cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bhais...@apache.org
Subject [08/10] git commit: updated refs/heads/master to d46e459
Date Fri, 12 Sep 2014 15:16:42 GMT
SAML2LoginAPIAuthenticatorCmd: add signature on redirect url

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/394e6130
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/394e6130
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/394e6130

Branch: refs/heads/master
Commit: 394e6130e0657ad4323d9c26dc2f2a2605e8d0fa
Parents: 67f97df
Author: Rohit Yadav <rohit.yadav@shapeblue.com>
Authored: Fri Sep 12 16:31:16 2014 +0200
Committer: Rohit Yadav <rohit.yadav@shapeblue.com>
Committed: Fri Sep 12 16:31:16 2014 +0200

----------------------------------------------------------------------
 .../api/command/SAML2LoginAPIAuthenticatorCmd.java      | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/394e6130/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index b204e72..0257ecf 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -55,8 +55,6 @@ import org.opensaml.xml.ConfigurationException;
 import org.opensaml.xml.io.MarshallingException;
 import org.opensaml.xml.io.UnmarshallingException;
 import org.opensaml.xml.security.x509.BasicX509Credential;
-import org.opensaml.xml.signature.SignatureConstants;
-import org.opensaml.xml.signature.SignatureException;
 import org.opensaml.xml.signature.SignatureValidator;
 import org.opensaml.xml.validation.ValidationException;
 import org.xml.sax.SAXException;
@@ -72,7 +70,6 @@ import java.net.URLEncoder;
 import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
 import java.security.PrivateKey;
-import java.security.Signature;
 import java.util.List;
 import java.util.Map;
 
@@ -139,9 +136,12 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements
APIAuthent
         try {
             DefaultBootstrap.bootstrap();
             AuthnRequest authnRequest = SAMLUtils.buildAuthnRequestObject(spId, identityProviderUrl,
consumerUrl);
-            redirectUrl = "SAMLRequest=" + SAMLUtils.encodeSAMLRequest(authnRequest);
-            redirectUrl = identityProviderUrl + "?" + SAMLUtils.generateSAMLRequestSignature(redirectUrl,
privateKey);
-        } catch (ConfigurationException | FactoryConfigurationError | MarshallingException
| IOException | SignatureException | NoSuchAlgorithmException | InvalidKeyException | java.security.SignatureException
e) {
+            PrivateKey privateKey = null;
+            if (_samlAuthManager.getSpKeyPair() != null) {
+                privateKey = _samlAuthManager.getSpKeyPair().getPrivate();
+            }
+            redirectUrl = identityProviderUrl + "?" + SAMLUtils.generateSAMLRequestSignature("SAMLRequest="
+ SAMLUtils.encodeSAMLRequest(authnRequest), privateKey);
+        } catch (ConfigurationException | FactoryConfigurationError | MarshallingException
| IOException | NoSuchAlgorithmException | InvalidKeyException | java.security.SignatureException
e) {
             s_logger.error("SAML AuthnRequest message building error: " + e.getMessage());
         }
         return redirectUrl;


Mime
View raw message