Package org.opensaml.saml.saml2.binding.security.impl

Class SAML2HTTPRedirectDeflateSignatureSecurityHandler

java.lang.Object
net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
org.opensaml.messaging.handler.AbstractMessageHandler
org.opensaml.saml.common.binding.security.impl.BaseSAMLSimpleSignatureSecurityHandler
org.opensaml.saml.saml2.binding.security.impl.SAML2HTTPRedirectDeflateSignatureSecurityHandler
All Implemented Interfaces:
Component, DestructableComponent, InitializableComponent, MessageHandler
public class SAML2HTTPRedirectDeflateSignatureSecurityHandler extends BaseSAMLSimpleSignatureSecurityHandler
Message handler which evaluates simple "blob" signatures according to the SAML 2 HTTP-Redirect DEFLATE binding.

  • Field Details

    • log

      @Nonnull private final org.slf4j.Logger log
      Logger.

  • Constructor Details

    • SAML2HTTPRedirectDeflateSignatureSecurityHandler

      public SAML2HTTPRedirectDeflateSignatureSecurityHandler()

  • Method Details

    • ruleHandles

      protected boolean ruleHandles(@Nonnull MessageContext messgaeContext) throws MessageHandlerException
      Determine whether the rule should handle the request, based on the unwrapped HTTP servlet request and/or message context.
      Specified by:
      ruleHandles in class BaseSAMLSimpleSignatureSecurityHandler
      Parameters:
      messgaeContext - the SAML message context being processed
      Returns:
      true if the rule should attempt to process the request, otherwise false
      Throws:
      MessageHandlerException - thrown if there is an error during request processing

    • getSignedContent

      @Nullable protected byte[] getSignedContent() throws MessageHandlerException
      Get the content over which to validate the signature, in the form suitable for input into SignatureTrustEngine.validate(byte[], byte[], String, CriteriaSet, Credential).
      Specified by:
      getSignedContent in class BaseSAMLSimpleSignatureSecurityHandler
      Returns:
      the signed content extracted from the request, in the format suitable for input to the trust engine.
      Throws:
      MessageHandlerException - thrown if there is an error during request processing

    • buildSignedContentString

      @Nonnull @NotEmpty private String buildSignedContentString(String queryString) throws MessageHandlerException
      Extract the raw request parameters and build a string representation of the content that was signed.
      Parameters:
      queryString - the raw HTTP query string from the request
      Returns:
      a string representation of the signed content
      Throws:
      MessageHandlerException - thrown if there is an error during request processing

    • appendParameter

      private boolean appendParameter(@Nonnull StringBuilder builder, @Nullable String queryString, @Nullable String paramName)
      Find the raw query string parameter indicated and append it to the string builder. The appended value will be in the form 'paramName=paramValue' (minus the quotes).
      Parameters:
      builder - string builder to which to append the parameter
      queryString - the URL query string containing parameters
      paramName - the name of the parameter to append
      Returns:
      true if parameter was found, false otherwise