In reference to this SO question Add request parameter to SAML request using Spring Security SAML
I am wanting to replace the default HTTPRedirectDeflateBinding bean with my own that has a custom HTTPRedirectDeflateEncoder to add query params to my SAML request.
I'm trying to achieve this with the Spring Boot @Bean auto-configuration annotation and being new to the Java environment I can't seem to get it working right. I can see that my bean is registering on startup but the outbound HTTP request is not being intercepted by it and it appears the original redirectBinding still is.
Here is my bean I added into my Configuration class:
@Bean(name="redirectBinding")
@Primary
public HTTPRedirectDeflateBinding HTTPRedirectDeflateBinding() {
return new HTTPRedirectDeflateBinding(null, new My_SAML_HttpRedirectDeflateEncoder());
}
Here is my encoder I'm trying to pass into the redirect binding
public class My_SAML_HttpRedirectDeflateEncoder extends HTTPRedirectDeflateEncoder {
@Override
protected String buildRedirectURL(SAMLMessageContext messagesContext, String endpointURL, String message)
throws MessageEncodingException {
URLBuilder urlBuilder = new URLBuilder(endpointURL);
List<Pair<String, String>> queryParams = urlBuilder.getQueryParams();
if (messagesContext.getOutboundSAMLMessage() instanceof RequestAbstractType) {
queryParams.add(new Pair<String, String>("service", "myService"));
queryParams.add(new Pair<String, String>("serviceType", "dev"));
}
return urlBuilder.buildURL();
}
}
I also attempted the solution proposed from this SO response Spring Boot Adding Http Request Interceptors Similar results, my HandlerInterceptor bean was registered but nothing is being intercepted. I feel like I'm missing a small detail. Any help would be appreciated.
To work with interceptor, you need to create @Component class that supports it and it should implement the HandlerInterceptor interface. preHandle() method − This is used to perform operations before sending the request to the controller. This method should return true to return the response to the client.
1.I think you need to use the super method buildRedirectURL and then add stripped or your custom query params, like this:
@Override
protected String buildRedirectURL(SAMLMessageContext messagesContext, String endpointURL, String message) throws MessageEncodingException {
URLBuilder redirectUrlBuilder = new URLBuilder(super.buildRedirectURL(messagesContext, endpointURL, message));
List<Pair<String, String>> queryParams = redirectUrlBuilder.getQueryParams();
queryParams.addAll(new URLBuilder(endpointURL).getQueryParams());// add stripped query params
return redirectUrlBuilder.buildURL();
}
2.I am not sure if it fine to pass the null to the HTTPRedirectDeflateBinding as decoder. Alternative would suggest to use the default decoder, which accepts ParserPool.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With