This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch 1.4.x-fixes
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git
The following commit(s) were added to refs/heads/1.4.x-fixes by this push:
new 159a36b Ensure relayState is url-encoded as well
159a36b is described below
commit 159a36bd6423cbae18f360bd171dbbdbb20ab690
Author: Francesco Chicchiriccò <ilgrosso@apache.org>
AuthorDate: Tue May 8 15:08:35 2018 +0200
Ensure relayState is url-encoded as well
---
.../cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java
b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java
index 75dfe4e..a299499 100644
--- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java
+++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java
@@ -292,9 +292,10 @@ public class AuthnRequestParser {
sig.initVerify(validatingCert);
// Recreate request to sign
- String requestToSign = SSOConstants.SAML_REQUEST + "=" + URLEncoder.encode(samlRequest,
"UTF-8")
- + "&" + SSOConstants.RELAY_STATE + "=" + relayState + "&" + SSOConstants.SIG_ALG
- + "=" + URLEncoder.encode(processedSigAlg, StandardCharsets.UTF_8.name());
+ String requestToSign =
+ SSOConstants.SAML_REQUEST + "=" + URLEncoder.encode(samlRequest, StandardCharsets.UTF_8.name())
+ + "&" + SSOConstants.RELAY_STATE + "=" + URLEncoder.encode(relayState,
StandardCharsets.UTF_8.name())
+ + "&" + SSOConstants.SIG_ALG + "=" + URLEncoder.encode(processedSigAlg,
StandardCharsets.UTF_8.name());
sig.update(requestToSign.getBytes(StandardCharsets.UTF_8));
--
To stop receiving notification emails like this one, please contact
ilgrosso@apache.org.
|