/** * Sets the character encoding of the transport to UTF-8. * * @param transport transport to set character encoding type */ public static void setUTF8Encoding(HTTPOutTransport transport) { transport.setCharacterEncoding("UTF-8"); }
/** {@inheritDoc} */ protected void doEncode(MessageContext messageContext) throws MessageEncodingException { validateMessageContent(messageContext); SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext; SAMLObject samlMessage = samlMsgCtx.getOutboundSAMLMessage(); if (samlMessage == null) { throw new MessageEncodingException("No outbound SAML message contained in message context"); } signMessage(samlMsgCtx); Envelope envelope = buildSOAPMessage(samlMsgCtx, samlMessage); Element envelopeElem = marshallMessage(envelope); try { HTTPOutTransport outTransport = (HTTPOutTransport) messageContext.getOutboundMessageTransport(); HTTPTransportUtils.addNoCacheHeaders(outTransport); HTTPTransportUtils.setUTF8Encoding(outTransport); HTTPTransportUtils.setContentType(outTransport, "text/xml"); outTransport.setHeader("SOAPAction", "http://www.oasis-open.org/committees/security"); Writer out = new OutputStreamWriter(outTransport.getOutgoingStream(), "UTF-8"); XMLHelper.writeNode(envelopeElem, out); out.flush(); } catch (UnsupportedEncodingException e) { log.error("JVM does not support required UTF-8 encoding"); throw new MessageEncodingException("JVM does not support required UTF-8 encoding"); } catch (IOException e) { log.error("Unable to write message content to outbound stream", e); throw new MessageEncodingException("Unable to write message content to outbound stream", e); } }
/** * Performs HTTP GET based encoding. * * @param artifactContext current request context * @param outTransport outbound HTTP transport * * @throws MessageEncodingException thrown if there is a problem GET encoding the artifact */ protected void getEncode(SAMLMessageContext artifactContext, HTTPOutTransport outTransport) throws MessageEncodingException { log.debug("Performing HTTP GET SAML 2 artifact encoding"); URLBuilder urlBuilder = getEndpointURL(artifactContext); List<Pair<String, String>> params = urlBuilder.getQueryParams(); AbstractSAMLArtifact artifact = buildArtifact(artifactContext); if(artifact == null){ log.error("Unable to build artifact for message to relying party"); throw new MessageEncodingException("Unable to builder artifact for message to relying party"); } params.add(new Pair<String, String>("SAMLart", artifact.base64Encode())); if (checkRelayState(artifactContext.getRelayState())) { params.add(new Pair<String, String>("RelayState", artifactContext.getRelayState())); } outTransport.sendRedirect(urlBuilder.buildURL()); }
/** * Base64 and POST encodes the outbound message and writes it to the outbound transport. * * @param messageContext current message context * @param endpointURL endpoint URL to which to encode message * * @throws MessageEncodingException thrown if there is a problem encoding the message */ protected void postEncode(SAMLMessageContext messageContext, String endpointURL) throws MessageEncodingException { log.debug("Invoking Velocity template to create POST body"); try { VelocityContext context = new VelocityContext(); populateVelocityContext(context, messageContext, endpointURL); HTTPOutTransport outTransport = (HTTPOutTransport) messageContext.getOutboundMessageTransport(); HTTPTransportUtils.addNoCacheHeaders(outTransport); HTTPTransportUtils.setUTF8Encoding(outTransport); HTTPTransportUtils.setContentType(outTransport, "text/html"); Writer out = new OutputStreamWriter(outTransport.getOutgoingStream(), "UTF-8"); velocityEngine.mergeTemplate(velocityTemplateId, "UTF-8", context, out); out.flush(); } catch (Exception e) { log.error("Error invoking Velocity template", e); throw new MessageEncodingException("Error creating output document", e); } }
HTTPTransportUtils.setUTF8Encoding(outTransport); HTTPTransportUtils.setContentType(outTransport, "text/xml"); outTransport.setHeader("SOAPAction", "http://www.oasis-open.org/committees/security"); Writer out = new OutputStreamWriter(outTransport.getOutgoingStream(), "UTF-8"); XMLHelper.writeNode(envelopeElem, out); out.flush();
response.sendRedirect(discoveryURL);
OutputStreamWriter outWriter = new OutputStreamWriter(outTransport.getOutgoingStream()); velocityEngine.mergeTemplate(velocityTemplateId, "UTF-8", context, outWriter); } catch (Exception e) {
HTTPTransportUtils.setUTF8Encoding(outTransport); HTTPTransportUtils.setContentType(outTransport, "text/xml"); outTransport.setHeader("SOAPAction", "http://www.oasis-open.org/committees/security"); Writer out = new OutputStreamWriter(outTransport.getOutgoingStream(), "UTF-8"); XMLHelper.writeNode(envelopeElem, out); out.flush();
/** * Sets the MIME content type of the transport. * * @param transport the transport to set content type on * @param contentType the content type to set */ public static void setContentType(HTTPOutTransport transport, String contentType) { transport.setHeader("Content-Type", contentType); }
/** {@inheritDoc} */ protected void doEncode(MessageContext messageContext) throws MessageEncodingException { if (!(messageContext instanceof SAMLMessageContext)) { log.error("Invalid message context type, this encoder only support SAMLMessageContext"); throw new MessageEncodingException( "Invalid message context type, this encoder only support SAMLMessageContext"); } if (!(messageContext.getOutboundMessageTransport() instanceof HTTPOutTransport)) { log.error("Invalid outbound message transport type, this encoder only support HTTPOutTransport"); throw new MessageEncodingException( "Invalid outbound message transport type, this encoder only support HTTPOutTransport"); } SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext; String endpointURL = getEndpointURL(samlMsgCtx).buildURL(); setResponseDestination(samlMsgCtx.getOutboundSAMLMessage(), endpointURL); removeSignature(samlMsgCtx); String encodedMessage = deflateAndBase64Encode(samlMsgCtx.getOutboundSAMLMessage()); String redirectURL = buildRedirectURL(samlMsgCtx, endpointURL, encodedMessage); HTTPOutTransport out = (HTTPOutTransport) messageContext.getOutboundMessageTransport(); HTTPTransportUtils.addNoCacheHeaders(out); HTTPTransportUtils.setUTF8Encoding(out); out.sendRedirect(redirectURL); }
HTTPTransportUtils.setContentType(outTransport, "text/html"); OutputStream transportOutStream = outTransport.getOutgoingStream(); Writer out = new OutputStreamWriter(transportOutStream, "UTF-8"); velocityEngine.mergeTemplate(velocityTemplateId, "UTF-8", context, out);
/** {@inheritDoc} */ protected void doEncode(MessageContext messageContext) throws MessageEncodingException { if (!(messageContext instanceof SAMLMessageContext)) { log.error("Invalid message context type, this encoder only support SAMLMessageContext"); throw new MessageEncodingException( "Invalid message context type, this encoder only support SAMLMessageContext"); } if (!(messageContext.getOutboundMessageTransport() instanceof HTTPOutTransport)) { log.error("Invalid outbound message transport type, this encoder only support HTTPOutTransport"); throw new MessageEncodingException( "Invalid outbound message transport type, this encoder only support HTTPOutTransport"); } SAMLMessageContext artifactContext = (SAMLMessageContext) messageContext; HTTPOutTransport outTransport = (HTTPOutTransport) artifactContext.getOutboundMessageTransport(); outTransport.setCharacterEncoding("UTF-8"); if (postEncoding) { postEncode(artifactContext, outTransport); } else { getEncode(artifactContext, outTransport); } }
outTransport.sendRedirect(urlBuilder.buildURL());
/** * <p> * This implementation performs the following actions on the context's {@link HTTPOutTransport}: * <ol> * <li>Adds the HTTP header: "Cache-control: no-cache, no-store"</li> * <li>Adds the HTTP header: "Pragma: no-cache"</li> * <li>Sets the character encoding to: "UTF-8"</li> * <li>Sets the content type to: "text/xml"</li> * <li>Sets the SOAPAction HTTP header</li> * </ol> * </p> * * @param messageContext the current message context being processed * * @throws MessageEncodingException thrown if there is a problem preprocessing the transport */ protected void preprocessTransport(MessageContext messageContext) throws MessageEncodingException { HTTPOutTransport outTransport = (HTTPOutTransport) messageContext.getOutboundMessageTransport(); HTTPTransportUtils.addNoCacheHeaders(outTransport); HTTPTransportUtils.setUTF8Encoding(outTransport); HTTPTransportUtils.setContentType(outTransport, "text/xml"); outTransport.setHeader("SOAPAction", "http://www.oasis-open.org/committees/security"); }
@Override public void sendAuthenticationRequest(SAMLMessageContext context, WebSSOProfileOptions options) throws SAMLException, MetadataProviderException, MessageEncodingException { SPSSODescriptor spDescriptor = (SPSSODescriptor) context.getLocalEntityRoleMetadata(); AssertionConsumerService assertionConsumer = getAssertionConsumerService(options, null, spDescriptor); // The last parameter refers to the IdP that should receive the message. However, // in ECP, we don't know in advance which IdP will be contacted. AuthnRequest authRequest = getAuthnRequest(context, options, assertionConsumer, null); context.setCommunicationProfileId(getProfileIdentifier()); context.setOutboundMessage(getEnvelope()); context.setOutboundSAMLMessage(authRequest); SOAPHelper.addHeaderBlock(context, getPAOSRequest(assertionConsumer)); SOAPHelper.addHeaderBlock(context, getECPRequest(context, options)); sendMessage(context, spDescriptor.isAuthnRequestsSigned(), SAMLConstants.SAML2_PAOS_BINDING_URI); HTTPOutTransport outTransport = (HTTPOutTransport) context.getOutboundMessageTransport(); outTransport.setHeader("Content-Type", "application/vnd.paos+xml"); SAMLMessageStorage messageStorage = context.getMessageStorage(); if (messageStorage != null) { messageStorage.storeMessage(authRequest.getID(), authRequest); } }