You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2020/06/16 08:02:04 UTC
[cxf-fediz] branch master updated: FEDIZ-247 - Re-enabled test +
fixed issue with signed encrypted assertions
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git
The following commit(s) were added to refs/heads/master by this push:
new 58da624 FEDIZ-247 - Re-enabled test + fixed issue with signed encrypted assertions
58da624 is described below
commit 58da624f2d155a2fa6ac33cf3feee1ac80c1625f
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Tue Jun 16 08:17:32 2020 +0100
FEDIZ-247 - Re-enabled test + fixed issue with signed encrypted assertions
---
.../java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java | 6 +++++-
.../java/org/apache/cxf/fediz/core/samlsso/SAMLResponseTest.java | 1 -
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
index 36b81ea..08af3d7 100644
--- a/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
+++ b/plugins/core/src/main/java/org/apache/cxf/fediz/core/processor/SAMLProcessorImpl.java
@@ -315,10 +315,14 @@ public class SAMLProcessorImpl extends AbstractFedizProcessor {
for (EncryptedAssertion encryptedAssertion : responseObject.getEncryptedAssertions()) {
Assertion decrypted = decrypter.decrypt(encryptedAssertion);
+ Element decryptedToken = decrypted.getDOM();
if (LOG.isDebugEnabled()) {
- LOG.debug("Decrypted assertion: {}", DOM2Writer.nodeToString(decrypted.getDOM()));
+ LOG.debug("Decrypted assertion: {}", DOM2Writer.nodeToString(decryptedToken));
}
responseObject.getAssertions().add(decrypted);
+ // Add the decrypted Assertion to the Response DOM, as otherwise there's a problem with
+ // doc.getElementById() when trying to verify the signature of the decrypted assertion
+ decryptedToken.getOwnerDocument().getDocumentElement().appendChild(decryptedToken);
}
} catch (Exception e) {
LOG.debug("Cannot decrypt assertions", e);
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/samlsso/SAMLResponseTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/samlsso/SAMLResponseTest.java
index 3e83eb8..76e093f 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/samlsso/SAMLResponseTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/samlsso/SAMLResponseTest.java
@@ -1557,7 +1557,6 @@ public class SAMLResponseTest {
}
@org.junit.Test
- @org.junit.Ignore // TODO https://issues.apache.org/jira/browse/FEDIZ-247
public void validateEncryptedSAMLResponse() throws Exception {
// Mock up a Request
//FedizContext config = getFederationConfigurator().getFedizContext("ROOT");