gpt4 book ai didi

java - 解码 SAML 请求会出现错误的 header 检查错误

转载 作者:行者123 更新时间:2023-12-02 05:42:40 24 4
gpt4 key购买 nike

我尝试使用 java 代码解码 SAML 请求,但收到“ header 检查错误”错误。我用于解码请求的代码是:

public static String decode(String encSAMLRequest){
String ret = null;

SamlRequest samlRequest = null; //the xml is compressed (deflate) and encoded (base64)
byte[] decodedBytes = null;
try {
decodedBytes = new Base64().decode(encSAMLRequest.getBytes("UTF-8"));
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

try {
//try DEFLATE (rfc 1951) -- according to SAML spec
ret = new String(inflate(decodedBytes, true));
//return new SamlRequest(new String(inflate(decodedBytes, true)));
} catch (Exception ze) {
//try zlib (rfc 1950) -- initial impl didn't realize java docs are wrong
try {
System.out.println(new String(inflate(decodedBytes, false)));
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
//return new SamlRequest(new String(inflate(decodedBytes, false)));
}
return ret;
}


private static byte[] inflate(byte[] bytes, boolean nowrap) throws Exception {

Inflater decompressor = null;
InflaterInputStream decompressorStream = null;
ByteArrayOutputStream out = new ByteArrayOutputStream();
try {
decompressor = new Inflater(nowrap);
decompressorStream = new InflaterInputStream(new ByteArrayInputStream(bytes),
decompressor);
byte[] buf = new byte[1024];
int count;
while ((count = decompressorStream.read(buf)) != -1) {
out.write(buf, 0, count);
}
return out.toByteArray();
} finally {
if (decompressor != null) {
decompressor.end();
}
try {
if (decompressorStream != null) {
decompressorStream.close();
}
} catch (IOException ioe) {
/*ignore*/
}
try {
if (out != null) {
out.close();
}
} catch (IOException ioe) {
/*ignore*/
}
}
}

我打算解码此内容:PHNhbWxwOkF1dGhuUmVxdWVzdCB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmF tZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iXzk2Zjk2MjFjLWY4ZWYtNDlinS05OTZhLWNlymRhMGRiOTcxZSIgSXNzdWVJbnN0YW50PSIyMDE0LTA2LTI0VDA2OjA1OjU2WIgVm Vyc2lvbj0iMi4wIiBBc3NlcnRpb25Db25zdW1lclNlcnZpY2VJbmRleD0iMCIgPjxzYW1sOklzc3Vlcj51cm46ZmVkZXJhdGlvbjpNaWNyb3NvZnRPbmxpbmU8L3NhbWw6SXNzdWVy PjxzYW1scDpOYW1lSURQb2xpY3kgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDpwZXJzaXN0ZW50Ii8+PC9zYW1scDpBdXRoblJlcXVlc3Q+"

解码后的请求应该是这样的:

<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" ID="_7171b0b2-19f2-4ba2-8f94-24b5e56b7f1e" IssueInstant="2014-01-30T16:18:35Z" Version="2.0" AssertionConsumerServiceIndex="0" >
<saml:Issuer>urn:federation:MicrosoftOnline</saml:Issuer>
<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
</samlp:AuthnRequest>

当我使用这个tool解码时,我得到了正确的请求 XML。我可以在代码中执行哪些操作来获取正确的 SAML 请求 XML?

最佳答案

要解码的字符串未压缩。如果您简单地对其进行 base64 解码,您将看到您正在查找的 XML。例如

echo "PHNhbWxwOkF1dGhuUmVxdWVzdCB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iXzk2Zjk2MjFjLWY4ZWYtNDliNS05OTZhLWNlYmRhMGRiOTcxZSIgSXNzdWVJbnN0YW50PSIyMDE0LTA2LTI0VDA2OjA1OjU2WiIgVmVyc2lvbj0iMi4wIiBBc3NlcnRpb25Db25zdW1lclNlcnZpY2VJbmRleD0iMCIgPjxzYW1sOklzc3Vlcj51cm46ZmVkZXJhdGlvbjpNaWNyb3NvZnRPbmxpbmU8L3NhbWw6SXNzdWVyPjxzYW1scDpOYW1lSURQb2xpY3kgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDpwZXJzaXN0ZW50Ii8+PC9zYW1scDpBdXRoblJlcXVlc3Q+" | base64 -d

这里有一个看起来相当全面的解释,解释了事情的实际工作原理:Python: Inflate and Deflate implementations

关于java - 解码 SAML 请求会出现错误的 header 检查错误,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/24381392/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com