Page History
...
Kodedokumentationen bliver generet med Javadoc.
Sikkerhed
dk.sosi.seal bliver brugt til at verificere SAMLassertion.
Code Block | ||
---|---|---|
| ||
/**
* @param headers Map of request headers
* @return Saml assertion if its valid or null in case of invalid SAML assertion
* @throws AuthenticationException If ant authentication exception occure
*/
public OIOSAMLAssertion extractAndValidate(MultivaluedMap<String, String> headers) throws AuthenticationException {
final List<String> authentication = headers.get(AUTHENTICATION_PROPERTY);
try {
String xml = new String(Base64.decode(authentication.get(0)), StandardCharsets.UTF_8);
Document doc = parseXml(xml);
Element encryptedAssertionElm = doc.getDocumentElement();
PrivateKey privateKeyForAudience = certificateVault.getSystemCredentialPair().getPrivateKey();
// decrypt the xml for the assertion and parse it
final Element element = EncryptionUtil.decryptAndDetach(encryptedAssertionElm, privateKeyForAudience);
OIOSAMLAssertion assertion = new OIOSAMLAssertion(element);
log.debug("extracted: \n" + assertion.getUID());
validateAssertion(assertion);
return assertion;
} catch (IOException | ParserConfigurationException | SAXException e) {
throw new AuthenticationException("Could not validate authentication header", e);
}
} |
Snitfladebeskrivelse og brug
...