summaryrefslogtreecommitdiff
path: root/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
diff options
context:
space:
mode:
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java')
-rw-r--r--eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java17
1 files changed, 17 insertions, 0 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
index 8bc770eb..a209a131 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
@@ -30,6 +30,8 @@ import javax.xml.validation.Validator;
import org.apache.commons.lang3.StringUtils;
import org.joda.time.DateTime;
import org.opensaml.core.criterion.EntityIdCriterion;
+import org.opensaml.core.xml.io.MarshallingException;
+import org.opensaml.core.xml.util.XMLObjectSupport;
import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.common.xml.SAMLSchemaBuilder;
import org.opensaml.saml.common.xml.SAMLSchemaBuilder.SAML1Version;
@@ -77,6 +79,7 @@ import lombok.extern.slf4j.Slf4j;
import net.shibboleth.utilities.java.support.net.BasicURLComparator;
import net.shibboleth.utilities.java.support.net.URIException;
import net.shibboleth.utilities.java.support.resolver.CriteriaSet;
+import net.shibboleth.utilities.java.support.xml.SerializeSupport;
@Slf4j
public class SamlVerificationEngine {
@@ -247,6 +250,7 @@ public class SamlVerificationEngine {
// validate each assertion
final List<Assertion> validatedassertions = new ArrayList<>();
for (final Assertion saml2assertion : saml2assertions) {
+ traceLogFullAssertion(saml2assertion);
if (internalAssertionValidation(saml2assertion, spEntityID, validateDateTime)) {
log.debug("Add valid Assertion:" + saml2assertion.getID());
validatedassertions.add(saml2assertion);
@@ -275,6 +279,19 @@ public class SamlVerificationEngine {
}
}
+ private void traceLogFullAssertion(Assertion saml2assertion) {
+ if (log.isTraceEnabled()) {
+ try {
+ log.trace("Decrypted SAML2 Response:", SerializeSupport.nodeToString(
+ XMLObjectSupport.getMarshaller(saml2assertion).marshall(saml2assertion)));
+
+ } catch (MarshallingException e) {
+ log.info("Can NOT trace decrypted SAML2 Assertion", e);
+
+ }
+ }
+ }
+
private boolean internalAssertionValidation(Assertion saml2assertion, String spEntityId,
boolean validateDateTime) {
boolean isAssertionValid = true;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-02 23:14:18 +0000