org.opensaml.saml.saml2.binding.encoding.impl

Class HTTPRedirectDeflateEncoder

java.lang.Object

net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

org.opensaml.messaging.encoder.AbstractMessageEncoder<MessageType>

org.opensaml.messaging.encoder.servlet.AbstractHttpServletResponseMessageEncoder<MessageType>

org.opensaml.messaging.encoder.servlet.BaseHttpServletResponseXMLMessageEncoder<SAMLObject>

org.opensaml.saml.saml2.binding.encoding.impl.BaseSAML2MessageEncoder

org.opensaml.saml.saml2.binding.encoding.impl.HTTPRedirectDeflateEncoder

All Implemented Interfaces:

net.shibboleth.utilities.java.support.component.Component, net.shibboleth.utilities.java.support.component.DestructableComponent, net.shibboleth.utilities.java.support.component.InitializableComponent, net.shibboleth.utilities.java.support.component.UnmodifiableComponent, org.opensaml.messaging.encoder.MessageEncoder<SAMLObject>, org.opensaml.messaging.encoder.servlet.HttpServletResponseMessageEncoder<SAMLObject>, SAMLMessageEncoder

public class HTTPRedirectDeflateEncoder
extends BaseSAML2MessageEncoder

SAML 2.0 HTTP Redirect encoder using the DEFLATE encoding method. This encoder only supports DEFLATE compression.

Nested Class Summary

Nested Classes

Modifier and Type	Class and Description
private class	HTTPRedirectDeflateEncoder.NoWrapAutoEndDeflaterOutputStream A subclass of DeflaterOutputStream which defaults in a no-wrap Deflater instance and closes it when the stream is closed.

Field Summary

Fields

Modifier and Type	Field and Description
private static Set<String>	DISALLOWED_ENDPOINT_QUERY_PARAMS Params which are disallowed from appearing in the input endpoint URL.
private Logger	log Class logger.

Constructor Summary

Constructors

Constructor and Description
HTTPRedirectDeflateEncoder() Constructor.

Method Summary

Methods

Modifier and Type	Method and Description
protected String	buildRedirectURL(org.opensaml.messaging.context.MessageContext<SAMLObject> messageContext, String endpoint, String message) Builds the URL to redirect the client to.
protected String	deflateAndBase64Encode(SAMLObject message) DEFLATE (RFC1951) compresses the given SAML message.
protected void	doEncode()
protected String	generateSignature(org.opensaml.security.credential.Credential signingCredential, String algorithmURI, String queryString) Generates the signature over the query string.
String	getBindingURI()
protected String	getSignatureAlgorithmURI(org.opensaml.xmlsec.SignatureSigningParameters signingParameters) Gets the signature algorithm URI to use.
protected void	removeDisallowedQueryParams(List<net.shibboleth.utilities.java.support.collection.Pair<String,String>> queryParams) Remove disallowed query params from the supplied list.
protected void	removeSignature(SAMLObject message) Removes the signature from the protocol message.

Methods inherited from class org.opensaml.saml.saml2.binding.encoding.impl.BaseSAML2MessageEncoder

getEndpointURL

Methods inherited from class org.opensaml.messaging.encoder.servlet.BaseHttpServletResponseXMLMessageEncoder

encode, getMessageToLog, logEncodedMessage, marshallMessage

Methods inherited from class org.opensaml.messaging.encoder.servlet.AbstractHttpServletResponseMessageEncoder

doDestroy, doInitialize, getHttpServletResponse, setHttpServletResponse

Methods inherited from class org.opensaml.messaging.encoder.AbstractMessageEncoder

getMessageContext, prepareContext, setMessageContext

Methods inherited from class net.shibboleth.utilities.java.support.component.AbstractInitializableComponent

destroy, initialize, isDestroyed, isInitialized

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Methods inherited from interface org.opensaml.messaging.encoder.MessageEncoder

encode, prepareContext, setMessageContext

Methods inherited from interface net.shibboleth.utilities.java.support.component.InitializableComponent

initialize, isInitialized

Methods inherited from interface net.shibboleth.utilities.java.support.component.DestructableComponent

destroy, isDestroyed

Field Detail

DISALLOWED_ENDPOINT_QUERY_PARAMS

private static final Set<String> DISALLOWED_ENDPOINT_QUERY_PARAMS

Params which are disallowed from appearing in the input endpoint URL.

log

private final Logger log

Class logger.

Constructor Detail

HTTPRedirectDeflateEncoder

public HTTPRedirectDeflateEncoder()

Constructor.

Method Detail

getBindingURI

public String getBindingURI()

doEncode

protected void doEncode()
                 throws org.opensaml.messaging.encoder.MessageEncodingException

Specified by:

doEncode in class org.opensaml.messaging.encoder.AbstractMessageEncoder<SAMLObject>

Throws:

org.opensaml.messaging.encoder.MessageEncodingException

removeSignature

protected void removeSignature(SAMLObject message)

Removes the signature from the protocol message.

Parameters:

message - current message context

deflateAndBase64Encode

protected String deflateAndBase64Encode(SAMLObject message)
                                 throws org.opensaml.messaging.encoder.MessageEncodingException

DEFLATE (RFC1951) compresses the given SAML message.

Parameters:

message - SAML message

Returns:

DEFLATE compressed message

Throws:

org.opensaml.messaging.encoder.MessageEncodingException - thrown if there is a problem compressing the message

buildRedirectURL

protected String buildRedirectURL(org.opensaml.messaging.context.MessageContext<SAMLObject> messageContext,
                      String endpoint,
                      String message)
                           throws org.opensaml.messaging.encoder.MessageEncodingException

Builds the URL to redirect the client to.

Parameters:

messageContext - current message context

endpoint - endpoint URL to send encoded message to

message - Deflated and Base64 encoded message

Returns:

URL to redirect client to

Throws:

org.opensaml.messaging.encoder.MessageEncodingException - thrown if the SAML message is neither a RequestAbstractType or Response

removeDisallowedQueryParams

protected void removeDisallowedQueryParams(@Nonnull
                               List<net.shibboleth.utilities.java.support.collection.Pair<String,String>> queryParams)

Remove disallowed query params from the supplied list.

Parameters:

queryParams - the list of query params on which to operate

getSignatureAlgorithmURI

protected String getSignatureAlgorithmURI(org.opensaml.xmlsec.SignatureSigningParameters signingParameters)
                                   throws org.opensaml.messaging.encoder.MessageEncodingException

Gets the signature algorithm URI to use.

Parameters:

signingParameters - the signing parameters to use

Returns:

signature algorithm to use with the associated signing credential

Throws:

org.opensaml.messaging.encoder.MessageEncodingException - thrown if the algorithm URI is not supplied explicitly and could not be derived from the supplied credential

generateSignature

protected String generateSignature(org.opensaml.security.credential.Credential signingCredential,
                       String algorithmURI,
                       String queryString)
                            throws org.opensaml.messaging.encoder.MessageEncodingException

Generates the signature over the query string.

Parameters:

signingCredential - credential that will be used to sign query string

algorithmURI - algorithm URI of the signing credential

queryString - query string to be signed

Returns:

base64 encoded signature of query string

Throws:

org.opensaml.messaging.encoder.MessageEncodingException - there is an error computing the signature