protected boolean validate(String remoteAddress, String queryString, SessionHolder holder, boolean isPost) throws IOException, GeneralSecurityException { if (holder.samlRequest == null || holder.samlRequest.length() == 0) { return false; } if (!this.ignoreIncomingSignatures && !isPost) { String sig = holder.signature; if (sig == null || sig.length() == 0) { log.error("Signature received from SP is null:" + remoteAddress); return false; } // Check if there is a signature byte[] sigValue = RedirectBindingSignatureUtil.getSignatureValueFromSignedURL(queryString); if (sigValue == null) return false; PublicKey validatingKey; try { validatingKey = keyManager.getValidatingKey(remoteAddress); } catch (TrustKeyConfigurationException e) { throw new GeneralSecurityException(e.getCause()); } catch (TrustKeyProcessingException e) { throw new GeneralSecurityException(e.getCause()); } return RedirectBindingSignatureUtil.validateSignature(queryString, validatingKey, sigValue); } else { // Post binding no signature verification. The SAML message signature is verified return true; } }
protected boolean validate(String remoteAddress, String queryString, SessionHolder holder, boolean isPost) throws IOException, GeneralSecurityException { if (holder.samlRequest == null || holder.samlRequest.length() == 0) { return false; } if (!this.ignoreIncomingSignatures && !isPost) { String sig = holder.signature; if (sig == null || sig.length() == 0) { log.error("Signature received from SP is null:" + remoteAddress); return false; } // Check if there is a signature byte[] sigValue = RedirectBindingSignatureUtil.getSignatureValueFromSignedURL(queryString); if (sigValue == null) return false; PublicKey validatingKey; try { validatingKey = keyManager.getValidatingKey(remoteAddress); } catch (TrustKeyConfigurationException e) { throw new GeneralSecurityException(e.getCause()); } catch (TrustKeyProcessingException e) { throw new GeneralSecurityException(e.getCause()); } return RedirectBindingSignatureUtil.validateSignature(queryString, validatingKey, sigValue); } else { // Post binding no signature verification. The SAML message signature is verified return true; } }
protected boolean validate(String remoteAddress, String queryString, SessionHolder holder, boolean isPost) throws IOException, GeneralSecurityException { if (holder.samlRequest == null || holder.samlRequest.length() == 0) { return false; } if (!this.ignoreIncomingSignatures && !isPost) { String sig = holder.signature; if (sig == null || sig.length() == 0) { log.error("Signature received from SP is null:" + remoteAddress); return false; } // Check if there is a signature byte[] sigValue = RedirectBindingSignatureUtil.getSignatureValueFromSignedURL(queryString); if (sigValue == null) return false; PublicKey validatingKey; try { validatingKey = keyManager.getValidatingKey(remoteAddress); } catch (TrustKeyConfigurationException e) { throw new GeneralSecurityException(e.getCause()); } catch (TrustKeyProcessingException e) { throw new GeneralSecurityException(e.getCause()); } return RedirectBindingSignatureUtil.validateSignature(queryString, validatingKey, sigValue); } else { // Post binding no signature verification. The SAML message signature is verified return true; } }
byte[] sigValue = RedirectBindingSignatureUtil.getSignatureValueFromSignedURL(queryString); if (sigValue == null) return false;
byte[] sigValue = RedirectBindingSignatureUtil.getSignatureValueFromSignedURL(queryString); if (sigValue == null) return false;
/** * <p> * Validates the signature for SAML tokens received via HTTP Redirect Binding. * </p> * * @param httpContext * @throws org.picketlink.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException * @throws ProcessingException */ private boolean verifyRedirectBindingSignature(HTTPContext httpContext, PublicKey publicKey) throws ProcessingException { try { String queryString = httpContext.getRequest().getQueryString(); // Check if there is a signature byte[] sigValue; sigValue = RedirectBindingSignatureUtil.getSignatureValueFromSignedURL(queryString); if (sigValue == null) { throw logger.samlHandlerSignatureNotPresentError(); } return RedirectBindingSignatureUtil.validateSignature(queryString, publicKey, sigValue); } catch (Exception e) { throw logger.samlHandlerSignatureValidationError(e); } }
/** * <p> * Validates the signature for SAML tokens received via HTTP Redirect Binding. * </p> * * @param httpContext * * @throws org.picketlink.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException * @throws ProcessingException */ private boolean verifyRedirectBindingSignature(HTTPContext httpContext, PublicKey publicKey) throws ProcessingException { try { String queryString = httpContext.getRequest().getQueryString(); // Check if there is a signature byte[] sigValue; sigValue = RedirectBindingSignatureUtil.getSignatureValueFromSignedURL(queryString); if (sigValue == null) { throw logger.samlHandlerSignatureNotPresentError(); } return RedirectBindingSignatureUtil.validateSignature(queryString, publicKey, sigValue); } catch (Exception e) { throw logger.samlHandlerSignatureValidationError(e); } }
/** * <p> * Validates the signature for SAML tokens received via HTTP Redirect Binding. * </p> * * @param httpContext * * @throws org.picketlink.identity.federation.core.saml.v2.exceptions.IssuerNotTrustedException * @throws ProcessingException */ private boolean verifyRedirectBindingSignature(HTTPContext httpContext, PublicKey publicKey) throws ProcessingException { try { String queryString = httpContext.getRequest().getQueryString(); // Check if there is a signature byte[] sigValue; sigValue = RedirectBindingSignatureUtil.getSignatureValueFromSignedURL(queryString); if (sigValue == null) { throw logger.samlHandlerSignatureNotPresentError(); } return RedirectBindingSignatureUtil.validateSignature(queryString, publicKey, sigValue); } catch (Exception e) { throw logger.samlHandlerSignatureValidationError(e); } }