diff options
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpPostDecoder.java')
-rw-r--r-- | eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpPostDecoder.java | 60 |
1 files changed, 24 insertions, 36 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpPostDecoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpPostDecoder.java index d23affba..fdd44b9a 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpPostDecoder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpPostDecoder.java @@ -2,18 +2,18 @@ package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml; import java.io.ByteArrayInputStream; import java.io.InputStream; +import java.io.UnsupportedEncodingException; -import javax.annotation.Nonnull; -import javax.annotation.Nullable; import javax.servlet.http.HttpServletRequest; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SamlHttpUtils; + import org.opensaml.core.xml.XMLObject; import org.opensaml.messaging.decoder.MessageDecodingException; import org.opensaml.saml.saml2.binding.decoding.impl.HTTPPostDecoder; import com.google.common.base.Strings; - -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import lombok.extern.slf4j.Slf4j; import net.shibboleth.utilities.java.support.codec.Base64Support; @@ -27,14 +27,22 @@ import net.shibboleth.utilities.java.support.codec.Base64Support; @Slf4j public class EaafHttpPostDecoder extends HTTPPostDecoder { + private static final String SAML_REQ_PARAM_NAME = "SAMLRequest"; + private static final String SAML_RESP_PARAM_NAME = "SAMLResponse"; + + public EaafHttpPostDecoder(HttpServletRequest req) { + setHttpServletRequest(req); + } + @Override protected InputStream getBase64DecodedMessage(final HttpServletRequest request) throws MessageDecodingException { log.debug("Getting Base64 encoded message from request"); - String encodedMessage = getLastParameterFromRequest(request, "SAMLRequest"); + String encodedMessage = SamlHttpUtils.getLastParameterFromRequest(request, SAML_REQ_PARAM_NAME); if (Strings.isNullOrEmpty(encodedMessage)) { - encodedMessage = getLastParameterFromRequest(request, "SAMLResponse"); + encodedMessage = SamlHttpUtils.getLastParameterFromRequest(request, SAML_RESP_PARAM_NAME); + } if (Strings.isNullOrEmpty(encodedMessage)) { @@ -43,14 +51,17 @@ public class EaafHttpPostDecoder extends HTTPPostDecoder { throw new MessageDecodingException("No SAML message present in request"); } - log.trace("Base64 decoding SAML message:\n{}", encodedMessage); + log.trace("Base64 decoding SAML message: {}", encodedMessage); final byte[] decodedBytes = Base64Support.decode(encodedMessage); - if (decodedBytes == null) { - log.info("Unable to Base64 decode SAML message"); - throw new MessageDecodingException("Unable to Base64 decode SAML message"); + + try { + log.trace("Decoded SAML message: {}", new String(decodedBytes, "UTF-8")); + + } catch (final UnsupportedEncodingException e) { + log.warn("Logging of incomming message failed", e); + } - log.trace("Decoded SAML message:\n{}", new String(decodedBytes)); return new ByteArrayInputStream(decodedBytes); } @@ -61,31 +72,8 @@ public class EaafHttpPostDecoder extends HTTPPostDecoder { */ @Override protected XMLObject unmarshallMessage(final InputStream messageStream) throws MessageDecodingException { - return Saml2Utils.unmarshallMessage(messageStream); - - } - - /** - * Always read the last parameter with this name from request to get a strict - * deterministic behavior. <br> - * <br> - * <b><i>If more than one parameters with the same name exists, this method - * always select the last parameter value.</i></b> - * - * @param request Incoming http request - * @param paramName Name of the http parameter - * @return the last parameter value with this name, or <code>null</code> if the - * parameter not exists - */ - @Nullable - private String getLastParameterFromRequest(@Nonnull HttpServletRequest request, @Nonnull String paramName) { - final String[] values = request.getParameterValues(paramName); - if (values != null && values.length > 0) { - return values[values.length - 1]; - - } - - return null; + return Saml2Utils.unmarshallMessage(messageStream); } + } |