sso response解析
import java.io.ByteArrayInputStream;
import java.io.InputStream;
import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.X509EncodedKeySpec; public class SSoTest {
private static final String certificateS = "MIIDNDCCAhygAwIBAgIGAWEpyv9pMA0GCSqGSIb3DQEBCwUAMFsxCzAJBgNVBAYTAlVTMR4wHAYD\n" +
"VQQKExVFbGkgTGlsbHkgYW5kIENvbXBhbnkxLDAqBgNVBAMTI0VsaSBMaWxseSBGZWRlcmF0aW9u\n" +
"IFNlcnZpY2UgKDIwMTgpMB4XDTE4MDEyNDIwMTAyNFoXDTIzMDEyMzIwMTAyNFowWzELMAkGA1UE\n" +
"BhMCVVMxHjAcBgNVBAoTFUVsaSBMaWxseSBhbmQgQ29tcGFueTEsMCoGA1UEAxMjRWxpIExpbGx5\n" +
"IEZlZGVyYXRpb24gU2VydmljZSAoMjAxOCkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB\n" +
"AQDJXGwSK5MIXKbJ3AvVVi6EfzTIZdKeHHfGsmvMYdfqvdWzRgiMGBcQDowny7tIsDXsiCskV4yC\n" +
"FnBFttlzy3vfHe4k3QG2dLEyHkDZcucm3ofyDdWYRXlFfJJKbscgN4elxiLj1xeTKBMHeZYfNlAY\n" +
"hLs0GC6GJYnjyEFip3feHybJV2AUgZzX2hXUCoBMpaTMV9RyjM/mMSKEdG6sK4bgxr9cQ1OTqX4x\n" +
"1NDJ0woVW9v/54MjZL4aN8arOfEV4+pLRI9Ulvs3nd2qzP9NeAbdFzzAGgUH4cv5Q089n9EZ/9Tx\n" +
"VX8/7wrw6zZqJcQBg0KxULXodmgOr4VQNL/7gDZBAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGh+\n" +
"Sdo+VMPv+98DlRTLZcn/6Gys64NGjyhxLA4EEkigoLgFkv1nfZ0alovUkCYZCrccTW/3OfN4znc0\n" +
"VoRcXZuo2a1it5/35EtZIReXx+CjYKHztvxGT5+mm88ThYenssOUAcO4plgmu15XKFoftZB/JLhF\n" +
"mxl2PiM8t6RHpYIZJsN+M7FZxAnhOGZynib0xtdJr1K2s9XmA2GMxFG2I2vKfAhCAq46Bu6VkLq2\n" +
"2/oPigaQCdAg9YKZ1Ll8VmzIYKmkPT3Y/ZuVAcZ1B89JTdZtJIF9tvJUTikJrUhNw6pkCAEmVnWt\n" +
"nP54drzwbUdA/1fTXXgDIlbI61DXhErGwXI=";
static{
try{
DefaultBootstrap.bootstrap ();
}catch (Exception ex){
ex.printStackTrace ();
}
}
public static void main(String[] args) throws Exception{ String SAMLResponse="PHNhbWxwOlJlc3BvbnNlIFZlcnNpb249IjIuMCIgSUQ9ImwzeUpCQm1zRlN1NkNaSS05SU1WMzZKdWstdSIgSXNzdWVJbnN0YW50PSIyMDE5LTAyLTI3VDAzOjQ2OjA0LjIwN1oiIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiPjxzYW1sOklzc3VlciB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5sbHktcWE6c2FtbDI6aWRwPC9zYW1sOklzc3Vlcj48c2FtbHA6U3RhdHVzPjxzYW1scDpTdGF0dXNDb2RlIFZhbHVlPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6c3RhdHVzOlN1Y2Nlc3MiLz48L3NhbWxwOlN0YXR1cz48c2FtbDpBc3NlcnRpb24gSUQ9InlQV0Qwc01WZUtJcmUzUjQ1UTlGTGdQUF9jNCIgSXNzdWVJbnN0YW50PSIyMDE5LTAyLTI3VDAzOjQ2OjA0LjQyNVoiIFZlcnNpb249IjIuMCIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+PHNhbWw6SXNzdWVyPmxseS1xYTpzYW1sMjppZHA8L3NhbWw6SXNzdWVyPjxkczpTaWduYXR1cmUgeG1sbnM6ZHM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPgo8ZHM6U2lnbmVkSW5mbz4KPGRzOkNhbm9uaWNhbGl6YXRpb25NZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KPGRzOlNpZ25hdHVyZU1ldGhvZCBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMDQveG1sZHNpZy1tb3JlI3JzYS1zaGEyNTYiLz4KPGRzOlJlZmVyZW5jZSBVUkk9IiN5UFdEMHNNVmVLSXJlM1I0NVE5RkxnUFBfYzQiPgo8ZHM6VHJhbnNmb3Jtcz4KPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyNlbnZlbG9wZWQtc2lnbmF0dXJlIi8+CjxkczpUcmFuc2Zvcm0gQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz4KPC9kczpUcmFuc2Zvcm1zPgo8ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8wNC94bWxlbmMjc2hhMjU2Ii8+CjxkczpEaWdlc3RWYWx1ZT5iNmYzb2VwT3VPYndlVk1rdEswUDhrdG5VTlY1M1NLY09tekc3L0pnVUVjPTwvZHM6RGlnZXN0VmFsdWU+CjwvZHM6UmVmZXJlbmNlPgo8L2RzOlNpZ25lZEluZm8+CjxkczpTaWduYXR1cmVWYWx1ZT4KdHpqQmF6LzhtRm5jU1p5MTczL1dJSllRbHo2UVBJQVQrbkxEWXhXTFAwdTVaWmFBMDM0Z0RTMm5mNGJBekFIMXh5MVZNMU9KV2lyVQpyTnRQN29kemtRU2ZOUXhmbFU3OXp5SUdTNVhrR3k5dDN3WkY2V3dpWUhwVy9Wb2xwNVFGeGpUeFlaK3FiYU5uZG1NL1l3UE5EdWJ3CnBjWU1yTUhGM0tkY09DME9HQnhCeVhVNFZaeGZBR0dadjhST0g1TjdqMHUxSmd4a0cwN2xZbW81MWVyTmVXVDM2Zkx2dmp0Y3ZWQjEKN3U0Z3AyS0pIa293YllaRUlLTCtDcVFoMWdmZXVJcTV2RUZoYURKRnJzNWhFdVViRkM2c2trUGNCZ3FkRVR4RGZud09sUkZhVDdneQpNdDZhZUdDVGd3cUFKbm5tM1pPU0dKQVF6TWN2QnpJei9jd0daUT09CjwvZHM6U2lnbmF0dXJlVmFsdWU+CjxkczpLZXlJbmZvPgo8ZHM6WDUwOURhdGE+CjxkczpYNTA5Q2VydGlmaWNhdGU+Ck1JSURORENDQWh5Z0F3SUJBZ0lHQVdFcHl2OXBNQTBHQ1NxR1NJYjNEUUVCQ3dVQU1Gc3hDekFKQmdOVkJBWVRBbFZUTVI0d0hBWUQKVlFRS0V4VkZiR2tnVEdsc2JIa2dZVzVrSUVOdmJYQmhibmt4TERBcUJnTlZCQU1USTBWc2FTQk1hV3hzZVNCR1pXUmxjbUYwYVc5dQpJRk5sY25acFkyVWdLREl3TVRncE1CNFhEVEU0TURFeU5ESXdNVEF5TkZvWERUSXpNREV5TXpJd01UQXlORm93V3pFTE1Ba0dBMVVFCkJoTUNWVk14SGpBY0JnTlZCQW9URlVWc2FTQk1hV3hzZVNCaGJtUWdRMjl0Y0dGdWVURXNNQ29HQTFVRUF4TWpSV3hwSUV4cGJHeDUKSUVabFpHVnlZWFJwYjI0Z1UyVnlkbWxqWlNBb01qQXhPQ2t3Z2dFaU1BMEdDU3FHU0liM0RRRUJBUVVBQTRJQkR3QXdnZ0VLQW9JQgpBUURKWEd3U0s1TUlYS2JKM0F2VlZpNkVmelRJWmRLZUhIZkdzbXZNWWRmcXZkV3pSZ2lNR0JjUURvd255N3RJc0RYc2lDc2tWNHlDCkZuQkZ0dGx6eTN2ZkhlNGszUUcyZExFeUhrRFpjdWNtM29meURkV1lSWGxGZkpKS2JzY2dONGVseGlMajF4ZVRLQk1IZVpZZk5sQVkKaExzMEdDNkdKWW5qeUVGaXAzZmVIeWJKVjJBVWdaelgyaFhVQ29CTXBhVE1WOVJ5ak0vbU1TS0VkRzZzSzRiZ3hyOWNRMU9UcVg0eAoxTkRKMHdvVlc5di81NE1qWkw0YU44YXJPZkVWNCtwTFJJOVVsdnMzbmQycXpQOU5lQWJkRnp6QUdnVUg0Y3Y1UTA4OW45RVovOVR4ClZYOC83d3J3NnpacUpjUUJnMEt4VUxYb2RtZ09yNFZRTkwvN2dEWkJBZ01CQUFFd0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFHaCsKU2RvK1ZNUHYrOThEbFJUTFpjbi82R3lzNjROR2p5aHhMQTRFRWtpZ29MZ0ZrdjFuZlowYWxvdlVrQ1laQ3JjY1RXLzNPZk40em5jMApWb1JjWFp1bzJhMWl0NS8zNUV0WklSZVh4K0NqWUtIenR2eEdUNSttbTg4VGhZZW5zc09VQWNPNHBsZ211MTVYS0ZvZnRaQi9KTGhGCm14bDJQaU04dDZSSHBZSVpKc04rTTdGWnhBbmhPR1p5bmliMHh0ZEpyMUsyczlYbUEyR014RkcySTJ2S2ZBaENBcTQ2QnU2VmtMcTIKMi9vUGlnYVFDZEFnOVlLWjFMbDhWbXpJWUtta1BUM1kvWnVWQWNaMUI4OUpUZFp0SklGOXR2SlVUaWtKclVoTnc2cGtDQUVtVm5XdApuUDU0ZHJ6d2JVZEEvMWZUWFhnRElsYkk2MURYaEVyR3dYST0KPC9kczpYNTA5Q2VydGlmaWNhdGU+CjwvZHM6WDUwOURhdGE+CjwvZHM6S2V5SW5mbz4KPC9kczpTaWduYXR1cmU+PHNhbWw6U3ViamVjdD48c2FtbDpOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoxLjE6bmFtZWlkLWZvcm1hdDp1bnNwZWNpZmllZCI+QzI3MDAzNjwvc2FtbDpOYW1lSUQ+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbiBNZXRob2Q9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpjbTpiZWFyZXIiPjxzYW1sOlN1YmplY3RDb25maXJtYXRpb25EYXRhIFJlY2lwaWVudD0iaHR0cHM6Ly90ZXN0c2VydmljZS50cHAudHA5NTU4OS5jb20vdHBwc2VydmljZS9jYXMvbGlsbHktc2FtbDIiIE5vdE9uT3JBZnRlcj0iMjAxOS0wMi0yN1QwMzo0ODowNC40MjVaIi8+PC9zYW1sOlN1YmplY3RDb25maXJtYXRpb24+PC9zYW1sOlN1YmplY3Q+PHNhbWw6Q29uZGl0aW9ucyBOb3RCZWZvcmU9IjIwMTktMDItMjdUMDM6NDQ6MDQuNDI1WiIgTm90T25PckFmdGVyPSIyMDE5LTAyLTI3VDAzOjQ4OjA0LjQyNVoiPjxzYW1sOkF1ZGllbmNlUmVzdHJpY3Rpb24+PHNhbWw6QXVkaWVuY2U+dGFpcGluZ3BlbnNpb25oYWxsPC9zYW1sOkF1ZGllbmNlPjwvc2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjwvc2FtbDpDb25kaXRpb25zPjxzYW1sOkF1dGhuU3RhdGVtZW50IFNlc3Npb25JbmRleD0ieVBXRDBzTVZlS0lyZTNSNDVROUZMZ1BQX2M0IiBBdXRobkluc3RhbnQ9IjIwMTktMDItMjdUMDM6NDY6MDQuNDEwWiI+PHNhbWw6QXV0aG5Db250ZXh0PjxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPnVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphYzpjbGFzc2VzOlRlbGVwaG9ueTwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48L3NhbWw6QXNzZXJ0aW9uPjwvc2FtbHA6UmVzcG9uc2U+";
byte[] byteResponse = new Base64().decode(SAMLResponse.getBytes("utf-8"));
// String gg=new String(byteResponse,"utf-8");
// System.out.println(gg); // Read certificate
CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
InputStream inputStream = new ByteArrayInputStream(Base64.decodeBase64(certificateS.getBytes("UTF-8")));
X509Certificate certificate = (X509Certificate) certificateFactory.generateCertificate(inputStream);
inputStream.close(); BasicX509Credential credential = new BasicX509Credential();
KeyFactory keyFactory = KeyFactory.getInstance("RSA");
X509EncodedKeySpec publicKeySpec = new X509EncodedKeySpec(certificate.getPublicKey().getEncoded());
PublicKey key = keyFactory.generatePublic(publicKeySpec);
credential.setPublicKey(key); ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(byteResponse);
DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
documentBuilderFactory.setNamespaceAware(true);
DocumentBuilder documentBuilder = documentBuilderFactory.newDocumentBuilder(); Document document = documentBuilder.parse(byteArrayInputStream);
Element element = document.getDocumentElement(); // NodeList nodeList= element.getChildNodes();
// Node node=nodeList.item(2);
// NodeList assertion= node.getChildNodes();
// Node sub=assertion.item(2);
// NodeList as=sub.getChildNodes();
// Node nameIdNode=as.item(0);
// String nameId= nameIdNode.getChildNodes().item(0).getNodeValue();
// System.out.println("====================="+nameId);
// System.out.println("====================="+bb); UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(element);
XMLObject responseXmlObj = unmarshaller.unmarshall(element);
Response responseObj = (Response) responseXmlObj;
Assertion assertion = responseObj.getAssertions().get(0);
String nameId = assertion.getSubject().getNameID().getValue();
System.out.println(("nameId=" + nameId));
//判断该消息是否被签名
if(!assertion.isSigned()){
throw new RuntimeException("The SAML Assertion was not signed");
}
//判断该签名是否符合SAML签名的标准声明,也就是是否应用了XML的规范化算法
SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
profileValidator.validate(assertion.getSignature()); org.opensaml.xml.signature.Signature sig = assertion.getSignature();
System.out.println("sign==================="+sig.getKeyInfo());
//再正密码学意义上的验证签名
org.opensaml.xml.signature.SignatureValidator validator = new org.opensaml.xml.signature.SignatureValidator(credential);
validator.validate(sig); }
}
欢迎分享,转载请注明来源:内存溢出
评论列表(0条)