diff options
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpRedirectDeflateDecoder.java')
| -rw-r--r-- | eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpRedirectDeflateDecoder.java | 37 |
1 files changed, 24 insertions, 13 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpRedirectDeflateDecoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpRedirectDeflateDecoder.java index 16d73296..c5174f02 100644 --- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpRedirectDeflateDecoder.java +++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/EaafHttpRedirectDeflateDecoder.java @@ -4,6 +4,9 @@ import java.io.InputStream; import javax.servlet.http.HttpServletRequest; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; +import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SamlHttpUtils; + import org.opensaml.core.xml.XMLObject; import org.opensaml.messaging.context.MessageContext; import org.opensaml.messaging.decoder.MessageDecodingException; @@ -13,10 +16,7 @@ import org.opensaml.saml.common.xml.SAMLConstants; import org.opensaml.saml.saml2.binding.decoding.impl.HTTPRedirectDeflateDecoder; import com.google.common.base.Strings; - -import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils; import lombok.extern.slf4j.Slf4j; -import net.shibboleth.utilities.java.support.net.URISupport; import net.shibboleth.utilities.java.support.primitive.StringSupport; /** @@ -29,6 +29,14 @@ import net.shibboleth.utilities.java.support.primitive.StringSupport; @Slf4j public class EaafHttpRedirectDeflateDecoder extends HTTPRedirectDeflateDecoder { + private static final String SAML_REQ_PARAM_NAME = "SAMLRequest"; + private static final String SAML_RESP_PARAM_NAME = "SAMLResponse"; + + public EaafHttpRedirectDeflateDecoder(HttpServletRequest req) { + setHttpServletRequest(req); + + } + @Override protected void doDecode() throws MessageDecodingException { final MessageContext<SAMLObject> messageContext = new MessageContext<>(); @@ -52,16 +60,19 @@ public class EaafHttpRedirectDeflateDecoder extends HTTPRedirectDeflateDecoder { // implement parameter extraction as same as in // SAML2HTTPRedirectDeflateSignatureSecurityHandler.java - final String queryString = getHttpServletRequest().getQueryString(); - if (!Strings.isNullOrEmpty(URISupport.getRawQueryStringParameter(queryString, "SAMLRequest"))) { - samlMessageIns = decodeMessage(URISupport.getRawQueryStringParameter(queryString, "SAMLRequest")); - } else if (!Strings.isNullOrEmpty(URISupport.getRawQueryStringParameter(queryString, "SAMLResponse"))) { - samlMessageIns = decodeMessage(URISupport.getRawQueryStringParameter(queryString, "SAMLResponse")); + final String samlReq = SamlHttpUtils.getLastParameterFromRequest(request, SAML_REQ_PARAM_NAME); + final String samlResp = SamlHttpUtils.getLastParameterFromRequest(request, SAML_RESP_PARAM_NAME); + if (!Strings.isNullOrEmpty(samlReq)) { + samlMessageIns = decodeMessage(samlReq); + + } else if (!Strings.isNullOrEmpty(samlResp)) { + samlMessageIns = decodeMessage(samlResp); + } else { throw new MessageDecodingException( "No SAMLRequest or SAMLResponse query path parameter, invalid SAML 2 HTTP Redirect message"); } - + final SAMLObject samlMessage = (SAMLObject) unmarshallMessage(samlMessageIns); messageContext.setMessage(samlMessage); log.debug("Decoded SAML message"); @@ -69,9 +80,9 @@ public class EaafHttpRedirectDeflateDecoder extends HTTPRedirectDeflateDecoder { populateBindingContext(messageContext); setMessageContext(messageContext); - + } - + /** * EAAF specific unmarshaller perform XML schema validation before unmarshalling * the SAML message. @@ -79,8 +90,8 @@ public class EaafHttpRedirectDeflateDecoder extends HTTPRedirectDeflateDecoder { */ @Override protected XMLObject unmarshallMessage(final InputStream messageStream) throws MessageDecodingException { - return Saml2Utils.unmarshallMessage(messageStream); - + return Saml2Utils.unmarshallMessage(messageStream); + } } |