Last active
July 12, 2016 20:55
-
-
Save omindu/655b11add1b9e6b1d112e655f697497e to your computer and use it in GitHub Desktop.
Modified samlsso_notification.jsp to POST SAML error response to ACS URL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <%-- | |
| ~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved. | |
| ~ | |
| ~ WSO2 Inc. licenses this file to you under the Apache License, | |
| ~ Version 2.0 (the "License"); you may not use this file except | |
| ~ in compliance with the License. | |
| ~ You may obtain a copy of the License at | |
| ~ | |
| ~ http://www.apache.org/licenses/LICENSE-2.0 | |
| ~ | |
| ~ Unless required by applicable law or agreed to in writing, | |
| ~ software distributed under the License is distributed on an | |
| ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY | |
| ~ KIND, either express or implied. See the License for the | |
| ~ specific language governing permissions and limitations | |
| ~ under the License. | |
| --%> | |
| <%@ page import="org.wso2.carbon.identity.application.authentication.endpoint.util.Constants" %> | |
| <%@ page import="org.owasp.encoder.Encode" %> | |
| <%@ page import="java.net.URLDecoder"%> | |
| <%@ page import="org.apache.commons.codec.binary.Base64"%> | |
| <%@ page import="java.util.zip.Inflater"%> | |
| <%@ page import="java.util.zip.InflaterInputStream"%> | |
| <%@ page import="java.util.zip.DataFormatException" %> | |
| <%@ page import="java.io.ByteArrayInputStream" %> | |
| <%@ page import="java.io.ByteArrayOutputStream" %> | |
| <%@ page import="java.nio.charset.StandardCharsets" %> | |
| <%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %> | |
| <% | |
| String stat = request.getParameter(Constants.STATUS); | |
| String statusMessage = request.getParameter(Constants.STATUS_MSG); | |
| String encodedResponse = ""; | |
| String acsURL = ""; | |
| String decodedString; | |
| boolean success = false; | |
| if (stat == null || statusMessage == null) { | |
| success = false; | |
| } | |
| String samlError = request.getParameter("SAMLResponse"); | |
| if (samlError == null || samlError.isEmpty()) { | |
| success = false; | |
| } | |
| try { | |
| Base64 base64Decoder = new Base64(0); | |
| byte[] xmlBytes = samlError.getBytes(StandardCharsets.UTF_8); | |
| byte[] base64DecodedByteArray = base64Decoder.decode(xmlBytes); | |
| try { | |
| Inflater inflater = new Inflater(true); | |
| inflater.setInput(base64DecodedByteArray); | |
| byte[] xmlMessageBytes = new byte[5000]; | |
| int resultLength = inflater.inflate(xmlMessageBytes); | |
| inflater.end(); | |
| decodedString = new String(xmlMessageBytes, 0, resultLength, StandardCharsets.UTF_8); | |
| if (!inflater.finished()) { | |
| success = false; | |
| } else { | |
| success = true; | |
| } | |
| } catch (DataFormatException e) { | |
| ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(base64DecodedByteArray); | |
| ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(); | |
| InflaterInputStream iis = new InflaterInputStream(byteArrayInputStream); | |
| byte[] buf = new byte[1024]; | |
| int count = iis.read(buf); | |
| while (count != -1) { | |
| byteArrayOutputStream.write(buf, 0, count); | |
| count = iis.read(buf); | |
| } | |
| iis.close(); | |
| decodedString = new String(byteArrayOutputStream.toByteArray(), StandardCharsets.UTF_8); | |
| success = true; | |
| } | |
| byte[] encodeBytes = base64Decoder.encode(decodedString.getBytes(StandardCharsets.UTF_8)); | |
| encodedResponse = new String(encodeBytes, StandardCharsets.UTF_8); | |
| acsURL = request.getParameter("ACSUrl"); | |
| if (acsURL == null || acsURL.isEmpty()) { | |
| success = false; | |
| } else { | |
| acsURL = URLDecoder.decode(acsURL, StandardCharsets.UTF_8.name()); | |
| success = true; | |
| } | |
| } catch (Exception e) { | |
| success = false; | |
| } | |
| if (!success) { | |
| stat = "Authentication Error !"; | |
| statusMessage = "Something went wrong during the authentication process. Please try signing in again."; | |
| } | |
| session.invalidate(); | |
| %> | |
| <% if (success) {%> | |
| <html> | |
| <body> | |
| <form method='post' action='<%=acsURL%>'> | |
| <p> | |
| <input type='hidden' name='SAMLResponse' value='<%=Encode.forHtmlAttribute(encodedResponse)%>'> | |
| <noscript> | |
| <button type='submit'>Continue..</button> | |
| </noscript> | |
| </p> | |
| </form> | |
| <script type='text/javascript'> | |
| document.forms[0].submit(); | |
| </script> | |
| </body> | |
| </html> | |
| <%} else {%> | |
| <style> | |
| .info-box { | |
| background-color: #EEF3F6; | |
| border: 1px solid #ABA7A7; | |
| font-size: 13px; | |
| font-weight: bold; | |
| margin-bottom: 10px; | |
| padding: 10px; | |
| } | |
| </style> | |
| <fmt:bundle basename="org.wso2.carbon.identity.application.authentication.endpoint.i18n.Resources"> | |
| <div id="middle"> | |
| <h2><fmt:message key='saml.sso'/></h2> | |
| <div id="workArea"> | |
| <div class="info-box"> | |
| <%=Encode.forHtml(stat)%> | |
| </div> | |
| <table class="styledLeft"> | |
| <tbody> | |
| <tr> | |
| <td><%=Encode.forHtmlContent(statusMessage)%> | |
| </td> | |
| </tr> | |
| </tbody> | |
| </table> | |
| </div> | |
| </div> | |
| </fmt:bundle> | |
| <% } %> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment