Hi Inosh, We are using SAML response to get access token from IS. So we need SAML Assertion extracted from SAML response and it works fine. We followed these steps.
// Decode SAML response, extract SAML assertion string and encode SAML assertion string String encodedSAMLAssertion = Base64.encodeBytes(SAML2GrantManager.getSamlAssertionString( new String(Base64.decode(SAMLResponse))).getBytes()); In SAML2GrantManager class, public static String getSamlAssertionString(String SAMLResponse) throws ScriptException { String assertionStartMarker = "<saml2:Assertion"; String assertionEndMarker = "</saml2:Assertion>"; int assertionStartIndex = SAMLResponse.indexOf(assertionStartMarker); int assertionEndIndex = SAMLResponse.indexOf(assertionEndMarker); if (assertionStartIndex != -1 && assertionEndIndex != -1) { return SAMLResponse.substring(assertionStartIndex, assertionEndIndex) + assertionEndMarker; } else { throw new ScriptException("Invalid SAML response. SAML response has no valid assertion string."); } } Then you have the encoded SAML Assertion and you can decode it if need. If you need further details, refer *OAuthHostObject.java *[1] and *SAML2GrantManager.java *[2]. [1] https://github.com/lalankea/jaggery-extensions/blob/master/oauth/resources/org.jaggeryjs.modules.oauth/src/main/java/org/jaggeryjs/modules/oauth/OAuthHostObject.java [2] https://github.com/lalankea/jaggery-extensions/blob/master/oauth/resources/org.jaggeryjs.modules.oauth/src/main/java/org/jaggeryjs/modules/oauth/SAML2GrantManager.java Hope this helps. On Fri, Oct 16, 2015 at 10:29 AM, Inosh Perera <ino...@wso2.com> wrote: > Hi all, > > When working with SAML2Bearer grant type, in our Jaggery app, we need to > extract the SAML Assertion from the SAML response, and we tried as bellow, > > var assertionXML = new XML(decode(assertion)); > var extractedAssertion = assertionXML..*::["Assertion"].toXMLString(); > > When doing so, it seem to be adding formatting to XML, which causes, > signature validation issues in IS side. Is there a way to extract the > assertion without formatting? > > Regards, > Inosh > > -- > Inosh Perera > Software Engineer, WSO2 Inc. > Tel: 0785293686 > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev > > -- Lalanke Athauda Software Engineer WSO2 Inc. Mobile: 0772264301
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev