Expand my Community achievements bar.

Get ready! An upgraded Experience League Community experience is coming in January.
Learn more

Mark Solution

This conversation has been locked due to inactivity. Please create a new post.

SOLVED

Capturing SAML response in JAVA CODE using AEM6.5

Avatar

Level 8
Level 8
5/5/22 11:04:50 AM

Hi,

 

We are using AEM6.5 version, I would a mechanism to capture the saml response in JAVA code .

 

I would need to read data like email id , username like first and last name, other details which are part of saml response. I would want to capture in java code to do other processing checks

 

Any sample code that I could use, will be very helpful

 

Regards,

Srinivas

Views

2.1K

Replies

2
Sign in to like this content

Total Likes

Translate
Translate
1 Accepted Solution

Avatar

Correct answer by
Community Advisor
Community Advisor
5/5/22 11:19:51 AM

Dear @srinivas_chann1 

You may refer to the below sample code here 

@Component(immediate = true, metatype = false)
@Service
public class SAMLResponsePostProcessor implements AuthenticationInfoPostProcessor {

 private static final Logger LOGGER = LoggerFactory.getLogger(SAMLResponsePostProcessor.class);

 @Reference
 private SlingSettingsService slingSettingsService; 

 public void postProcess(AuthenticationInfo info, HttpServletRequest request, HttpServletResponse response)
   throws LoginException {
  HttpServletResponse httpResponse = null;
  HttpServletRequest httpRequest = null;
  try {
   LOGGER.info("SAMLResponse Post Processor invoked");
   httpResponse = response;
   httpRequest = request;
   String pathInfo = httpRequest.getPathInfo();
   Set<String> runModes = slingSettingsService.getRunModes();
   if (runModes.contains("publish") && StringUtils.isNotEmpty(pathInfo)
     && pathInfo.contains("saml_login")) {
    LOGGER.info("SAMLResponse Post Processor processing ...");
    String responseSAMLMessage = httpRequest.getParameter("saml_login");
    if (StringUtils.isNotEmpty(responseSAMLMessage)) {
     LOGGER.debug("responseSAMLMessage:" + responseSAMLMessage);
     String base64DecodedResponse = decodeStr(responseSAMLMessage);
     LOGGER.debug("base64DecodedResponse:" + base64DecodedResponse);
     parseSAMLResponse(httpResponse, httpRequest, runModes, base64DecodedResponse);
    } else {
     LOGGER.info("responseSAMLMessage is empty or null");
    }
   }
  } catch (ParserConfigurationException e) {
   LOGGER.error("Unable to get Document Builder ", e);
  } catch (SAXException e) {
   LOGGER.error("Unable to parse the xml document ", e);
  } catch (IOException e) {
   LOGGER.error("IOException ", e);
  }
 }

 /**
  * This method will parse the SAML response to create the Cookie by reading the attributes.
  * 
  * @param httpResponse
  * @param httpRequest
  * @param runModes
  * @param base64DecodedResponse
  * @throws ParserConfigurationException
  * @throws SAXException
  * @throws IOException
  * @throws UnsupportedEncodingException
  */
 private void parseSAMLResponse(HttpServletResponse httpResponse, HttpServletRequest httpRequest,
   Set<String> runModes, String base64DecodedResponse)
   throws ParserConfigurationException, SAXException, IOException, UnsupportedEncodingException {
  DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
  documentBuilderFactory.setNamespaceAware(true);
  DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();
  Map<String, String> samlAttributeMap = new HashMap<String, String>();
  StringReader strReader = new StringReader(base64DecodedResponse);
  InputSource inputSource = new InputSource(strReader);
  Document document = docBuilder.parse(inputSource);
  NodeList samlAssertion = document.getElementsByTagName("saml:Assertion");
  populateSAMLAttrMap(samlAttributeMap, samlAssertion);  
 }

  /**
  * This method would populate the SAML attribute map object based on the attributes present in the response.
  * 
  * @param samlAttributeMap
  * @param samlAssertion
  */
 private void populateSAMLAttrMap(Map<String, String> samlAttributeMap, NodeList samlAssertion) {
  for (int i = 0; i < samlAssertion.getLength(); i++) {
   Node item = samlAssertion.item(i);
   NodeList childNodes = item.getChildNodes();
   for (int j = 0; j < childNodes.getLength(); j++) {
    Node subChildNode = childNodes.item(j);
    if (subChildNode.getNodeName().equalsIgnoreCase("saml:AttributeStatement")) {
     NodeList childNodes2 = subChildNode.getChildNodes();
     for (int k = 0; k < childNodes2.getLength(); k++) {
      Node item2 = childNodes2.item(k);
      if (item2.getNodeName().equalsIgnoreCase("saml:Attribute")) {
       String attributeValue = item2.getAttributes().item(0).getNodeValue();
       NodeList attributeValueNodeList = item2.getChildNodes();
       for (int l = 0; l < attributeValueNodeList.getLength(); l++) {
        if (attributeValueNodeList.item(l).getNodeName()
          .equalsIgnoreCase("saml:AttributeValue")) {
         samlAttributeMap.put(attributeValue,
           attributeValueNodeList.item(l).getTextContent());
        }
       }
      }
     }
    }
   }
  }
 }

 /**
  * This method would decode the SAML response.
  * 
  * @param encodedStr
  * @return
  */
 public static String decodeStr(
   String encodedStr) {
  String decodedXML = "";
  org.apache.commons.codec.binary.Base64 base64Decoder = new org.apache.commons.codec.binary.Base64();
  byte[] xmlBytes = encodedStr.getBytes();
  byte[] base64DecodedByteArray = base64Decoder.decode(xmlBytes);
  decodedXML = new String(base64DecodedByteArray);
  return decodedXML;
 }

}


Hope that helps!

Regards,

Santosh


Santosh Sai

AEM BlogsLinkedIn


View solution in original post

Views

2.1K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply
2 Replies

Avatar

Correct answer by
Community Advisor
Community Advisor
5/5/22 11:19:51 AM

Dear @srinivas_chann1 

You may refer to the below sample code here 

@Component(immediate = true, metatype = false)
@Service
public class SAMLResponsePostProcessor implements AuthenticationInfoPostProcessor {

 private static final Logger LOGGER = LoggerFactory.getLogger(SAMLResponsePostProcessor.class);

 @Reference
 private SlingSettingsService slingSettingsService; 

 public void postProcess(AuthenticationInfo info, HttpServletRequest request, HttpServletResponse response)
   throws LoginException {
  HttpServletResponse httpResponse = null;
  HttpServletRequest httpRequest = null;
  try {
   LOGGER.info("SAMLResponse Post Processor invoked");
   httpResponse = response;
   httpRequest = request;
   String pathInfo = httpRequest.getPathInfo();
   Set<String> runModes = slingSettingsService.getRunModes();
   if (runModes.contains("publish") && StringUtils.isNotEmpty(pathInfo)
     && pathInfo.contains("saml_login")) {
    LOGGER.info("SAMLResponse Post Processor processing ...");
    String responseSAMLMessage = httpRequest.getParameter("saml_login");
    if (StringUtils.isNotEmpty(responseSAMLMessage)) {
     LOGGER.debug("responseSAMLMessage:" + responseSAMLMessage);
     String base64DecodedResponse = decodeStr(responseSAMLMessage);
     LOGGER.debug("base64DecodedResponse:" + base64DecodedResponse);
     parseSAMLResponse(httpResponse, httpRequest, runModes, base64DecodedResponse);
    } else {
     LOGGER.info("responseSAMLMessage is empty or null");
    }
   }
  } catch (ParserConfigurationException e) {
   LOGGER.error("Unable to get Document Builder ", e);
  } catch (SAXException e) {
   LOGGER.error("Unable to parse the xml document ", e);
  } catch (IOException e) {
   LOGGER.error("IOException ", e);
  }
 }

 /**
  * This method will parse the SAML response to create the Cookie by reading the attributes.
  * 
  * @param httpResponse
  * @param httpRequest
  * @param runModes
  * @param base64DecodedResponse
  * @throws ParserConfigurationException
  * @throws SAXException
  * @throws IOException
  * @throws UnsupportedEncodingException
  */
 private void parseSAMLResponse(HttpServletResponse httpResponse, HttpServletRequest httpRequest,
   Set<String> runModes, String base64DecodedResponse)
   throws ParserConfigurationException, SAXException, IOException, UnsupportedEncodingException {
  DocumentBuilderFactory documentBuilderFactory = DocumentBuilderFactory.newInstance();
  documentBuilderFactory.setNamespaceAware(true);
  DocumentBuilder docBuilder = documentBuilderFactory.newDocumentBuilder();
  Map<String, String> samlAttributeMap = new HashMap<String, String>();
  StringReader strReader = new StringReader(base64DecodedResponse);
  InputSource inputSource = new InputSource(strReader);
  Document document = docBuilder.parse(inputSource);
  NodeList samlAssertion = document.getElementsByTagName("saml:Assertion");
  populateSAMLAttrMap(samlAttributeMap, samlAssertion);  
 }

  /**
  * This method would populate the SAML attribute map object based on the attributes present in the response.
  * 
  * @param samlAttributeMap
  * @param samlAssertion
  */
 private void populateSAMLAttrMap(Map<String, String> samlAttributeMap, NodeList samlAssertion) {
  for (int i = 0; i < samlAssertion.getLength(); i++) {
   Node item = samlAssertion.item(i);
   NodeList childNodes = item.getChildNodes();
   for (int j = 0; j < childNodes.getLength(); j++) {
    Node subChildNode = childNodes.item(j);
    if (subChildNode.getNodeName().equalsIgnoreCase("saml:AttributeStatement")) {
     NodeList childNodes2 = subChildNode.getChildNodes();
     for (int k = 0; k < childNodes2.getLength(); k++) {
      Node item2 = childNodes2.item(k);
      if (item2.getNodeName().equalsIgnoreCase("saml:Attribute")) {
       String attributeValue = item2.getAttributes().item(0).getNodeValue();
       NodeList attributeValueNodeList = item2.getChildNodes();
       for (int l = 0; l < attributeValueNodeList.getLength(); l++) {
        if (attributeValueNodeList.item(l).getNodeName()
          .equalsIgnoreCase("saml:AttributeValue")) {
         samlAttributeMap.put(attributeValue,
           attributeValueNodeList.item(l).getTextContent());
        }
       }
      }
     }
    }
   }
  }
 }

 /**
  * This method would decode the SAML response.
  * 
  * @param encodedStr
  * @return
  */
 public static String decodeStr(
   String encodedStr) {
  String decodedXML = "";
  org.apache.commons.codec.binary.Base64 base64Decoder = new org.apache.commons.codec.binary.Base64();
  byte[] xmlBytes = encodedStr.getBytes();
  byte[] base64DecodedByteArray = base64Decoder.decode(xmlBytes);
  decodedXML = new String(base64DecodedByteArray);
  return decodedXML;
 }

}


Hope that helps!

Regards,

Santosh


Santosh Sai

AEM BlogsLinkedIn


Views

2.1K

Replies

1
Sign in to like this content

Total Likes

Translate
Translate
Jump to reply

Avatar

Level 8
Level 8
5/5/22 6:04:15 PM
In response to SantoshSai

Hi Santosh,

 

Thanks for the reply with sample code.

 

Need one more information. How will this component be invoked by saml response after login.

 

I see entries in our code base like 

com.adobe.granite.auth.saml.SamlAuthenticationHandler-app1.xml  , we have like this 4 apps,I meant app1,app2,app3,app4.

 

I also see the as soon as the user logs in it creates a Node for the user details under /home with rep:user.

 

But don't see any entries in com.adobe.granite.auth.saml.SamlAuthenticationHandler-app1.xml   for user creation under 

/home with rep:user.

 

So how is that the above sample code will be hit when we saml login happnes

 

Please provide inputs

 

Thanks,

Srinivas

 

 

Views

2.1K

Replies

0
Sign in to like this content

Total Likes

Translate
Translate
Related Conversations
Extending Drag-and-Drop Fields in AEM Metadata Schemas Solved

Views

297

Likes

0

Replies

6
Custom GraphQL Schema Not Registered with Sling Data Fetcher in AEM

Views

299

Likes

0

Replies

1
Export XLIFF or XML from translation projects in Adobe Experience Manager

Views

317

Likes

0

Replies

1
How can we use 2 different analyzer in a query Index?

Views

357

Likes

0

Replies

3
I want to add pdf urls (pdf are present inside my dam folder) in my sitemap xml

Views

1.2K

Likes

0

Replies

3