dreamfactorysoftware · oleksandrkits · Sep 9, 2024 · Sep 9, 2024
diff --git a/src/Resources/Metadata.php b/src/Resources/Metadata.php
@@ -2,9 +2,11 @@
 
 namespace DreamFactory\Core\Saml\Resources;
 
+use DreamFactory\Core\Exceptions\BadRequestException;
 use DreamFactory\Core\Exceptions\InternalServerErrorException;
 use DreamFactory\Core\Saml\Services\SAML;
 use DreamFactory\Core\Utility\ResponseFactory;
+use DreamFactory\Core\Utility\Session as SessionUtilities;
 
 class Metadata extends BaseSamlResource
 {
@@ -15,6 +17,20 @@ class Metadata extends BaseSamlResource
      */
     protected function handleGET()
     {
+        // Check if the user is authenticated
+        if (!SessionUtilities::isAuthenticated()) {
+            // Return a JSON response with the appropriate headers
+            return ResponseFactory::create(
+                [
+                    'error' => [
+                        'code' => 400,
+                        'message' => "No session token (JWT) provided. Please provide a valid JWT using X-DreamFactory-Session-Token request header or 'session_token' url query parameter."
+                    ]
+                ],
+                'application/json', // Set content-type to JSON
+                400 // HTTP status code
+            );
+        }
         /** @var SAML $service */
         $service = $this->getParent();
         $settings = $service->getAuth()->getSettings();
@@ -53,4 +69,4 @@ protected function getApiDocPaths()
 
         return $base;
     }
-}
+}