@Override public Object get(WebContext context, String key) { final Cookie cookie = ContextHelper.getCookie(context, PAC4J_SESSION_PREFIX + key); Object value = null; if (cookie != null) { value = uncompressDecryptBase64(cookie.getValue()); } logger.debug("Get from session: {} = {}", key, value); return value; }
@Override protected AbstractPac4jDecoder getDecoder(final WebContext webContext) { final AbstractPac4jDecoder decoder; if (ContextHelper.isPost(webContext)) { decoder = new Pac4jHTTPPostDecoder(webContext); try { decoder.setParserPool(Configuration.getParserPool()); decoder.initialize(); decoder.decode(); } catch (final Exception e) { throw new SAMLException("Error decoding POST SAML message", e); } } else if (ContextHelper.isGet(webContext)) { decoder = new Pac4jHTTPRedirectDeflateDecoder(webContext); try { decoder.setParserPool(Configuration.getParserPool()); decoder.initialize(); decoder.decode(); } catch (final Exception e) { throw new SAMLException("Error decoding HTTP-Redirect SAML message", e); } } else { throw new SAMLException("Only GET or POST requests are accepted"); } return decoder; }
public void set(WebContext context, String key, Object value) { logger.debug("Save in session: {} = {}", key, value); final Cookie cookie = new Cookie(PAC4J_SESSION_PREFIX + key, compressEncryptBase64(value)); try { String domain = Urls.getDomainName(context.getFullRequestURL(), this.domainSuffix); if (domain == null) { domain = context.getServerName(); } cookie.setDomain(domain); } catch (final Exception e) { throw new TechnicalException(e); } cookie.setHttpOnly(true); cookie.setSecure(ContextHelper.isHttpsOrSecure(context)); context.addResponseCookie(cookie); }
@Override protected void doDecode() throws MessageDecodingException { final SAML2MessageContext messageContext = new SAML2MessageContext(); if (ContextHelper.isGet(context)) { final byte[] base64DecodedMessage = this.getBase64DecodedMessage(); final InputStream inflatedMessage = inflate(base64DecodedMessage); final SAMLObject inboundMessage = (SAMLObject) this.unmarshallMessage(inflatedMessage); messageContext.setMessage(inboundMessage); logger.debug("Decoded SAML message"); this.populateBindingContext(messageContext); this.setMessageContext(messageContext); } else { throw new MessageDecodingException("This message decoder only supports the HTTP-Redirect method"); } }
@Override protected void doDecode() throws MessageDecodingException { final SAML2MessageContext messageContext = new SAML2MessageContext(); if (ContextHelper.isPost(context)) { final String relayState = this.context.getRequestParameter("RelayState"); logger.debug("Decoded SAML relay state of: {}", relayState); SAMLBindingSupport.setRelayState(messageContext, relayState); final byte[] base64DecodedMessage = this.getBase64DecodedMessage(); final XMLObject xmlObject = this.unmarshallMessage(new ByteArrayInputStream(base64DecodedMessage)); final SAMLObject inboundMessage; if (xmlObject instanceof Envelope) { Envelope soapMessage = (Envelope) xmlObject; messageContext.getSOAP11Context().setEnvelope(soapMessage); try { new SAMLSOAPDecoderBodyHandler().invoke(messageContext); } catch (final MessageHandlerException e) { throw new MessageDecodingException("Cannot decode SOAP envelope", e); } } else { inboundMessage = (SAMLObject) xmlObject; messageContext.setMessage(inboundMessage); } logger.debug("Decoded SAML message"); this.populateBindingContext(messageContext); this.setMessageContext(messageContext); } else { throw new MessageDecodingException("This message decoder only supports the HTTP POST method"); } }
@Override public void set(WebContext context, String key, Object value) { logger.debug("Save in session: {} = {}", key, value); final Cookie cookie = new Cookie(PAC4J_SESSION_PREFIX + key, compressEncryptBase64(value)); try { String domain = Urls.getDomainName(context.getFullRequestURL(), this.domainSuffix); if (domain == null) { domain = context.getServerName(); } cookie.setDomain(domain); } catch (final Exception e) { throw new TechnicalException(e); } cookie.setHttpOnly(true); cookie.setSecure(ContextHelper.isHttpsOrSecure(context)); context.addResponseCookie(cookie); }
public Object get(WebContext context, String key) { final Cookie cookie = ContextHelper.getCookie(context, PAC4J_SESSION_PREFIX + key); Object value = null; if (cookie != null) { value = uncompressDecryptBase64(cookie.getValue()); } logger.debug("Get from session: {} = {}", key, value); return value; }