use of org.apache.cxf.rs.security.saml.DeflateEncoderDecoder in project testcases by coheigea.
the class SamlSso method login.
@GET
public javax.ws.rs.core.Response login(@QueryParam("SAMLRequest") String samlRequest, @QueryParam("RelayState") String relayState) throws Exception {
byte[] deflatedToken = Base64Utility.decode(samlRequest);
InputStream tokenStream = new DeflateEncoderDecoder().inflateToken(deflatedToken);
Document responseDoc = StaxUtils.read(new InputStreamReader(tokenStream, "UTF-8"));
AuthnRequest request = (AuthnRequest) OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
System.out.println(DOM2Writer.nodeToString(responseDoc));
String racs = request.getAssertionConsumerServiceURL();
String requestIssuer = request.getIssuer().getValue();
// Match the RACS + Issuer against known values
boolean match = false;
if (serviceProviders != null) {
for (ServiceProvider sp : serviceProviders) {
if (sp.getIssuer() != null && sp.getIssuer().equals(requestIssuer) && ((sp.getRacs() != null && sp.getRacs().equals(racs)) || sp.getRacs() == null)) {
match = true;
}
}
}
if (!match) {
throw new BadRequestException();
}
// Create the response
Element response = createResponse(request.getID(), racs, requestIssuer);
String responseStr = encodeResponse(response);
// Perform Redirect to RACS
UriBuilder ub = UriBuilder.fromUri(racs);
ub.queryParam("SAMLResponse", responseStr);
ub.queryParam("RelayState", relayState);
return javax.ws.rs.core.Response.seeOther(ub.build()).build();
}
use of org.apache.cxf.rs.security.saml.DeflateEncoderDecoder in project testcases by coheigea.
the class SamlSso method encodeResponse.
private String encodeResponse(Element response) throws IOException {
String responseMessage = DOM2Writer.nodeToString(response);
System.out.println("RESP: " + responseMessage);
DeflateEncoderDecoder encoder = new DeflateEncoderDecoder();
byte[] deflatedBytes = encoder.deflateToken(responseMessage.getBytes("UTF-8"));
return Base64Utility.encode(deflatedBytes);
}
use of org.apache.cxf.rs.security.saml.DeflateEncoderDecoder in project syncope by apache.
the class SAML2ReaderWriter method encode.
public String encode(final RequestAbstractType request, final boolean useDeflateEncoding) throws WSSecurityException, TransformerException, IOException {
StringWriter writer = new StringWriter();
write(writer, request, true);
writer.close();
String requestMessage = writer.toString();
byte[] deflatedBytes;
// not correct according to the spec but required by some IdPs.
if (useDeflateEncoding) {
deflatedBytes = new DeflateEncoderDecoder().deflateToken(requestMessage.getBytes(StandardCharsets.UTF_8));
} else {
deflatedBytes = requestMessage.getBytes(StandardCharsets.UTF_8);
}
return Base64.getEncoder().encodeToString(deflatedBytes);
}
use of org.apache.cxf.rs.security.saml.DeflateEncoderDecoder in project syncope by apache.
the class SAML2ReaderWriter method read.
public XMLObject read(final boolean useDeflateEncoding, final String response) throws DataFormatException, UnsupportedEncodingException, XMLStreamException, WSSecurityException {
InputStream tokenStream;
byte[] deflatedToken = Base64.getDecoder().decode(response);
tokenStream = useDeflateEncoding ? new DeflateEncoderDecoder().inflateToken(deflatedToken) : new ByteArrayInputStream(deflatedToken);
// parse the provided SAML response
Document responseDoc = StaxUtils.read(new InputStreamReader(tokenStream, StandardCharsets.UTF_8));
XMLObject responseObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
if (LOG.isDebugEnabled()) {
try {
StringWriter writer = new StringWriter();
write(writer, responseObject, false);
writer.close();
LOG.debug("Parsed SAML response: {}", writer.toString());
} catch (Exception e) {
LOG.error("Could not log the received SAML response", e);
}
}
return responseObject;
}
use of org.apache.cxf.rs.security.saml.DeflateEncoderDecoder in project cxf by apache.
the class AbstractRequestAssertionConsumerHandler method readSAMLResponse.
private org.opensaml.saml.saml2.core.Response readSAMLResponse(boolean postBinding, String samlResponse) {
if (StringUtils.isEmpty(samlResponse)) {
reportError("MISSING_SAML_RESPONSE");
throw ExceptionUtils.toBadRequestException(null, null);
}
String samlResponseDecoded = samlResponse;
/*
// URL Decoding only applies for the re-direct binding
if (!postBinding) {
try {
samlResponseDecoded = URLDecoder.decode(samlResponse, StandardCharsets.UTF_8);
} catch (UnsupportedEncodingException e) {
throw ExceptionUtils.toBadRequestException(null, null);
}
}
*/
final Reader reader;
if (isSupportBase64Encoding()) {
try {
byte[] deflatedToken = Base64Utility.decode(samlResponseDecoded);
final InputStream tokenStream = !postBinding && isSupportDeflateEncoding() ? new DeflateEncoderDecoder().inflateToken(deflatedToken) : new ByteArrayInputStream(deflatedToken);
reader = new InputStreamReader(tokenStream, StandardCharsets.UTF_8);
} catch (Base64Exception | DataFormatException ex) {
throw ExceptionUtils.toBadRequestException(ex, null);
}
} else {
reader = new StringReader(samlResponseDecoded);
}
final Document responseDoc;
try {
responseDoc = StaxUtils.read(reader);
} catch (Exception ex) {
throw new WebApplicationException(400);
}
if (LOG.isLoggable(Level.FINE)) {
LOG.fine("Received response: " + DOM2Writer.nodeToString(responseDoc.getDocumentElement()));
}
final XMLObject responseObject;
try {
responseObject = OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
} catch (WSSecurityException ex) {
throw ExceptionUtils.toBadRequestException(ex, null);
}
if (!(responseObject instanceof org.opensaml.saml.saml2.core.Response)) {
throw ExceptionUtils.toBadRequestException(null, null);
}
return (org.opensaml.saml.saml2.core.Response) responseObject;
}
Aggregations