fix(saml): fix profile initialization, improve error handling

Fixes #5153
Fixes #5270

SoObjects/SOGo/SOGoSAML2Session.m

@@ -24,7 +24,6 @@
 #include <lasso/xml/saml-2.0/saml2_attribute_value.h>
 #include <lasso/xml/saml-2.0/samlp2_authn_request.h>
 
-
 #import <NGObjWeb/WOApplication.h>
 #import <NGObjWeb/WOContext.h>
 
@@ -237,22 +236,24 @@ static NSMapTable *serverTable = nil;
 
 - (void) _updateDataFromLogin
 {
-  LassoSaml2Assertion *saml2Assertion;
   GList *statementList, *attributeList;
-  LassoSaml2AttributeStatement *statement;
-  LassoSaml2Attribute *attribute;
-  LassoSaml2AttributeValue *value;
   LassoMiscTextNode *textNode;
+  LassoNode *lassoNode;
+  LassoSaml2Assertion *saml2Assertion;
+  LassoSaml2Attribute *attribute;
+  LassoSaml2AttributeStatement *statement;
+  LassoSaml2AttributeValue *value;
   LassoSaml2NameID *nameIdentifier;
-  SOGoSystemDefaults *sd;
   NSString *loginAttribue;
+  SOGoSystemDefaults *sd;
   
   gchar *dump;
-                  
+
-  saml2Assertion = LASSO_SAML2_ASSERTION (lasso_login_get_assertion (lassoLogin));
+  lassoNode = lasso_login_get_assertion (lassoLogin);
+  saml2Assertion = LASSO_SAML2_ASSERTION (lassoNode);
   sd = [SOGoSystemDefaults sharedSystemDefaults];
   loginAttribue = [sd SAML2LoginAttribute];
-  
+
   if (saml2Assertion)
     {
       /* deduce user login */
@@ -267,6 +268,7 @@ static NSMapTable *serverTable = nil;
           while (!login && attributeList)
             {
               attribute = LASSO_SAML2_ATTRIBUTE (attributeList->data);
+
               if (loginAttribue && (strcmp (attribute->Name, [loginAttribue UTF8String]) == 0))
                 {
                   value = LASSO_SAML2_ATTRIBUTE_VALUE (attribute->AttributeValue->data);
@@ -320,8 +322,7 @@ static NSMapTable *serverTable = nil;
         assertion = nil;
     }
 
-  nameIdentifier
+  nameIdentifier = LASSO_SAML2_NAME_ID (LASSO_PROFILE (lassoLogin)->nameIdentifier);
-    = LASSO_SAML2_NAME_ID (LASSO_PROFILE (lassoLogin)->nameIdentifier);
   if (nameIdentifier)
     {
       /* deduce session id */
@@ -334,7 +335,7 @@ static NSMapTable *serverTable = nil;
 - (id) _initWithDump: (NSDictionary *) saml2Dump
            inContext: (WOContext *) context
 {
-  // lasso_error_t rc;
+  lasso_error_t rc;
   LassoServer *server;
   LassoProfile *profile;
   const gchar *dump;
@@ -346,10 +347,10 @@ static NSMapTable *serverTable = nil;
       if (saml2Dump)
         {
           profile = LASSO_PROFILE (lassoLogin);
+
           ASSIGN (login, [saml2Dump objectForKey: @"login"]);
           ASSIGN (identifier, [saml2Dump objectForKey: @"identifier"]);
           ASSIGN (assertion, [saml2Dump objectForKey: @"assertion"]);
-
           ASSIGN(identity, [saml2Dump objectForKey: @"identity"]);
           dump = [identity UTF8String];
           if (dump)
@@ -359,11 +360,10 @@ static NSMapTable *serverTable = nil;
           dump = [session UTF8String];
           if (dump)
             lasso_profile_set_session_from_dump (profile, dump);
-          
+
-          lasso_login_accept_sso (lassoLogin);
+          rc = lasso_login_accept_sso (lassoLogin);
-          // if (rc)
+          if (!rc)
-          //   [NSException raiseSAML2Exception: rc];
+            [self _updateDataFromLogin];
-          [self _updateDataFromLogin];
         }
     }
 
@@ -454,6 +454,7 @@ static NSMapTable *serverTable = nil;
 
   responseData = strdup ([authnResponse UTF8String]);
 
+  profile = LASSO_PROFILE (lassoLogin);
   rc = lasso_login_process_authn_response_msg (lassoLogin, responseData);
   if (rc)
     [NSException raiseSAML2Exception: rc];
@@ -469,8 +470,6 @@ static NSMapTable *serverTable = nil;
   [saml2Dump setObject: identifier forKey: @"identifier"];
   [saml2Dump setObject: assertion forKey: @"assertion"];
 
-  profile = LASSO_PROFILE (lassoLogin);
-
   lasso_session = lasso_profile_get_session (profile);
   if (lasso_session)
     {