrappedRequest();
+        SSORequestContext requestContext = new SSORequestContext();
 
         try {
-            SSORequestContext requestContext = decodeRequest(inTransport, outTransport);
+            decodeRequest(requestContext, inTransport, outTransport);
 
             String relyingPartyId = requestContext.getInboundMessageIssuer();
             RelyingPartyConfiguration rpConfig = getRelyingPartyConfiguration(relyingPartyId);
@@ -277,15 +279,14 @@ public class SSOProfileHandler extends AbstractSAML2ProfileHandler {
      * 
      * @param inTransport inbound transport
      * @param outTransport outbound transport
-     * 
-     * @return request context with decoded information
+     * @param requestContext request context to which decoded information should be added
      * 
      * @throws ProfileException thrown if the incoming message failed decoding
      */
-    protected SSORequestContext decodeRequest(HTTPInTransport inTransport, HTTPOutTransport outTransport)
-            throws ProfileException {
+    protected void decodeRequest(SSORequestContext requestContext, HTTPInTransport inTransport,
+            HTTPOutTransport outTransport) throws ProfileException {
         log.debug("Decoding message with decoder binding {}", getInboundBinding());
-        SSORequestContext requestContext = new SSORequestContext();
+
         requestContext.setCommunicationProfileId(getProfileId());
 
         requestContext.setMetadataProvider(getMetadataProvider());
@@ -312,8 +313,6 @@ public class SSOProfileHandler extends AbstractSAML2ProfileHandler {
                         "Invalid SAML AuthnRequest message."));
                 throw new ProfileException("Invalid SAML AuthnRequest message.");
             }
-
-            return requestContext;
         } catch (MessageDecodingException e) {
             log.error("Error decoding authentication request message", e);
             throw new ProfileException("Error decoding authentication request message", e);
@@ -546,7 +545,6 @@ public class SSOProfileHandler extends AbstractSAML2ProfileHandler {
 
         return endpoint;
     }
-    
 
     /**
      * Deserailizes an authentication request from a string.