diff options
author | Thomas <> | 2021-07-01 07:38:29 +0200 |
---|---|---|
committer | Thomas <> | 2021-07-01 07:38:29 +0200 |
commit | b4cbcc2c27c450719fad325ba7d7126d8688d7f2 (patch) | |
tree | 49459260d0d53d760b8ade76359753f8f4d07bb3 /eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification | |
parent | a3088068b6d3f6d6719ca5943eec556d01c0655d (diff) | |
download | EAAF-Components-b4cbcc2c27c450719fad325ba7d7126d8688d7f2.tar.gz EAAF-Components-b4cbcc2c27c450719fad325ba7d7126d8688d7f2.tar.bz2 EAAF-Components-b4cbcc2c27c450719fad325ba7d7126d8688d7f2.zip |
add tracelog into SAML2 verification engine
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification')
-rw-r--r-- | eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java index 8bc770eb..a209a131 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java @@ -30,6 +30,8 @@ import javax.xml.validation.Validator; import org.apache.commons.lang3.StringUtils; import org.joda.time.DateTime; import org.opensaml.core.criterion.EntityIdCriterion; +import org.opensaml.core.xml.io.MarshallingException; +import org.opensaml.core.xml.util.XMLObjectSupport; import org.opensaml.saml.common.xml.SAMLConstants; import org.opensaml.saml.common.xml.SAMLSchemaBuilder; import org.opensaml.saml.common.xml.SAMLSchemaBuilder.SAML1Version; @@ -77,6 +79,7 @@ import lombok.extern.slf4j.Slf4j; import net.shibboleth.utilities.java.support.net.BasicURLComparator; import net.shibboleth.utilities.java.support.net.URIException; import net.shibboleth.utilities.java.support.resolver.CriteriaSet; +import net.shibboleth.utilities.java.support.xml.SerializeSupport; @Slf4j public class SamlVerificationEngine { @@ -247,6 +250,7 @@ public class SamlVerificationEngine { // validate each assertion final List<Assertion> validatedassertions = new ArrayList<>(); for (final Assertion saml2assertion : saml2assertions) { + traceLogFullAssertion(saml2assertion); if (internalAssertionValidation(saml2assertion, spEntityID, validateDateTime)) { log.debug("Add valid Assertion:" + saml2assertion.getID()); validatedassertions.add(saml2assertion); @@ -275,6 +279,19 @@ public class SamlVerificationEngine { } } + private void traceLogFullAssertion(Assertion saml2assertion) { + if (log.isTraceEnabled()) { + try { + log.trace("Decrypted SAML2 Response:", SerializeSupport.nodeToString( + XMLObjectSupport.getMarshaller(saml2assertion).marshall(saml2assertion))); + + } catch (MarshallingException e) { + log.info("Can NOT trace decrypted SAML2 Assertion", e); + + } + } + } + private boolean internalAssertionValidation(Assertion saml2assertion, String spEntityId, boolean validateDateTime) { boolean isAssertionValid = true; |