Examples with MessageEncodingException org.opensaml.messaging.encoder.MessageEncodingException used on opensource projects

Example 6 with MessageEncodingException

use of org.opensaml.messaging.encoder.MessageEncodingException in project pac4j by pac4j.

the class Pac4jHTTPRedirectDeflateEncoder method generateSignature.

/**
 * Generates the signature over the query string.
 *
 * @param signingCredential credential that will be used to sign query string
 * @param algorithmURI algorithm URI of the signing credential
 * @param queryString query string to be signed
 *
 * @return base64 encoded signature of query string
 *
 * @throws MessageEncodingException there is an error computing the signature
 */
protected String generateSignature(Credential signingCredential, String algorithmURI, String queryString) throws MessageEncodingException {
    log.debug(String.format("Generating signature with key type '%s', algorithm URI '%s' over query string '%s'", CredentialSupport.extractSigningKey(signingCredential).getAlgorithm(), algorithmURI, queryString));
    String b64Signature = null;
    try {
        byte[] rawSignature = XMLSigningUtil.signWithURI(signingCredential, algorithmURI, queryString.getBytes(StandardCharsets.UTF_8));
        b64Signature = Base64Support.encode(rawSignature, Base64Support.UNCHUNKED);
        log.debug("Generated digital signature value (base64-encoded) {}", b64Signature);
    } catch (final org.opensaml.security.SecurityException e) {
        throw new MessageEncodingException("Unable to sign URL query string", e);
    }
    return b64Signature;
}

Example 7 with MessageEncodingException

use of org.opensaml.messaging.encoder.MessageEncodingException in project pac4j by pac4j.

the class Pac4jHTTPRedirectDeflateEncoder method deflateAndBase64Encode.

/**
 * DEFLATE (RFC1951) compresses the given SAML message.
 *
 * @param message SAML message
 *
 * @return DEFLATE compressed message
 *
 * @throws MessageEncodingException thrown if there is a problem compressing the message
 */
protected String deflateAndBase64Encode(SAMLObject message) throws MessageEncodingException {
    log.debug("Deflating and Base64 encoding SAML message");
    try {
        String messageStr = SerializeSupport.nodeToString(marshallMessage(message));
        log.trace("Output XML message: {}", messageStr);
        ByteArrayOutputStream bytesOut = new ByteArrayOutputStream();
        Deflater deflater = new Deflater(Deflater.DEFLATED, true);
        DeflaterOutputStream deflaterStream = new DeflaterOutputStream(bytesOut, deflater);
        deflaterStream.write(messageStr.getBytes(StandardCharsets.UTF_8));
        deflaterStream.finish();
        return Base64Support.encode(bytesOut.toByteArray(), Base64Support.UNCHUNKED);
    } catch (IOException e) {
        throw new MessageEncodingException("Unable to DEFLATE and Base64 encode SAML message", e);
    }
}

Example 8 with MessageEncodingException

use of org.opensaml.messaging.encoder.MessageEncodingException in project pac4j by pac4j.

the class Pac4jHTTPRedirectDeflateEncoder method buildRedirectURL.

/**
 * Builds the URL to redirect the client to.
 *
 * @param messageContext current message context
 * @param endpoint endpoint URL to send encoded message to
 * @param message Deflated and Base64 encoded message
 *
 * @return URL to redirect client to
 *
 * @throws MessageEncodingException thrown if the SAML message is neither a RequestAbstractType or Response
 */
protected String buildRedirectURL(MessageContext<SAMLObject> messageContext, String endpoint, String message) throws MessageEncodingException {
    log.debug("Building URL to redirect client to");
    URLBuilder urlBuilder = null;
    try {
        urlBuilder = new URLBuilder(endpoint);
    } catch (MalformedURLException e) {
        throw new MessageEncodingException("Endpoint URL " + endpoint + " is not a valid URL", e);
    }
    List<Pair<String, String>> queryParams = urlBuilder.getQueryParams();
    queryParams.clear();
    SAMLObject outboundMessage = messageContext.getMessage();
    if (outboundMessage instanceof RequestAbstractType) {
        queryParams.add(new Pair<>("SAMLRequest", message));
    } else if (outboundMessage instanceof StatusResponseType) {
        queryParams.add(new Pair<>("SAMLResponse", message));
    } else {
        throw new MessageEncodingException("SAML message is neither a SAML RequestAbstractType or StatusResponseType");
    }
    String relayState = SAMLBindingSupport.getRelayState(messageContext);
    if (SAMLBindingSupport.checkRelayState(relayState)) {
        queryParams.add(new Pair<>("RelayState", relayState));
    }
    SignatureSigningParameters signingParameters = SAMLMessageSecuritySupport.getContextSigningParameters(messageContext);
    if (signingParameters != null && signingParameters.getSigningCredential() != null) {
        String sigAlgURI = getSignatureAlgorithmURI(signingParameters);
        Pair<String, String> sigAlg = new Pair<>("SigAlg", sigAlgURI);
        queryParams.add(sigAlg);
        String sigMaterial = urlBuilder.buildQueryString();
        queryParams.add(new Pair<>("Signature", generateSignature(signingParameters.getSigningCredential(), sigAlgURI, sigMaterial)));
    } else {
        log.debug("No signing credential was supplied, skipping HTTP-Redirect DEFLATE signing");
    }
    return urlBuilder.buildURL();
}