Class HTTPRedirectDeflateEncoder
- java.lang.Object
-
- net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
-
- org.opensaml.messaging.encoder.AbstractMessageEncoder
-
- org.opensaml.messaging.encoder.servlet.AbstractHttpServletResponseMessageEncoder
-
- org.opensaml.messaging.encoder.servlet.BaseHttpServletResponseXMLMessageEncoder
-
- org.opensaml.saml.saml2.binding.encoding.impl.BaseSAML2MessageEncoder
-
- org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder
-
- All Implemented Interfaces:
Component
,DestructableComponent
,InitializableComponent
,UnmodifiableComponent
,MessageEncoder
,HttpServletResponseMessageEncoder
,SAMLMessageEncoder
public class HTTPRedirectDeflateEncoder extends BaseSAML2MessageEncoder
SAML 2.0 HTTP Redirect encoder using the DEFLATE encoding method. This encoder only supports DEFLATE compression.
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description private class
HTTPRedirectDeflateEncoder.NoWrapAutoEndDeflaterOutputStream
A subclass ofDeflaterOutputStream
which defaults in a no-wrapDeflater
instance and closes it when the stream is closed.
-
Field Summary
Fields Modifier and Type Field Description private static Set<String>
DISALLOWED_ENDPOINT_QUERY_PARAMS
Params which are disallowed from appearing in the input endpoint URL.private org.slf4j.Logger
log
Class logger.
-
Constructor Summary
Constructors Constructor Description HTTPRedirectDeflateEncoder()
Constructor.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description protected String
buildRedirectURL(MessageContext messageContext, String endpoint, String message)
Builds the URL to redirect the client to.protected String
deflateAndBase64Encode(SAMLObject message)
DEFLATE (RFC1951) compresses the given SAML message.protected void
doEncode()
protected String
generateSignature(Credential signingCredential, String algorithmURI, String queryString)
Generates the signature over the query string.String
getBindingURI()
protected String
getSignatureAlgorithmURI(SignatureSigningParameters signingParameters)
Gets the signature algorithm URI to use.protected void
removeDisallowedQueryParams(List<Pair<String,String>> queryParams)
Remove disallowed query params from the supplied list.protected void
removeSignature(SAMLObject message)
Removes the signature from the protocol message.-
Methods inherited from class org.opensaml.saml.saml2.binding.encoding.impl.BaseSAML2MessageEncoder
getEndpointURL
-
Methods inherited from class org.opensaml.messaging.encoder.servlet.BaseHttpServletResponseXMLMessageEncoder
encode, getMessageToLog, logEncodedMessage, marshallMessage
-
Methods inherited from class org.opensaml.messaging.encoder.servlet.AbstractHttpServletResponseMessageEncoder
doDestroy, doInitialize, getHttpServletResponse, setHttpServletResponse
-
Methods inherited from class org.opensaml.messaging.encoder.AbstractMessageEncoder
getMessageContext, prepareContext, setMessageContext
-
Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent
destroy, initialize, isDestroyed, isInitialized
-
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.DestructableComponent
destroy, isDestroyed
-
Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent
initialize, isInitialized
-
Methods inherited from interface org.opensaml.messaging.encoder.MessageEncoder
encode, prepareContext, setMessageContext
-
-
-
-
Method Detail
-
getBindingURI
public String getBindingURI()
-
doEncode
protected void doEncode() throws MessageEncodingException
- Specified by:
doEncode
in classAbstractMessageEncoder
- Throws:
MessageEncodingException
-
removeSignature
protected void removeSignature(SAMLObject message)
Removes the signature from the protocol message.- Parameters:
message
- current message context
-
deflateAndBase64Encode
protected String deflateAndBase64Encode(SAMLObject message) throws MessageEncodingException
DEFLATE (RFC1951) compresses the given SAML message.- Parameters:
message
- SAML message- Returns:
- DEFLATE compressed message
- Throws:
MessageEncodingException
- thrown if there is a problem compressing the message
-
buildRedirectURL
protected String buildRedirectURL(MessageContext messageContext, String endpoint, String message) throws MessageEncodingException
Builds the URL to redirect the client to.- Parameters:
messageContext
- current message contextendpoint
- endpoint URL to send encoded message tomessage
- Deflated and Base64 encoded message- Returns:
- URL to redirect client to
- Throws:
MessageEncodingException
- thrown if the SAML message is neither a RequestAbstractType or Response
-
removeDisallowedQueryParams
protected void removeDisallowedQueryParams(@Nonnull List<Pair<String,String>> queryParams)
Remove disallowed query params from the supplied list.- Parameters:
queryParams
- the list of query params on which to operate
-
getSignatureAlgorithmURI
protected String getSignatureAlgorithmURI(SignatureSigningParameters signingParameters) throws MessageEncodingException
Gets the signature algorithm URI to use.- Parameters:
signingParameters
- the signing parameters to use- Returns:
- signature algorithm to use with the associated signing credential
- Throws:
MessageEncodingException
- thrown if the algorithm URI is not supplied explicitly and could not be derived from the supplied credential
-
generateSignature
protected String generateSignature(Credential signingCredential, String algorithmURI, String queryString) throws MessageEncodingException
Generates the signature over the query string.- Parameters:
signingCredential
- credential that will be used to sign query stringalgorithmURI
- algorithm URI of the signing credentialqueryString
- query string to be signed- Returns:
- base64 encoded signature of query string
- Throws:
MessageEncodingException
- there is an error computing the signature
-
-