Merge pull request #90 from davidjnelson/php-saml-library-needs-to-tr…

…im-acs-slo-and-issuer-urls-#89 php-saml library needs to trim acs, slo and issuer urls #89
SAML-Toolkits · Oct 1, 2015 · 1308a45 · 1308a45
2 parents ba7e0aa + 072f351
commit 1308a45
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/.gitignore b/.gitignore
@@ -11,3 +11,4 @@
 /tests/build
 /vendor
 /composer.lock
+/.idea
diff --git a/lib/Saml2/Response.php b/lib/Saml2/Response.php
@@ -169,10 +169,11 @@ public function isValid($requestId = null)
 
                 // Check destination
                 if ($this->document->documentElement->hasAttribute('Destination')) {
-                    $destination = $this->document->documentElement->getAttribute('Destination');
+                    $destination = trim($this->document->documentElement->getAttribute('Destination'));
                     if (!empty($destination)) {
                         if (strpos($destination, $currentURL) !== 0) {
                             $currentURLrouted = OneLogin_Saml2_Utils::getSelfRoutedURLNoQuery();
+
                             if (strpos($destination, $currentURLrouted) !== 0) {
                                 throw new Exception("The response was received at $currentURL instead of $destination");
                             }
@@ -189,7 +190,9 @@ public function isValid($requestId = null)
                 // Check the issuers
                 $issuers = $this->getIssuers();
                 foreach ($issuers as $issuer) {
-                    if (empty($issuer) || $issuer != $idPEntityId) {
+                    $trimmedIssuer = trim($issuer);
+
+                    if (empty($trimmedIssuer) || $trimmedIssuer !== $idPEntityId) {
                         throw new Exception("Invalid issuer in the Assertion/Response");
                     }
                 }