cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject svn commit: r1338721 - /cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
Date Tue, 15 May 2012 14:26:27 GMT
Author: coheigea
Date: Tue May 15 14:26:27 2012
New Revision: 1338721

URL: http://svn.apache.org/viewvc?rev=1338721&view=rev
Log:
URL decode the SAMLResponse first

Modified:
    cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java

Modified: cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
URL: http://svn.apache.org/viewvc/cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java?rev=1338721&r1=1338720&r2=1338721&view=diff
==============================================================================
--- cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
(original)
+++ cxf/trunk/rt/rs/security/sso/saml/src/main/java/org/apache/cxf/rs/security/saml/sso/RequestAssertionConsumerService.java
Tue May 15 14:26:27 2012
@@ -23,6 +23,7 @@ import java.io.InputStream;
 import java.io.InputStreamReader;
 import java.io.UnsupportedEncodingException;
 import java.net.URI;
+import java.net.URLDecoder;
 import java.util.ResourceBundle;
 import java.util.UUID;
 import java.util.logging.Logger;
@@ -140,10 +141,17 @@ public class RequestAssertionConsumerSer
             reportError("MISSING_SAML_RESPONSE");
             throw new WebApplicationException(400);
         }
+        
+        String samlResponseDecoded = null;
+        try {
+            samlResponseDecoded = URLDecoder.decode(samlResponse, "UTF-8");
+        } catch (UnsupportedEncodingException e) {
+            throw new WebApplicationException(400);
+        }
         InputStream tokenStream = null;
         if (isSupportBase64Encoding()) {
             try {
-                byte[] deflatedToken = Base64Utility.decode(samlResponse);
+                byte[] deflatedToken = Base64Utility.decode(samlResponseDecoded);
                 tokenStream = isSupportDeflateEncoding() 
                     ? new DeflateEncoderDecoder().inflateToken(deflatedToken)
                     : new ByteArrayInputStream(deflatedToken); 
@@ -154,7 +162,7 @@ public class RequestAssertionConsumerSer
             }
         } else {
             try {
-                tokenStream = new ByteArrayInputStream(samlResponse.getBytes("UTF-8"));
+                tokenStream = new ByteArrayInputStream(samlResponseDecoded.getBytes("UTF-8"));
             } catch (UnsupportedEncodingException ex) {
                 throw new WebApplicationException(400);
             }



Mime
View raw message