Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for HTTP-POST binding #142

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Support for HTTP-POST binding #142

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion core/src/main/java/com/onelogin/saml2/exception/SettingsException.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,8 @@ public class SettingsException extends Exception {
public static final int PRIVATE_KEY_NOT_FOUND = 4;
public static final int PUBLIC_CERT_FILE_NOT_FOUND = 5;
public static final int PRIVATE_KEY_FILE_NOT_FOUND = 6;

public static final int UNSUPPORTED_BINDING = 7;

private int errorCode;

public SettingsException(String message, int errorCode) {
Expand Down
35 changes: 27 additions & 8 deletions core/src/main/java/com/onelogin/saml2/util/Util.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1081,6 +1081,29 @@ public static Document copyDocument(Document source) throws ParserConfigurationE
* @throws XPathExpressionException
*/
public static String addSign(Document document, PrivateKey key, X509Certificate certificate, String signAlgorithm) throws XMLSecurityException, XPathExpressionException {
return addSign(document, key, certificate, signAlgorithm, Constants.C14N_WC);
}

/**
* Signs the Document using the specified signature algorithm with the private key and the public certificate.
*
* @param document
* The document to be signed
* @param key
* The private key
* @param certificate
* The public certificate
* @param signAlgorithm
* Signature Algorithm
* @param c14nMethod
* Canonicalization method
*
* @return the signed document in string format
*
* @throws XMLSecurityException
* @throws XPathExpressionException
*/
public static String addSign(Document document, PrivateKey key, X509Certificate certificate, String signAlgorithm, String c14nMethod) throws XMLSecurityException, XPathExpressionException {
org.apache.xml.security.Init.init();

// Check arguments.
Expand All @@ -1095,7 +1118,7 @@ public static String addSign(Document document, PrivateKey key, X509Certificate
if (key == null) {
throw new IllegalArgumentException("Provided key was null");
}

if (certificate == null) {
throw new IllegalArgumentException("Provided certificate was null");
}
Expand All @@ -1104,17 +1127,13 @@ public static String addSign(Document document, PrivateKey key, X509Certificate
signAlgorithm = Constants.RSA_SHA1;
}

// document.normalizeDocument();

String c14nMethod = Constants.C14N_WC;

// Signature object
XMLSignature sig = new XMLSignature(document, null, signAlgorithm, c14nMethod);

// Including the signature into the document before sign, because
// this is an envelop signature
Element root = document.getDocumentElement();
document.setXmlStandalone(false);
document.setXmlStandalone(false);

// If Issuer, locate Signature after Issuer, Otherwise as first child.
NodeList issuerNodes = Util.query(document, "//saml:Issuer", null);
Expand All @@ -1141,7 +1160,7 @@ public static String addSign(Document document, PrivateKey key, X509Certificate
sig.addDocument(reference, transforms, Constants.SHA1);

// Add the certification info
sig.addKeyInfo(certificate);
sig.addKeyInfo(certificate);

// Sign the document
sig.sign(key);
Expand Down Expand Up @@ -1553,5 +1572,5 @@ private static byte[] toBytesUtf8(String str) {
}
}


}
Loading