Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue #344 - Use destination from SAML response #347

Merged
merged 1 commit into from
Oct 18, 2019
Merged

Issue #344 - Use destination from SAML response #347

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Issue #344 - Use destination from SAML response
  • Loading branch information
@andysenn
andysenn committed Sep 12, 2019
commit bcd0e0980bfb8be594996e9c7ab65322f2f4405b
14 changes: 12 additions & 2 deletions src/main/java/com/okta/tools/saml/AwsSamlRoleUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -60,8 +60,18 @@ private static Collection<String> getRoleIdpPairs(String samlResponse) {
}
}

private static String getDestination(String samlResponse) {
try {
String destination = SamlResponseUtils.getDestination(samlResponse);
return destination;
} catch (ParserConfigurationException | UnmarshallingException | SAXException | IOException e) {
throw new IllegalStateException(e);
}
}

public static Document getSigninPageDocument(String samlResponse) throws IOException {
HttpPost httpPost = new HttpPost("https://signin.aws.amazon.com/saml");
String destination = getDestination(samlResponse);
HttpPost httpPost = new HttpPost(destination);
UrlEncodedFormEntity samlForm = new UrlEncodedFormEntity(Arrays.asList(
new BasicNameValuePair("SAMLResponse", samlResponse),
new BasicNameValuePair("RelayState", "")
Expand All @@ -72,7 +82,7 @@ public static Document getSigninPageDocument(String samlResponse) throws IOExcep
return Jsoup.parse(
samlSigninResponse.getEntity().getContent(),
StandardCharsets.UTF_8.name(),
"https://signin.aws.amazon.com/saml"
destination
);
}
}
Expand Down
11 changes: 11 additions & 0 deletions src/main/java/com/okta/tools/saml/SamlResponseUtils.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,6 +49,11 @@ static Assertion getAssertion(String samlResponse) throws ParserConfigurationExc
return getAssertion(response);
}

static String getDestination(String samlResponse) throws ParserConfigurationException, UnmarshallingException, SAXException, IOException {
Response response = decodeSamlResponse(samlResponse);
return getDestination(response);
}

private static Response decodeSamlResponse(String samlResponse) throws IOException, ParserConfigurationException, SAXException, UnmarshallingException {
byte[] base64DecodedResponse = Base64.getDecoder().decode(samlResponse);
ByteArrayInputStream is = new ByteArrayInputStream(base64DecodedResponse);
Expand Down Expand Up @@ -86,4 +91,10 @@ else if (response.getAssertions().size() > 1)
else
return response.getAssertions().get(0);
}

private static String getDestination(Response response) {
if (response.getDestination() == null)
throw new IllegalStateException("No destination in SAML response");
return response.getDestination();
}
}