/** * Url encode a value via UTF-8. * * @param value the value to encode * @return the encoded value */ public static String urlEncode(final String value) { return urlEncode(value, StandardCharsets.UTF_8.name()); }
/** * Encodes the message in UTF-8 format in preparation to send. * * @param message Message to format and encode * @return The encoded message. */ protected String formatOutputMessageInternal(final String message) { try { return EncodingUtils.urlEncode(message); } catch (final Exception e) { LOGGER.warn("Unable to encode URL " + message, e); } return message; } }
@Override protected InputStream getResourceInputStream(final Resource resource, final String entityId) throws IOException { if (resource instanceof UrlResource && resource.getURL().toExternalForm().toLowerCase().endsWith("/entities/")) { val encodedId = EncodingUtils.urlEncode(entityId); val url = new URL(resource.getURL().toExternalForm().concat(encodedId)); LOGGER.debug("Locating metadata input stream for [{}] via [{}]", encodedId, url); val httpcon = (HttpURLConnection) url.openConnection(); httpcon.setDoOutput(true); httpcon.addRequestProperty("Accept", "*/*"); httpcon.setRequestMethod("GET"); httpcon.connect(); return httpcon.getInputStream(); } return ClosedInputStream.CLOSED_INPUT_STREAM; } }
@Override protected String getMetadataLocationForService(final SamlRegisteredService service) { LOGGER.info("Getting metadata dynamically for [{}]", service.getName()); return service.getMetadataLocation().replace("{0}", EncodingUtils.urlEncode(service.getServiceId())); }
.map(entry -> { try { return String.join("=", entry.getKey(), EncodingUtils.urlEncode(entry.getValue())); } catch (final Exception e) { return String.join("=", entry.getKey(), entry.getValue());
/** * Build with predefined renew and gateway parameters. * * @param casClient the cas client config * @param context the context * @param renew ask for credentials again * @param gateway skip asking for credentials * @return the redirect action */ protected RedirectAction build(final CasClient casClient, final WebContext context, final boolean renew, final boolean gateway) { val serviceUrl = casClient.computeFinalCallbackUrl(context); val casServerLoginUrl = casClient.getConfiguration().getLoginUrl(); val redirectionUrl = casServerLoginUrl + (casServerLoginUrl.contains("?") ? "&" : "?") + CasProtocolConstants.PARAMETER_SERVICE + '=' + EncodingUtils.urlEncode(serviceUrl) + (renew ? '&' + CasProtocolConstants.PARAMETER_RENEW + "=true" : "") + (gateway ? '&' + CasProtocolConstants.PARAMETER_GATEWAY + "=true" : ""); LOGGER.debug("Final redirect url is [{}]", redirectionUrl); return RedirectAction.redirect(redirectionUrl); } }
@Override protected Event doInternalExecute(final HttpServletRequest request, final HttpServletResponse response, final RequestContext context) throws Exception { final List<LogoutRequest> logoutRequests = WebUtils.getLogoutRequests(context); final Integer startIndex = getLogoutIndex(context); if (logoutRequests != null) { for (int i = startIndex; i < logoutRequests.size(); i++) { final LogoutRequest logoutRequest = logoutRequests.get(i); if (logoutRequest.getStatus() == LogoutRequestStatus.NOT_ATTEMPTED) { // assume it has been successful logoutRequest.setStatus(LogoutRequestStatus.SUCCESS); // save updated index putLogoutIndex(context, i + 1); final String logoutUrl = logoutRequest.getLogoutUrl().toExternalForm(); LOGGER.debug("Using logout url [{}] for front-channel logout requests", logoutUrl); final String logoutMessage = this.logoutManager.createFrontChannelLogoutMessage(logoutRequest); LOGGER.debug("Front-channel logout message to send under [{}] is [{}]", this.logoutRequestParameter, logoutMessage); // redirect to application with SAML logout message final UriComponentsBuilder builder = UriComponentsBuilder.fromHttpUrl(logoutUrl); builder.queryParam(this.logoutRequestParameter, EncodingUtils.urlEncode(logoutMessage)); return result(REDIRECT_APP_EVENT, DEFAULT_FLOW_ATTRIBUTE_LOGOUT_URL, builder.build().toUriString()); } } } // no new service with front-channel logout -> finish logout return new Event(this, FINISH_EVENT); }