Re: [Dev] [EMM][JAGGERY]Jaggery XML parsing

Fri, 16 Oct 2015 00:33:08 -0700 

Hi Inosh,
We are using SAML response to get access token from IS. So we need SAML
Assertion extracted from SAML response and it works fine. We followed these
steps.

// Decode SAML response, extract SAML assertion string and encode SAML
assertion string
String encodedSAMLAssertion =
Base64.encodeBytes(SAML2GrantManager.getSamlAssertionString(
        new String(Base64.decode(SAMLResponse))).getBytes());

In SAML2GrantManager class,

public static String getSamlAssertionString(String SAMLResponse)
throws ScriptException {
    String assertionStartMarker = "<saml2:Assertion";
    String assertionEndMarker = "</saml2:Assertion>";
    int assertionStartIndex = SAMLResponse.indexOf(assertionStartMarker);
    int assertionEndIndex = SAMLResponse.indexOf(assertionEndMarker);
    if (assertionStartIndex != -1 && assertionEndIndex != -1) {
        return SAMLResponse.substring(assertionStartIndex,
assertionEndIndex) + assertionEndMarker;
    } else {
        throw new ScriptException("Invalid SAML response. SAML
response has no valid assertion string.");
    }
}

Then you have the encoded SAML Assertion and you can decode it if need. If
you need further details, refer *OAuthHostObject.java *[1] and
*SAML2GrantManager.java *[2].

[1]
https://github.com/lalankea/jaggery-extensions/blob/master/oauth/resources/org.jaggeryjs.modules.oauth/src/main/java/org/jaggeryjs/modules/oauth/OAuthHostObject.java
[2]
https://github.com/lalankea/jaggery-extensions/blob/master/oauth/resources/org.jaggeryjs.modules.oauth/src/main/java/org/jaggeryjs/modules/oauth/SAML2GrantManager.java

Hope this helps.


On Fri, Oct 16, 2015 at 10:29 AM, Inosh Perera <ino...@wso2.com> wrote:

> Hi all,
>
> When working with SAML2Bearer grant type, in our Jaggery app, we need to
> extract the SAML Assertion from the SAML response, and we tried as bellow,
>
> var assertionXML = new XML(decode(assertion));
> var extractedAssertion = assertionXML..*::["Assertion"].toXMLString();
>
> When doing so, it seem to be adding formatting to XML, which causes,
> signature validation issues in IS side. Is there a way to extract the
> assertion without formatting?
>
> Regards,
> Inosh
>
> --
> Inosh Perera
> Software Engineer, WSO2 Inc.
> Tel: 0785293686
>
> _______________________________________________
> Dev mailing list
> Dev@wso2.org
> http://wso2.org/cgi-bin/mailman/listinfo/dev
>
>


-- 
Lalanke Athauda
Software Engineer
WSO2 Inc.
Mobile: 0772264301

_______________________________________________
Dev mailing list
Dev@wso2.org
http://wso2.org/cgi-bin/mailman/listinfo/dev

Reply via email to