Uploaded image for project: 'Keycloak'
  1. Keycloak
  2. KEYCLOAK-11416

NullPointerException in org.keycloak.adapters.saml.profile.AbstractSamlAuthenticationHandler.getAttributeValue

    Details

    • Sprint:
      Keycloak Sprint 33
    • Steps to Reproduce:
      Hide

      try to handle saml response containing no attribute value

      .....
      <saml:Attribute Name="PersonImmutableID" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
      <saml:AttributeValue xsi:nil="true" xsi:type="xs:string"/>
      </saml:Attribute>
      </saml:AttributeStatement>
      </saml:Assertion>
      </samlp:Response>

      Show
      try to handle saml response containing no attribute value ..... <saml:Attribute Name="PersonImmutableID" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"> <saml:AttributeValue xsi:nil="true" xsi:type="xs:string"/> </saml:Attribute> </saml:AttributeStatement> </saml:Assertion> </samlp:Response>
    • Docs QE Status:
      NEW
    • QE Status:
      NEW

      Description

      By resolving SAML response, if Attribute has no value, NullPointerException is thrown in org.keycloak.adapters.saml.profile.AbstractSamlAuthenticationHandler.getAttributeValue.

      Caused by null value in argument attrValue, and trying to log attrValue's class
      private String getAttributeValue(Object attrValue) {
      String value = null;
      if (attrValue instanceof String)

      { value = (String)attrValue; }

      else if (attrValue instanceof Node)

      { Node roleNode = (Node)attrValue; value = roleNode.getFirstChild().getNodeValue(); }

      else if (attrValue instanceof NameIDType)

      { NameIDType nameIdType = (NameIDType)attrValue; value = nameIdType.getValue(); }

      else

      { log.warn("Unable to extract unknown SAML assertion attribute value type: " + *attrValue*.getClass().getName()); }

      return value;
      }

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  mitko Michal Hajas
                  Reporter:
                  peterk776 Peter Kolarik
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  2 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: