堆栈内存溢出
  简体   繁体   English

如何正确解码 Java 中的 SAML 请求(HTTP 重定向)?

[英]How can I properly decode a SAML request in Java (HTTP redirect)?

 原文  2020-03-22 16:31:52       java/ saml/ http-redirect/ inflate

问题描述

I am working with a SAML request using the HTTP-redirect binding.我正在使用 HTTP 重定向绑定处理 SAML 请求。 I read in another post that the following steps are required in order to retrieve the original content of a SAML request (SAMLRequest parameter in the URL):我在另一篇文章中读到,为了检索 SAML 请求的原始内容(URL 中的 SAMLRequest 参数),需要执行以下步骤:

  1. URL decoding URL解码
  2. Base64 decoding Base64 解码
  3. Inflating the content膨胀内容

Although those steps are quite clear to me, I can't get the SAML request in the XML format.虽然这些步骤对我来说很清楚,但我无法获得 XML 格式的 SAML 请求。 I believe the mistake is in the third step, maybe there is more than one way to inflate bytes?我相信错误是在第三步,也许有不止一种方法来膨胀字节? This is the Java function which executes the three above, given the argument which is the value of the SAML parameter in the URL.这是执行上述三个的 Java 函数,给定参数是 URL 中 SAML 参数的值。

private String decodeMessage(String SAMLContent) {
        try {
            //URLDecode, Base64 and inflate data

            //URLDecode
            SAMLContent = URLDecoder.decode(SAMLContent, "UTF-8");

            //Base64 decoding
            SAMLContent = new String(Base64.getDecoder().decode(SAMLContent), "UTF-8");

            //Inflating data
            try {
                byte[] compressed = new byte[10 * SAMLContent.getBytes().length];
                Inflater i = new Inflater(true);
                i.setInput(SAMLContent.getBytes(), 0, SAMLContent.getBytes().length);
                int finalSize = i.inflate(compressed);
                //Exception is thrown here
                SAMLContent = new String(SAMLContent.getBytes(), 0, finalSize, "UTF-8");
                i.end();


            } catch (DataFormatException ex) {
                JOptionPane.showMessageDialog(null, "DFE: " + ex.getMessage());
            }

        } catch (UnsupportedEncodingException ex) {
            JOptionPane.showMessageDialog(null, "UEE: " + ex.getMessage());
        }

        return SAMLContent;

    }

If I copy and paste the output of the first step here , I can see the well-formatted XML at the bottom of the page, so at least the URL decoding works as intended.如果我在这里复制并粘贴第一步的输出,我可以在页面底部看到格式正确的 XML,因此至少 URL 解码按预期工作。 If you have any solution please let me know, thanks.如果您有任何解决方案,请告诉我,谢谢。

1 个解决方案

解决方案1
 3 已采纳  2020-03-23 12:55:24

This is how I do it.我就是这样做的。 The flow is detect the request is HTTP-Redirect, base64 decode the request and then inflate it.流程是检测请求是 HTTP-Redirect,base64 解码请求然后膨胀它。 The following links are to code that does all this in github.以下链接指向在 github 中执行所有这些操作的代码。

Receive the request 接收请求

Decode the request 解码请求

Inflate the XML 膨胀 XML

If you get如果你得到

Incorrect header check错误的标题检查

check this answer检查这个答案

and you might need to change the inflate code to:并且您可能需要将膨胀代码更改为:

return new String(inflatedData, 0, inflatedBytesLength, "UTF-8");

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何使用Java正确准备“ HTTP重定向绑定” SAML请求? - How do I correctly prepare an 'HTTP Redirect Binding' SAML Request using Java? 使用Java创建“ HTTP重定向绑定” SAML请求 - Create 'HTTP Redirect Binding' SAML Request using Java 在Java中编码和解码Http请求 - encode and decode Http request in Java 如何在Java中发出http部分GET请求 - How can I make a http partial GET request in Java 如何在android上使用java发出http post请求 - How can I make an http post request using java on android 如何通过Java获取完整的Http请求 - How can I get full Http Request via Java 在Java中处理HTTP请求重定向 - Handling HTTP request redirect in java 使用Spring,Tomcat和Java,如何使用HTTP标头重定向请求? - Using Spring, Tomcat, and Java, how do I redirect a request with HTTP headers? 如何解码Java中从Azure获得的SAML令牌? - How to Decode the SAML Token getting From Azure in Java? 如何使用涉及重定向的标头在 Java 中执行 HTTP 请求 - How to perform HTTP request using headers that involves redirect in Java
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM