search

k2n / saml20-clj

A Clojure SAML 2.0 library for SSO
0 stars 1 forks source link

NullPointerException is thrown on parsing SAMLResponse #2

Closed k2n closed 7 years ago

k2n commented 7 years ago

Problem

NullPointerException is thrown on parsing SAMLResponse sent back from Microsoft ADFS. 

 16 Apr 2017 22:07:50,196 [WARN ] org.eclipse.jetty.server.HttpChannel: /saml
 java.lang.NullPointerException
  at clojure.lang.Reflector.invokeNoArgInstanceMember(Reflector.java:301)
  at saml20_clj.sp$parse_saml_assertion.invokeStatic(sp.clj:255)
  at saml20_clj.sp$parse_saml_assertion.invoke(sp.clj:235)
  at clojure.core$map$fn__4785.invoke(core.clj:2646)
  at clojure.lang.LazySeq.sval(LazySeq.java:40)
  at clojure.lang.LazySeq.seq(LazySeq.java:49)
  at clojure.lang.LazySeq.first(LazySeq.java:71)
  at clojure.lang.RT.first(RT.java:667)
  at clojure.core$first__4339.invokeStatic(core.clj:55)
  at clojure.core$first__4339.invoke(core.clj:55)
  at myproject.routes.saml$fn__43788$sso_opts__43793$fn__43794.invoke(saml.clj:32)
  at myproject.routes.saml$fn__43788$sso_opts__43793.invoke(saml.clj:30)
  at myproject.routes.saml$saml_routes$fn__43812.invoke(saml.clj:120)
  at compojure.core$make_route$fn__20837.invoke(core.clj:135)
  at compojure.core$wrap_route_middleware$fn__20830.invoke(core.clj:122)
  at compojure.core$wrap_route_info$fn__20834.invoke(core.clj:126)
  at compojure.core$if_route$fn__20792.invoke(core.clj:45)
  at compojure.core$if_method$fn__20782.invoke(core.clj:27)
  at compojure.core$routing$fn__20844.invoke(core.clj:151)
  at clojure.core$some.invokeStatic(core.clj:2592)
  at clojure.core$some.invoke(core.clj:2583)
  at compojure.core$routing.invokeStatic(core.clj:151)
  at compojure.core$routing.doInvoke(core.clj:148)
  at clojure.lang.RestFn.applyTo(RestFn.java:139)
  at clojure.core$apply.invokeStatic(core.clj:648)
  at clojure.core$apply.invoke(core.clj:641)
  at compojure.core$routes$fn__20848.invoke(core.clj:156)
  at compojure.api.core$handle$fn__24712.invoke(core.clj:8)
  at clojure.core$some.invokeStatic(core.clj:2592)
  at clojure.core$some.invoke(core.clj:2583)
  at compojure.api.core$handle.invokeStatic(core.clj:8)
  at compojure.api.core$handle.invoke(core.clj:7)
  at clojure.core$partial$fn__4759.invoke(core.clj:2515)
  at compojure.api.routes.Route.invoke(routes.clj:74)
  at clojure.lang.Var.invoke(Var.java:379)
  at ring.middleware.flash$wrap_flash$fn__44077.invoke(flash.clj:35)
  at ring.middleware.session$wrap_session$fn__29803.invoke(session.clj:102)
  at ring.middleware.keyword_params$wrap_keyword_params$fn__22498.invoke(keyword_params.clj:35)
  at ring.middleware.nested_params$wrap_nested_params$fn__22542.invoke(nested_params.clj:84)
  at ring.middleware.multipart_params$wrap_multipart_params$fn__25614.invoke(multipart_params.clj:117)
  at ring.middleware.params$wrap_params$fn__22598.invoke(params.clj:64)
  at ring.middleware.cookies$wrap_cookies$fn__29708.invoke(cookies.clj:161)
  at ring.middleware.absolute_redirects$wrap_absolute_redirects$fn__44186.invoke(absolute_redirects.clj:36)
  at ring.middleware.resource$wrap_resource$fn__44138.invoke(resource.clj:28)
  at ring.middleware.content_type$wrap_content_type$fn__24748.invoke(content_type.clj:30)
  at ring.middleware.default_charset$wrap_default_charset$fn__44169.invoke(default_charset.clj:26)
  at ring.middleware.not_modified$wrap_not_modified$fn__24769.invoke(not_modified.clj:52)
  at ring.middleware.x_headers$wrap_xss_protection$fn__44061.invoke(x_headers.clj:71)
  at ring.middleware.x_headers$wrap_frame_options$fn__44049.invoke(x_headers.clj:38)
  at ring.middleware.x_headers$wrap_content_type_options$fn__44055.invoke(x_headers.clj:53)
  at myproject.handler$wrap_no_cache$fn__44815.invoke(handler.clj:235)
  at ring.middleware.multipart_params$wrap_multipart_params$fn__25614.invoke(multipart_params.clj:117)
  at ring.adapter.jetty$proxy_handler$fn__44963.invoke(jetty.clj:24)
  at ring.adapter.jetty.proxy$org.eclipse.jetty.server.handler.AbstractHandler$ff19274a.handle(Unknown Source)
  at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:97)
  at org.eclipse.jetty.server.Server.handle(Server.java:497)
  at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:310)
  at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:257)
  at org.eclipse.jetty.io.AbstractConnection$2.run(AbstractConnection.java:540)
  at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:635)
  at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:555)
  at java.lang.Thread.run(Thread.java:745)

h4. Observations

h4. Suggestions

k2n commented 7 years ago

NameID can be nil based on the configuration of claim according to the thread. Going to handle the case when nameID is not set gracefully.

https://social.msdn.microsoft.com/Forums/vstudio/en-US/3d95af98-170d-4fe4-a418-d23139e68230/nameid-in-saml-assertion?forum=Geneva