/** * * @param content The http message as bytes. * @return True if SAML is found in the message. */ private boolean isSAML(byte[] content) { samlContent = helpers.getRequestParameter(content, samlRequest); if (null != samlContent){ return true; } samlContent = helpers.getRequestParameter(content, samlResponse); if (null != samlContent){ return true; } return false; }
IParameter jwt = helpers.getRequestParameter(content, "assertion"); jwt = helpers.getRequestParameter(content, "id_token"); jwt = helpers.getRequestParameter(content, "access_token"); if(jwt == null){ if(isRequest){
try { if (helpers.getRequestParameter(modifiedReq, URLDecoder.decode(pair, "UTF-8")) != null) { return; try { if (helpers.getRequestParameter(modifiedReq, URLDecoder.decode(pair.substring(0, idx), "UTF-8")) != null) { return;
if(null != helpers.getRequestParameter(httpRequestResponse.getRequest(), "signed_request")){ if(comment.equals("")){ comment = "Facebook Connect Authentication Response"; if(null != helpers.getRequestParameter(httpRequestResponse.getRequest(), "response_type")){ IParameter respose_type = helpers.getRequestParameter(httpRequestResponse.getRequest(), "response_type"); if(respose_type.getValue().contains("signed_request")){ if(comment.equals("")){
else if (null != helpers.getRequestParameter(content, "wresult")) { try { IRequestInfo requestInfo = helpers.analyzeRequest(content); isWSSUrlEncoded = requestInfo.getContentType() == IRequestInfo.CONTENT_TYPE_URL_ENCODED; isWSSMessage = true; IParameter parameter = helpers.getRequestParameter(content, "wresult"); String wssMessage = getDecodedSAMLMessage(parameter.getValue()); Document document; requestParameter = helpers.getRequestParameter(content, "SAMLResponse"); if (requestParameter != null) { isSAMLRequest = false; requestParameter = helpers.getRequestParameter(content, "SAMLRequest"); if (requestParameter != null) { isSAMLRequest = true;
private SSOProtocol checkRequestForMicrosoftAccount(IRequestInfo requestInfo, IHttpRequestResponse httpRequestResponse) { String comment = ""; MicrosoftAccount msa = null; IParameter scope = helpers.getRequestParameter(httpRequestResponse.getRequest(), "scope"); if(scope != null){ String scope_value = scope.getValue(); IParameter wa = helpers.getRequestParameter(httpRequestResponse.getRequest(), "wa"); if(wa != null){ if(wa.getValue().equals("wsignin1.0")){
private SSOProtocol checkRequestForOpenId(IRequestInfo requestInfo, IHttpRequestResponse httpRequestResponse) { final List<IParameter> parameterList = requestInfo.getParameters(); IParameter openidMode = getFirstParameterByName(parameterList, "openid.mode"); String protocol = "OpenID"; if (openidMode != null) { if(openidMode.getValue().contains("checkid_setup")) { markRequestResponse(httpRequestResponse, "OpenID Request", HIGHLIGHT_COLOR); } else if(openidMode.getValue().equals("associate")){ markRequestResponse(httpRequestResponse, "OpenID Association", HIGHLIGHT_COLOR); } else if(null != helpers.getRequestParameter(httpRequestResponse.getRequest(), "openid.sig")){ if (null != helpers.getRequestParameter(httpRequestResponse.getRequest(), "openid.claimed_id")) { markRequestResponse(httpRequestResponse, "OpenID 2.0 Token", HIGHLIGHT_COLOR); protocol += " v2.0"; } else { markRequestResponse(httpRequestResponse, "OpenID 1.0 Token", HIGHLIGHT_COLOR); protocol += " v1.0"; } } return new OpenID(httpRequestResponse, protocol, callbacks); } return null; }
IParameter response_type = helpers.getRequestParameter(httpRequestResponse.getRequest(), "response_type"); IParameter pre_response_type = helpers.getRequestParameter(prev_message.getRequest(), "response_type"); if(response_type != null && pre_response_type != null){ if(response_type.getValue().contains("code") && pre_response_type.getValue().contains("code")){ IParameter code = helpers.getRequestParameter(httpRequestResponse.getRequest(), "code"); if(code != null && oauth_code_requested && comment == null){ comment = "OAuth ACG Code"; IParameter grant_type = helpers.getRequestParameter(httpRequestResponse.getRequest(), "grant_type"); if(grant_type != null && comment == null){ if(grant_type.getValue().contains("auth_code")){ IParameter response_type = helpers.getRequestParameter(httpRequestResponse.getRequest(), "response_type"); IParameter pre_response_type = helpers.getRequestParameter(prev_message.getRequest(), "response_type"); IParameter grant_type = helpers.getRequestParameter(httpRequestResponse.getRequest(), "grant_type"); if(grant_type != null){ switch(grant_type.getValue()){
IParameter response_type = helpers.getRequestParameter(httpRequestResponse.getRequest(), "response_type"); if(response_type != null){ String response_type_value = response_type.getValue(); IParameter response_type = helpers.getRequestParameter(httpRequestResponse.getRequest(), "response_type"); if(response_type != null){ String response_type_value = response_type.getValue(); IParameter response_type = helpers.getRequestParameter(httpRequestResponse.getRequest(), "response_type"); IParameter pre_response_type = helpers.getRequestParameter(prev_message.getRequest(), "response_type"); if(response_type != null && pre_response_type != null){ if(response_type.getValue().contains("code") && pre_response_type.getValue().contains("code")){ IParameter scope = helpers.getRequestParameter(httpRequestResponse.getRequest(), "scope"); IParameter pre_scope = helpers.getRequestParameter(prev_message.getRequest(), "scope"); if(null != helpers.getRequestParameter(httpRequestResponse.getRequest(), "id_token")){ Logging.getInstance().log(getClass(), "7", Logging.DEBUG); comment = "OpenID Connect Implicit Flow Response"; } else if(null != helpers.getRequestParameter(httpRequestResponse.getRequest(), "access_token")){ Logging.getInstance().log(getClass(), "8", Logging.DEBUG); comment = "OpenID Connect Implicit Flow Access Token"; IParameter code = helpers.getRequestParameter(httpRequestResponse.getRequest(), "code"); IParameter scope = helpers.getRequestParameter(httpRequestResponse.getRequest(), "scope"); IParameter state = helpers.getRequestParameter(httpRequestResponse.getRequest(), "state"); if((code != null | state != null) && oidc == null && scope != null){ if(scope.getValue().contains("openid")){
SAMLMessage = xmlHelpers.getStringOfDocument(documentSAML, 0, false); } else if (isWSSMessage) { IParameter parameter = helpers.getRequestParameter(content, "wresult"); SAMLMessage = getDecodedSAMLMessage(parameter.getValue()); } else { parameter = helpers.getRequestParameter(content, "SAMLRequest"); } else { parameter = helpers.getRequestParameter(content, "SAMLResponse");
sigAlgoContent = helpers.getRequestParameter(content, signatureAlgorithm); if(sigAlgoContent != null) { if(sigAlgoContent.getType() == IParameter.PARAM_URL || sigAlgoContent.getType() == IParameter.PARAM_BODY) { sigContent = helpers.getRequestParameter(content, signature); if(sigContent != null) { if(sigContent.getType() == IParameter.PARAM_URL || sigContent.getType() == IParameter.PARAM_BODY){