Versions Compared

Old Version 45

changes.mady.by.user Jeppe Gravgaard

Saved on

compared with

New Version 46

changes.mady.by.user Jeppe Gravgaard

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Kodedokumentationen bliver generet med Javadoc.

Sikkerhed

dk.sosi.seal bliver brugt til at verificere SAMLassertion.

Code Block
languagejava
/**
     * @param headers Map of request headers
     * @return Saml assertion if its valid or null in case of invalid SAML assertion
     * @throws AuthenticationException If ant authentication exception occure
     */
    public OIOSAMLAssertion extractAndValidate(MultivaluedMap<String, String> headers) throws AuthenticationException {
        final List<String> authentication = headers.get(AUTHENTICATION_PROPERTY);
        try {
            String xml = new String(Base64.decode(authentication.get(0)), StandardCharsets.UTF_8);

            Document doc = parseXml(xml);

            Element encryptedAssertionElm = doc.getDocumentElement();

            PrivateKey privateKeyForAudience = certificateVault.getSystemCredentialPair().getPrivateKey();

            // decrypt the xml for the assertion and parse it
            final Element element = EncryptionUtil.decryptAndDetach(encryptedAssertionElm, privateKeyForAudience);
            OIOSAMLAssertion assertion = new OIOSAMLAssertion(element);

            log.debug("extracted: \n" + assertion.getUID());
            validateAssertion(assertion);

            return assertion;
        } catch (IOException | ParserConfigurationException | SAXException e) {
            throw new AuthenticationException("Could not validate authentication header", e);
        }
    }



Snitfladebeskrivelse og brug

...