This is an automated email from the ASF dual-hosted git repository. ilgrosso pushed a commit to branch 1.4.x-fixes in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git
The following commit(s) were added to refs/heads/1.4.x-fixes by this push: new 159a36b Ensure relayState is url-encoded as well 159a36b is described below commit 159a36bd6423cbae18f360bd171dbbdbb20ab690 Author: Francesco Chicchiriccò <ilgro...@apache.org> AuthorDate: Tue May 8 15:08:35 2018 +0200 Ensure relayState is url-encoded as well --- .../cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java index 75dfe4e..a299499 100644 --- a/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java +++ b/services/idp-core/src/main/java/org/apache/cxf/fediz/service/idp/beans/samlsso/AuthnRequestParser.java @@ -292,9 +292,10 @@ public class AuthnRequestParser { sig.initVerify(validatingCert); // Recreate request to sign - String requestToSign = SSOConstants.SAML_REQUEST + "=" + URLEncoder.encode(samlRequest, "UTF-8") - + "&" + SSOConstants.RELAY_STATE + "=" + relayState + "&" + SSOConstants.SIG_ALG - + "=" + URLEncoder.encode(processedSigAlg, StandardCharsets.UTF_8.name()); + String requestToSign = + SSOConstants.SAML_REQUEST + "=" + URLEncoder.encode(samlRequest, StandardCharsets.UTF_8.name()) + + "&" + SSOConstants.RELAY_STATE + "=" + URLEncoder.encode(relayState, StandardCharsets.UTF_8.name()) + + "&" + SSOConstants.SIG_ALG + "=" + URLEncoder.encode(processedSigAlg, StandardCharsets.UTF_8.name()); sig.update(requestToSign.getBytes(StandardCharsets.UTF_8)); -- To stop receiving notification emails like this one, please contact ilgro...@apache.org.