Support for SSO with HTTP-POST binding

SAML-Toolkits · Jan 26, 2018 · 6d95d4d · 6d95d4d
1 parent 94b3ed8
commit 6d95d4d
Show file tree

Hide file tree

Showing 5 changed files with 287 additions and 93 deletions.
diff --git a/core/src/main/java/com/onelogin/saml2/exception/SettingsException.java b/core/src/main/java/com/onelogin/saml2/exception/SettingsException.java
@@ -10,7 +10,8 @@ public class SettingsException extends Exception {
     public static final int PRIVATE_KEY_NOT_FOUND = 4;
     public static final int PUBLIC_CERT_FILE_NOT_FOUND = 5;    
     public static final int PRIVATE_KEY_FILE_NOT_FOUND = 6;
-
+    public static final int UNSUPPORTED_BINDING = 7;
+
     private int errorCode;
 
 	public SettingsException(String message, int errorCode) {

diff --git a/core/src/main/java/com/onelogin/saml2/util/Util.java b/core/src/main/java/com/onelogin/saml2/util/Util.java
@@ -1081,6 +1081,29 @@ public static Document copyDocument(Document source) throws ParserConfigurationE
 	 * @throws XPathExpressionException
 	 */
 	public static String addSign(Document document, PrivateKey key, X509Certificate certificate, String signAlgorithm) throws XMLSecurityException, XPathExpressionException {
+		return addSign(document, key, certificate, signAlgorithm, Constants.C14N_WC);
+	}
+
+	/**
+	 * Signs the Document using the specified signature algorithm with the private key and the public certificate.
+	 *
+	 * @param document
+	 * 				 The document to be signed
+	 * @param key
+	 * 				 The private key
+	 * @param certificate
+	 * 				 The public certificate
+	 * @param signAlgorithm
+	 * 				 Signature Algorithm
+	 * @param c14nMethod
+	 * 				 Canonicalization method
+	 *
+	 * @return the signed document in string format
+	 *
+	 * @throws XMLSecurityException
+	 * @throws XPathExpressionException
+	 */
+	public static String addSign(Document document, PrivateKey key, X509Certificate certificate, String signAlgorithm, String c14nMethod) throws XMLSecurityException, XPathExpressionException {
 		org.apache.xml.security.Init.init();
 
 		// Check arguments.
@@ -1095,7 +1118,7 @@ public static String addSign(Document document, PrivateKey key, X509Certificate
 		if (key == null) {
 			throw new IllegalArgumentException("Provided key was null");
 		}
-		
+
 		if (certificate == null) {
 			throw new IllegalArgumentException("Provided certificate was null");
 		}
@@ -1104,17 +1127,13 @@ public static String addSign(Document document, PrivateKey key, X509Certificate
 			signAlgorithm = Constants.RSA_SHA1;
 		}
 
-		// document.normalizeDocument();
-
-		String c14nMethod = Constants.C14N_WC;
-
 		// Signature object
 		XMLSignature sig = new XMLSignature(document, null, signAlgorithm, c14nMethod);
 
 		// Including the signature into the document before sign, because
 		// this is an envelop signature
 		Element root = document.getDocumentElement();
-		document.setXmlStandalone(false);		
+		document.setXmlStandalone(false);
 
 		// If Issuer, locate Signature after Issuer, Otherwise as first child.
 		NodeList issuerNodes = Util.query(document, "//saml:Issuer", null);
@@ -1141,7 +1160,7 @@ public static String addSign(Document document, PrivateKey key, X509Certificate
 		sig.addDocument(reference, transforms, Constants.SHA1);
 
 		// Add the certification info
-		sig.addKeyInfo(certificate);			
+		sig.addKeyInfo(certificate);
 
 		// Sign the document
 		sig.sign(key);
@@ -1553,5 +1572,5 @@ private static byte[] toBytesUtf8(String str) {
 		}
 	}
 
-	
+
 }