From 992492e0f2f526cd07e63b03cd70a81fca6a94ec Mon Sep 17 00:00:00 2001
From: Rob Crittenden <rcritten@redhat.com>
Date: Wed, 21 Oct 2015 10:52:38 -0400
Subject: [PATCH] Don't crash if no NameIdPolicy is requested

This fixes two problems:

1. Logging was done before a None check was completed
2. The None check was insufficient because the whole object
   could be None

https://fedorahosted.org/ipsilon/ticket/189

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
---
 ipsilon/providers/saml2/provider.py | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/ipsilon/providers/saml2/provider.py b/ipsilon/providers/saml2/provider.py
index 6cbf5ab..6d46ad2 100644
--- a/ipsilon/providers/saml2/provider.py
+++ b/ipsilon/providers/saml2/provider.py
@@ -254,10 +254,12 @@ class ServiceProvider(ServiceProviderConfig):
         self.load_config()
 
     def get_valid_nameid(self, nip):
-        self.debug('Requested NameId [%s]' % (nip.format,))
-        if nip.format is None:
+        if nip is None or nip.format is None:
+            self.debug('No NameId requested, returning default [%s]'
+                       % SAML2_NAMEID_MAP[self.default_nameid])
             return SAML2_NAMEID_MAP[self.default_nameid]
         else:
+            self.debug('Requested NameId [%s]' % (nip.format,))
             allowed = self.allowed_nameids
             self.debug('Allowed NameIds %s' % (repr(allowed)))
             for nameid in allowed:
-- 
2.20.1