Make the Issuer on the Response Optional

pitbulk · pitbulk · commit 13381fd524b8 · 2017-03-06T20:59:08.000+01:00
diff --git a/lib/Saml2/Error.php b/lib/Saml2/Error.php
@@ -78,7 +78,7 @@ class OneLogin_Saml2_ValidationError extends Exception
     const WRONG_DESTINATION = 24;
     const EMPTY_DESTINATION = 25;
     const WRONG_AUDIENCE = 26;
-    const ISSUER_NOT_FOUND_IN_RESPONSE = 27;
+    const ISSUER_MULTIPLE_IN_RESPONSE = 27;
     const ISSUER_NOT_FOUND_IN_ASSERTION = 28;
     const WRONG_ISSUER = 29;
     const SESSION_EXPIRED = 30;
diff --git a/lib/Saml2/Response.php b/lib/Saml2/Response.php
@@ -523,13 +523,15 @@ public function getIssuers()
         $issuers = array();
 
         $responseIssuer = OneLogin_Saml2_Utils::query($this->document, '/samlp:Response/saml:Issuer');
-        if ($responseIssuer->length == 1) {
-            $issuers[] = $responseIssuer->item(0)->textContent;
-        } else {
-            throw new OneLogin_Saml2_ValidationError(
-                "Issuer of the Response not found or multiple.",
-                OneLogin_Saml2_ValidationError::ISSUER_NOT_FOUND_IN_RESPONSE
-            );
+        if ($responseIssuer->length > 0) {
+            if ($responseIssuer->length == 1) {
+                $issuers[] = $responseIssuer->item(0)->textContent;
+            } else {
+                throw new OneLogin_Saml2_ValidationError(
+                    "Issuer of the Response is multiple.",
+                    OneLogin_Saml2_ValidationError::ISSUER_MULTIPLE_IN_RESPONSE
+                );
+            }
         }
 
         $assertionIssuer = $this->_queryAssertion('/saml:Issuer');
diff --git a/tests/src/OneLogin/Saml2/ResponseTest.php b/tests/src/OneLogin/Saml2/ResponseTest.php
@@ -490,12 +490,8 @@ public function testGetIssuers()
 
         $xml4 = file_get_contents(TEST_ROOT . '/data/responses/invalids/no_issuer_response.xml.base64');
         $response4 = new OneLogin_Saml2_Response($this->_settings, $xml4);
-        try {
-            $issuers = $response4->getIssuers();
-            $this->fail('OneLogin_Saml2_ValidationError was not raised');
-        } catch (OneLogin_Saml2_ValidationError $e) {
-            $this->assertContains('Issuer of the Response not found or multiple.', $e->getMessage());
-        }
+        $issuers = $response4->getIssuers();
+        $this->assertEquals(array('http://idp.example.com/'), $response4->getIssuers());
 
         $xml5 = file_get_contents(TEST_ROOT . '/data/responses/invalids/no_issuer_assertion.xml.base64');
         $response5 = new OneLogin_Saml2_Response($this->_settings, $xml5);
