Class HTTPRedirectDeflateEncoder
java.lang.Object
net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
org.opensaml.messaging.encoder.AbstractMessageEncoder
org.opensaml.messaging.encoder.servlet.AbstractHttpServletResponseMessageEncoder
org.opensaml.messaging.encoder.servlet.BaseHttpServletResponseXMLMessageEncoder
org.opensaml.saml.saml2.binding.encoding.impl.BaseSAML2MessageEncoder
org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder
- All Implemented Interfaces:
Component,DestructableComponent,InitializableComponent,UnmodifiableComponent,MessageEncoder,HttpServletResponseMessageEncoder,SAMLMessageEncoder
SAML 2.0 HTTP Redirect encoder using the DEFLATE encoding method.
This encoder only supports DEFLATE compression.
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionprivate classA subclass ofDeflaterOutputStreamwhich defaults in a no-wrapDeflaterinstance and closes it when the stream is closed. -
Field Summary
FieldsModifier and TypeFieldDescriptionParams which are disallowed from appearing in the input endpoint URL.private final org.slf4j.LoggerClass logger. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionprotected StringbuildRedirectURL(MessageContext messageContext, String endpoint, String message) Builds the URL to redirect the client to.protected StringdeflateAndBase64Encode(SAMLObject message) DEFLATE (RFC1951) compresses the given SAML message.protected voiddoEncode()Performs the encoding logic.protected StringgenerateSignature(Credential signingCredential, String algorithmURI, String queryString) Generates the signature over the query string.Gets the SAML binding URI supported by this encoder.protected StringgetSignatureAlgorithmURI(SignatureSigningParameters signingParameters) Gets the signature algorithm URI to use.protected voidremoveDisallowedQueryParams(List<Pair<String, String>> queryParams) Remove disallowed query params from the supplied list.protected voidremoveSignature(SAMLObject message) Removes the signature from the protocol message.Methods inherited from class org.opensaml.saml.saml2.binding.encoding.impl.BaseSAML2MessageEncoder
getEndpointURLMethods inherited from class org.opensaml.messaging.encoder.servlet.BaseHttpServletResponseXMLMessageEncoder
encode, getMessageToLog, logEncodedMessage, marshallMessageMethods inherited from class org.opensaml.messaging.encoder.servlet.AbstractHttpServletResponseMessageEncoder
doDestroy, doInitialize, getHttpServletResponse, setHttpServletResponseMethods inherited from class org.opensaml.messaging.encoder.AbstractMessageEncoder
getMessageContext, prepareContext, setMessageContextMethods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, initialize, isDestroyed, isInitializedMethods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, waitMethods inherited from interface net.shibboleth.utilities.java.support.component.DestructableComponent
destroy, isDestroyedMethods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitializedMethods inherited from interface org.opensaml.messaging.encoder.MessageEncoder
encode, prepareContext, setMessageContext
-
Field Details
-
DISALLOWED_ENDPOINT_QUERY_PARAMS
Params which are disallowed from appearing in the input endpoint URL. -
log
private final org.slf4j.Logger logClass logger.
-
-
Constructor Details
-
HTTPRedirectDeflateEncoder
public HTTPRedirectDeflateEncoder()Constructor.
-
-
Method Details
-
getBindingURI
Gets the SAML binding URI supported by this encoder.- Returns:
- SAML binding URI supported by this encoder
-
doEncode
Performs the encoding logic. By the time this is called, this encoder has already been initialized and checked to ensure that it has not been destroyed.- Specified by:
doEncodein classAbstractMessageEncoder- Throws:
MessageEncodingException- thrown if there is a problem encoding the message
-
removeSignature
Removes the signature from the protocol message.- Parameters:
message- current message context
-
deflateAndBase64Encode
DEFLATE (RFC1951) compresses the given SAML message.- Parameters:
message- SAML message- Returns:
- DEFLATE compressed message
- Throws:
MessageEncodingException- thrown if there is a problem compressing the message
-
buildRedirectURL
protected String buildRedirectURL(MessageContext messageContext, String endpoint, String message) throws MessageEncodingException Builds the URL to redirect the client to.- Parameters:
messageContext- current message contextendpoint- endpoint URL to send encoded message tomessage- Deflated and Base64 encoded message- Returns:
- URL to redirect client to
- Throws:
MessageEncodingException- thrown if the SAML message is neither a RequestAbstractType or Response
-
removeDisallowedQueryParams
Remove disallowed query params from the supplied list.- Parameters:
queryParams- the list of query params on which to operate
-
getSignatureAlgorithmURI
protected String getSignatureAlgorithmURI(SignatureSigningParameters signingParameters) throws MessageEncodingException Gets the signature algorithm URI to use.- Parameters:
signingParameters- the signing parameters to use- Returns:
- signature algorithm to use with the associated signing credential
- Throws:
MessageEncodingException- thrown if the algorithm URI is not supplied explicitly and could not be derived from the supplied credential
-
generateSignature
protected String generateSignature(Credential signingCredential, String algorithmURI, String queryString) throws MessageEncodingException Generates the signature over the query string.- Parameters:
signingCredential- credential that will be used to sign query stringalgorithmURI- algorithm URI of the signing credentialqueryString- query string to be signed- Returns:
- base64 encoded signature of query string
- Throws:
MessageEncodingException- there is an error computing the signature
-