Cwikius-Spring/spring-security
1
0
Fork 0
mirror of https://github.com/spring-projects/spring-security.git synced 2025-07-24 11:13:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Collect All Validation Errors

Browse Source 
- OpenSaml4AuthenticationProvider now collects all validation errors
instead of treating some as their own exception

Issue gh-10220
This commit is contained in:
Josh Cummings 2022-02-16 15:04:42 -07:00
parent a99a04f050
commit 5cda362c47
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
saml2/saml2-service-provider/src/opensaml4Main/java/org/springframework/security/saml2/provider/service/authentication/OpenSaml4AuthenticationProvider.java
View File

@ -380,8 +380,8 @@ public final class OpenSaml4AuthenticationProvider implements AuthenticationProv
result = result.concat(new Saml2Error(Saml2ErrorCodes.INVALID_ISSUER, message)); result = result.concat(new Saml2Error(Saml2ErrorCodes.INVALID_ISSUER, message));
} }
if (response.getAssertions().isEmpty()) { if (response.getAssertions().isEmpty()) {
throw createAuthenticationException(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA, result = result.concat(
"No assertions found in response.", null); new Saml2Error(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA, "No assertions found in response."));
} }
return result; return result;
}; };
@ -505,10 +505,10 @@ public final class OpenSaml4AuthenticationProvider implements AuthenticationProv
if (!responseSigned && !allAssertionsSigned) { if (!responseSigned && !allAssertionsSigned) {
String description = "Either the response or one of the assertions is unsigned. " String description = "Either the response or one of the assertions is unsigned. "
+ "Please either sign the response or all of the assertions."; + "Please either sign the response or all of the assertions.";
throw createAuthenticationException(Saml2ErrorCodes.INVALID_SIGNATURE, description, null); result = result.concat(new Saml2Error(Saml2ErrorCodes.INVALID_SIGNATURE, description));
} }
Assertion firstAssertion = CollectionUtils.firstElement(response.getAssertions()); Assertion firstAssertion = CollectionUtils.firstElement(response.getAssertions());
if (!hasName(firstAssertion)) { if (firstAssertion != null && !hasName(firstAssertion)) {
Saml2Error error = new Saml2Error(Saml2ErrorCodes.SUBJECT_NOT_FOUND, Saml2Error error = new Saml2Error(Saml2ErrorCodes.SUBJECT_NOT_FOUND,
"Assertion [" + firstAssertion.getID() + "] is missing a subject"); "Assertion [" + firstAssertion.getID() + "] is missing a subject");
result = result.concat(error); result = result.concat(error);