Hi Lalanke, What you have done will work but its not a cleaner way of doing things. We could have done it using simple string manipulation like this but what we are just looking for is a way to assign this into a XML object in Jaggery and through e4x grab the portion which corresponds to this assertion.
Regards, Dilshan On Fri, Oct 16, 2015 at 1:02 PM, Lalanke Athauda <[email protected]> wrote: > Hi Inosh, > We are using SAML response to get access token from IS. So we need SAML > Assertion extracted from SAML response and it works fine. We followed these > steps. > > // Decode SAML response, extract SAML assertion string and encode SAML > assertion string > String encodedSAMLAssertion = > Base64.encodeBytes(SAML2GrantManager.getSamlAssertionString( > new String(Base64.decode(SAMLResponse))).getBytes()); > > In SAML2GrantManager class, > > public static String getSamlAssertionString(String SAMLResponse) throws > ScriptException { > String assertionStartMarker = "<saml2:Assertion"; > String assertionEndMarker = "</saml2:Assertion>"; > int assertionStartIndex = SAMLResponse.indexOf(assertionStartMarker); > int assertionEndIndex = SAMLResponse.indexOf(assertionEndMarker); > if (assertionStartIndex != -1 && assertionEndIndex != -1) { > return SAMLResponse.substring(assertionStartIndex, assertionEndIndex) > + assertionEndMarker; > } else { > throw new ScriptException("Invalid SAML response. SAML response has > no valid assertion string."); > } > } > > Then you have the encoded SAML Assertion and you can decode it if need. If > you need further details, refer *OAuthHostObject.java *[1] and > *SAML2GrantManager.java *[2]. > > [1] > https://github.com/lalankea/jaggery-extensions/blob/master/oauth/resources/org.jaggeryjs.modules.oauth/src/main/java/org/jaggeryjs/modules/oauth/OAuthHostObject.java > [2] > https://github.com/lalankea/jaggery-extensions/blob/master/oauth/resources/org.jaggeryjs.modules.oauth/src/main/java/org/jaggeryjs/modules/oauth/SAML2GrantManager.java > > Hope this helps. > > > On Fri, Oct 16, 2015 at 10:29 AM, Inosh Perera <[email protected]> wrote: > >> Hi all, >> >> When working with SAML2Bearer grant type, in our Jaggery app, we need to >> extract the SAML Assertion from the SAML response, and we tried as bellow, >> >> var assertionXML = new XML(decode(assertion)); >> var extractedAssertion = assertionXML..*::["Assertion"].toXMLString(); >> >> When doing so, it seem to be adding formatting to XML, which causes, >> signature validation issues in IS side. Is there a way to extract the >> assertion without formatting? >> >> Regards, >> Inosh >> >> -- >> Inosh Perera >> Software Engineer, WSO2 Inc. >> Tel: 0785293686 >> >> _______________________________________________ >> Dev mailing list >> [email protected] >> http://wso2.org/cgi-bin/mailman/listinfo/dev >> >> > > > -- > Lalanke Athauda > Software Engineer > WSO2 Inc. > Mobile: 0772264301 > -- Dilshan Edirisuriya Senior Software Engineer - WSO2 Mob: + 94 777878905 http://wso2.com/ https://www.linkedin.com/profile/view?id=50486426
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
