Package org.opensaml.saml.saml2.binding.encoding.impl

Class HTTPRedirectDeflateEncoder

java.lang.Object

net.shibboleth.shared.component.AbstractInitializableComponent

org.opensaml.messaging.encoder.AbstractMessageEncoder

org.opensaml.messaging.encoder.servlet.AbstractHttpServletResponseMessageEncoder

org.opensaml.messaging.encoder.servlet.BaseHttpServletResponseXMLMessageEncoder

org.opensaml.saml.common.binding.impl.BaseSAMLHttpServletResponseEncoder

org.opensaml.saml.saml2.binding.encoding.impl.BaseSAML2MessageEncoder

org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder

All Implemented Interfaces:

Component, DestructableComponent, InitializableComponent, UnmodifiableComponent, MessageEncoder, HttpServletResponseMessageEncoder, SAMLMessageEncoder

public class HTTPRedirectDeflateEncoder
extends BaseSAML2MessageEncoder

SAML 2.0 HTTP Redirect encoder using the DEFLATE encoding method. This encoder only supports DEFLATE compression.

Nested Class Summary

Nested Classes

Modifier and Type	Class	Description
private class	HTTPRedirectDeflateEncoder.NoWrapAutoEndDeflaterOutputStream	A subclass of DeflaterOutputStream which defaults in a no-wrap Deflater instance and closes it when the stream is closed.

Field Summary

Fields

Modifier and Type	Field	Description
private static final Set<String>	DISALLOWED_ENDPOINT_QUERY_PARAMS	Params which are disallowed from appearing in the input endpoint URL.
private final org.slf4j.Logger	log	Class logger.

Fields inherited from class org.opensaml.messaging.encoder.AbstractMessageEncoder

BASE_PROTOCOL_MESSAGE_LOGGER_CATEGORY

Constructor Summary

Constructors

Constructor	Description
HTTPRedirectDeflateEncoder()

Method Summary

Modifier and Type	Method	Description
protected String	buildRedirectURL(MessageContext messageContext, String endpoint, String message)	Builds the URL to redirect the client to.
protected String	deflateAndBase64Encode(SAMLObject message)	DEFLATE (RFC1951) compresses the given SAML message.
protected void	doEncode()	Performs the encoding logic.
protected String	generateSignature(Credential signingCredential, String algorithmURI, String queryString)	Generates the signature over the query string.
String	getBindingURI()	Gets the SAML binding URI supported by this encoder.
protected String	getSignatureAlgorithmURI(SignatureSigningParameters signingParameters)	Gets the signature algorithm URI to use.
protected void	removeDisallowedQueryParams(List<Pair<String,String>> queryParams)	Remove disallowed query params from the supplied list.
protected void	removeSignature(SAMLObject message)	Removes the signature from the protocol message.

Methods inherited from class org.opensaml.saml.saml2.binding.encoding.impl.BaseSAML2MessageEncoder

getEndpointURL

Methods inherited from class org.opensaml.messaging.encoder.servlet.BaseHttpServletResponseXMLMessageEncoder

encode, marshallMessage, serializeMessageForLogging

Methods inherited from class org.opensaml.messaging.encoder.servlet.AbstractHttpServletResponseMessageEncoder

doInitialize, getHttpServletResponse, getHttpServletResponseSupplier, setHttpServletResponseSupplier

Methods inherited from class org.opensaml.messaging.encoder.AbstractMessageEncoder

getMessageContext, getMessageToLog, getProtocolMessageLogger, getProtocolMessageLoggerSubCategory, logEncodedMessage, prepareContext, setMessageContext, setProtocolMessageLoggerSubCategory

Methods inherited from class net.shibboleth.shared.component.AbstractInitializableComponent

checkComponentActive, checkSetterPreconditions, destroy, doDestroy, ifDestroyedThrowDestroyedComponentException, ifInitializedThrowUnmodifiabledComponentException, ifNotInitializedThrowUninitializedComponentException, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface net.shibboleth.shared.component.DestructableComponent

destroy, isDestroyed

Methods inherited from interface net.shibboleth.shared.component.InitializableComponent

initialize, isInitialized

Methods inherited from interface org.opensaml.messaging.encoder.MessageEncoder

encode, prepareContext, setMessageContext

Field Details

DISALLOWED_ENDPOINT_QUERY_PARAMS

@Nonnull
private static final Set<String> DISALLOWED_ENDPOINT_QUERY_PARAMS

Params which are disallowed from appearing in the input endpoint URL.

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

Constructor Details

HTTPRedirectDeflateEncoder

public HTTPRedirectDeflateEncoder()

Method Details

getBindingURI

@Nonnull
@NotEmpty
public String getBindingURI()

Gets the SAML binding URI supported by this encoder.

Returns:

SAML binding URI supported by this encoder

doEncode

protected void doEncode()
                 throws MessageEncodingException

Performs the encoding logic. By the time this is called, this encoder has already been initialized and checked to ensure that it has not been destroyed.

Specified by:

doEncode in class AbstractMessageEncoder

Throws:

MessageEncodingException - thrown if there is a problem encoding the message

removeSignature

protected void removeSignature(@Nonnull
 SAMLObject message)

Removes the signature from the protocol message.

Parameters:

message - current message context

deflateAndBase64Encode

@Nonnull
protected String deflateAndBase64Encode(@Nonnull
 SAMLObject message)
                                 throws MessageEncodingException

DEFLATE (RFC1951) compresses the given SAML message.

Parameters:

message - SAML message

Returns:

DEFLATE compressed message

Throws:

MessageEncodingException - thrown if there is a problem compressing the message

buildRedirectURL

@Nonnull
protected String buildRedirectURL(@Nonnull
 MessageContext messageContext,
 @Nonnull @NotEmpty
 String endpoint,
 @Nonnull @NotEmpty
 String message)
                           throws MessageEncodingException

Builds the URL to redirect the client to.

Parameters:

messageContext - current message context

endpoint - endpoint URL to send encoded message to

message - Deflated and Base64 encoded message

Returns:

URL to redirect client to

Throws:

MessageEncodingException - thrown if the SAML message is neither a RequestAbstractType or Response

removeDisallowedQueryParams

protected void removeDisallowedQueryParams(@Nonnull
 List<Pair<String,String>> queryParams)

Remove disallowed query params from the supplied list.

Parameters:

queryParams - the list of query params on which to operate

getSignatureAlgorithmURI

@Nonnull
protected String getSignatureAlgorithmURI(@Nonnull
 SignatureSigningParameters signingParameters)
                                   throws MessageEncodingException

Gets the signature algorithm URI to use.

Parameters:

signingParameters - the signing parameters to use

Returns:

signature algorithm to use with the associated signing credential

Throws:

MessageEncodingException - thrown if the algorithm URI is not supplied explicitly and could not be derived from the supplied credential

generateSignature

@Nonnull
protected String generateSignature(@Nonnull
 Credential signingCredential,
 @Nonnull
 String algorithmURI,
 @Nonnull
 String queryString)
                            throws MessageEncodingException

Generates the signature over the query string.

Parameters:

signingCredential - credential that will be used to sign query string

algorithmURI - algorithm URI of the signing credential

queryString - query string to be signed

Returns:

base64 encoded signature of query string

Throws:

MessageEncodingException - there is an error computing the signature