我正在尝试使用我的java代码解码SAML请求,并且我收到了错误的标头检查错误'。我的解码请求代码是:
public static String decode(String encSAMLRequest){
String ret = null;
SamlRequest samlRequest = null; //the xml is compressed (deflate) and encoded (base64)
byte[] decodedBytes = null;
try {
decodedBytes = new Base64().decode(encSAMLRequest.getBytes("UTF-8"));
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
try {
//try DEFLATE (rfc 1951) -- according to SAML spec
ret = new String(inflate(decodedBytes, true));
//return new SamlRequest(new String(inflate(decodedBytes, true)));
} catch (Exception ze) {
//try zlib (rfc 1950) -- initial impl didn't realize java docs are wrong
try {
System.out.println(new String(inflate(decodedBytes, false)));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//return new SamlRequest(new String(inflate(decodedBytes, false)));
}
return ret;
}
private static byte[] inflate(byte[] bytes, boolean nowrap) throws Exception {
Inflater decompressor = null;
InflaterInputStream decompressorStream = null;
ByteArrayOutputStream out = new ByteArrayOutputStream();
try {
decompressor = new Inflater(nowrap);
decompressorStream = new InflaterInputStream(new ByteArrayInputStream(bytes),
decompressor);
byte[] buf = new byte[1024];
int count;
while ((count = decompressorStream.read(buf)) != -1) {
out.write(buf, 0, count);
}
return out.toByteArray();
} finally {
if (decompressor != null) {
decompressor.end();
}
try {
if (decompressorStream != null) {
decompressorStream.close();
}
} catch (IOException ioe) {
/*ignore*/
}
try {
if (out != null) {
out.close();
}
} catch (IOException ioe) {
/*ignore*/
}
}
}
我打算对此进行解码:PHNhbWxwOkF1dGhuUmVxdWVzdCB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iXzk2Zjk2MjFjLWY4ZWYtNDliNS05OTZhLWNlYmRhMGRiOTcxZSIgSXNzdWVJbnN0YW50PSIyMDE0LTA2LTI0VDA2OjA1OjU2WiIgVmVyc2lvbj0iMi4wIiBBc3NlcnRpb25Db25zdW1lclNlcnZpY2VJbmRleD0iMCIgPjxzYW1sOklzc3Vlcj51cm46ZmVkZXJhdGlvbjpNaWNyb3NvZnRPbmxpbmU8L3NhbWw6SXNzdWVyPjxzYW1scDpOYW1lSURQb2xpY3kgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDpwZXJzaXN0ZW50Ii8+PC9zYW1scDpBdXRoblJlcXVlc3Q+"
解码后的请求应该是:
<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_7171b0b2-19f2-4ba2-8f94-24b5e56b7f1e" IssueInstant="2014-01-30T16:18:35Z" Version="2.0" AssertionConsumerServiceIndex="0" >
<saml:Issuer>urn:federation:MicrosoftOnline</saml:Issuer>
<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
</samlp:AuthnRequest>
当我使用此tool进行解码时,我得到了正确的XML请求。我可以在我的代码中做些什么来获取正确的SAML请求XML?
答案 0 :(得分:2)
您要解码的字符串未压缩。如果您只是对其进行64位解码,您将看到您正在寻找的XML。例如
echo "PHNhbWxwOkF1dGhuUmVxdWVzdCB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iXzk2Zjk2MjFjLWY4ZWYtNDliNS05OTZhLWNlYmRhMGRiOTcxZSIgSXNzdWVJbnN0YW50PSIyMDE0LTA2LTI0VDA2OjA1OjU2WiIgVmVyc2lvbj0iMi4wIiBBc3NlcnRpb25Db25zdW1lclNlcnZpY2VJbmRleD0iMCIgPjxzYW1sOklzc3Vlcj51cm46ZmVkZXJhdGlvbjpNaWNyb3NvZnRPbmxpbmU8L3NhbWw6SXNzdWVyPjxzYW1scDpOYW1lSURQb2xpY3kgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDpwZXJzaXN0ZW50Ii8+PC9zYW1scDpBdXRoblJlcXVlc3Q+" | base64 -d