Create 'HTTP Redirect Binding' SAML Request using Java

我的未来我决定 提交于 2019-12-11 10:21:49

问题


I am trying to implement the same algorithm in Java for SAML HTTP Redirect Binding which is described here: How do I correctly prepare an 'HTTP Redirect Binding' SAML Request using C#

The algorithm is rather simple:

  1. Build a SAML string
  2. Compress this string
  3. Base64 encode the string
  4. UrlEncode the string.

This should be the equivalent Java algorithm:

    public String encodeRedirectFormat( String samlXML ) throws IOException{
            ByteArrayOutputStream os = new ByteArrayOutputStream();
            DeflaterOutputStream deflaterOutputStream = new DeflaterOutputStream(os);
            deflaterOutputStream.write( samlXML.getBytes( "UTF-8" ) );
            deflaterOutputStream.close();
            os.close();
            String base64 = Base64.encodeBase64String( os.toByteArray() );
            return URLEncoder.encode( base64, "UTF-8" );
    }

I try to encode the simplest assertion:

<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"/>

This is the output:

eJyzKU7MzTGyciwuTi0qyczPU6jIzckrtgKL2iqVFuVZ5ScWZxZb5SXmphZblSRbBTv6%2BlgZ6RlYJcK0KOnbAQCHfRi3

And then try to decode with an online tool like

https://rnd.feide.no/simplesaml/module.php/saml2debug/debug.php

the output is invalid. Can someone spot the error? Maybe the Java Deflater works differently?


回答1:


You need to instruct specifically the Deflater for noWrap option. This is the working code:

public String encodeRedirectFormat( String samlXML ) throws IOException{
        ByteArrayOutputStream os = new ByteArrayOutputStream();
        Deflater deflater = new Deflater( Deflater.DEFAULT_COMPRESSION, true );
        DeflaterOutputStream deflaterOutputStream = new DeflaterOutputStream(os, deflater);
        deflaterOutputStream.write( samlXML.getBytes( "UTF-8" ) );
        deflaterOutputStream.close();
        os.close();
        String base64 = Base64.encodeBase64String( os.toByteArray() );
        return URLEncoder.encode( base64, "UTF-8" );
}


来源:https://stackoverflow.com/questions/26484948/create-http-redirect-binding-saml-request-using-java

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!