Fix #110. Fix base64decodedInflated method, but set a decompress limit

SAML-Toolkits · Jun 21, 2017 · cb2d132 · cb2d132
1 parent 3c462ba
commit cb2d132
Show file tree

Hide file tree

Showing 4 changed files with 29 additions and 4 deletions.
diff --git a/core/src/main/java/com/onelogin/saml2/util/Util.java b/core/src/main/java/com/onelogin/saml2/util/Util.java
@@ -637,18 +637,25 @@ private static void copyBytes(InputStream is, OutputStream bytes) throws IOExcep
 	 * @return the base64 decoded and inflated string
 	 */
 	public static String base64decodedInflated(String input) {
+		if (input.isEmpty()) {
+			return input;
+		}
 		// Base64 decoder
 		byte[] decoded = Base64.decodeBase64(input);
 
 		// Inflater
 		try {
 			Inflater decompresser = new Inflater(true);
 		    decompresser.setInput(decoded);
-		    byte[] result = new byte[2048];
-		    int resultLength = decompresser.inflate(result);
+		    byte[] result = new byte[1024];
+		    String inflated = "";
+		    long limit = 0;
+		    while(!decompresser.finished() && limit < 150) {
+		    	int resultLength = decompresser.inflate(result);
+		    	limit += 1; 
+		    	inflated += new String(result, 0, resultLength, "UTF-8");
+		    }
 		    decompresser.end();
-
-		    String inflated =  new String(result, 0, resultLength, "UTF-8");
 		    return inflated;
 		} catch (Exception e) {
 			return new String(decoded);

diff --git a/core/src/test/java/com/onelogin/saml2/test/util/UtilsTest.java b/core/src/test/java/com/onelogin/saml2/test/util/UtilsTest.java
@@ -779,6 +779,22 @@ public void testBase64decodedInflated() throws URISyntaxException, IOException {
 		assertThat(authNRequest.toString(), equalTo(Util.base64decodedInflated(deflatedEncodedAuthNRequest).toString()));
 	}
 
+	/**
+	 * Tests the base64decodedInflated method
+	 * Case: Long certs
+	 *
+	 * @throws IOException
+	 * @throws URISyntaxException
+	 *
+	 * @see com.onelogin.saml2.util.Util#base64decodedInflated
+	 */
+	@Test
+	public void testBase64decodedInflated2() throws URISyntaxException, IOException {
+		String samlResponse = Util.getFileAsString("data/responses/response_long_cert.xml");
+		String deflatedEncodedsamlResponse = Util.getFileAsString("data/responses/response_long_cert.xml.deflated.base64");
+
+		assertThat(samlResponse.toString(), equalTo(Util.base64decodedInflated(deflatedEncodedsamlResponse).toString()));
+	}
 
 	/**
 	 * Tests the deflatedBase64encoded method

diff --git a/core/src/test/resources/data/responses/response_long_cert.xml b/core/src/test/resources/data/responses/response_long_cert.xml
@@ -0,0 +1 @@
+<samlp:Response xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="R018ea2073e3d82302e8b5f5f7ccfa02ae2a5da7b" Version="2.0" IssueInstant="2017-06-21T14:02:53Z" Destination="http://localhost:8080/java-saml-tookit-jspsample/acs.jsp" InResponseTo="ONELOGIN_ff471784-2ea6-46eb-9d49-4cb8b608364a"><saml:Issuer>https://app.onelogin.com/saml/metadata/xxx</saml:Issuer><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Version="2.0" ID="pfx8b02c224-25b6-1d98-cf69-ff8e4f0ca860" IssueInstant="2017-06-21T14:02:53Z"><saml:Issuer>https://app.onelogin.com/saml/metadata/xxx</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#pfx8b02c224-25b6-1d98-cf69-ff8e4f0ca860"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>NDtROTF2fPPikcJGomu4xGRjZBw=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>5y5JGtuZQBhmiNWnklJP9IXHbsMvwWQ8HZPuOg1j/K7p14AfFQVbNy4uJFRhsxrSH2dqKk79M/T7AgwUyMNmRV/T6hBXNg0RIW+f2Yp7BeqCX5XfhKXCbOsRBYwetvUUQpGrDFMEHzyY7UFWElNO8kyAI6hxD33dM7Q5ORDtxteFm0ONY90qPSsX5IGCnw2m2IZE/mInbteuRZYGzKxubbR6QXQLXrdrgXWduU80Gld65q5JMO3KEH/K6Ebym0GykyR3oS1dXXvz9ts+ZBF9RieRcAJ3515qRdJ3wd6JCBsrIu2W8ZBAeP9/Z6ynTJwj3MX7TaKm0eMUc+GM6HUjAVOkti6F4KP+rls6E6zRJxD2oeVljk5ssmeZnlGE3mzVxIiDXstmmStqqNdWRQ3NkNunvYAabml/BbbDSzRIH8xTwX0PQq7ZDttn0F5mKd9lF8ncBfLQ8ZahreLUSKRgUyUU0BycgTfuvfTFO/JWtMbNBoempSf+ptV632wXDAzzDCKriGvNGe4/i99fv48hTUvjrgcZoPSvfakh7EynEtB/gH7JRX90I8OV+Qnnkeq6nDgWuNPmhmB97JQCiauoSq2vKU42TC9Fi/pbDFW3mv5qzpbQH8qv/q/T/mDceNLelyUsIGPGBXzPwNmP8CdUKLE4Ln46ID+hq40BeY1YVdc=</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIGZTCCBE2gAwIBAgIULEW2UPHc+tQMo/j0NBM+8SbWK7IwDQYJKoZIhvcNAQELBQAwcjELMAkGA1UEBhMCVVMxKzApBgNVBAoMIk9uZUxvZ2luIFRlc3QgKHNnYXJjaWEtdXMtcHJlcHJvZCkxFTATBgNVBAsMDE9uZUxvZ2luIElkUDEfMB0GA1UEAwwWT25lTG9naW4gQWNjb3VudCA4OTE0NjAeFw0xNzA2MjAxMDA4MTlaFw0yMjA2MjExMDA4MTlaMHIxCzAJBgNVBAYTAlVTMSswKQYDVQQKDCJPbmVMb2dpbiBUZXN0IChzZ2FyY2lhLXVzLXByZXByb2QpMRUwEwYDVQQLDAxPbmVMb2dpbiBJZFAxHzAdBgNVBAMMFk9uZUxvZ2luIEFjY291bnQgODkxNDYwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDzOWemVjGJTRG72AlAYnNapp26qnnNeNQVt4e56xi+56hjW5OTfgriP27rvAOd+CePIYA3ZyL0pk2LOPA/JtA0JA8LKN1vcGvfJcrpcsbFM5Y2BN5wTnqprT8rvG5eFmeK4r72qJ4wb4bUZJroT9+fU/gs/JOizhP4Z79icLQcbTTe0mc4n+/yoTxThAAraAsiOr3KQzXlTYB8zPMA2GI9TJ5Djc+g52C2vk2OhLEaSAPXGKLhvWukbyUMS34ofnqHaNO0ZbwUmw+8lgHBjIndXsSaFsm18SPnKTtfs1cLekzDveFvJ0T5V8PQWooqWUdg3hkrIiKZpOIcz8uYElpkQDJ2q++MjC7VsT1tKkjMGTv7SMicPscxAG89OaWRg+zmaDzqvdtNPGFe+8oatXp0FBMsnlsyIwdcoHTstloVEcOTSiT8wmjvkkIg5YR6vScmLhR6AQArRP2lWR0kXoSddEDk5fFDG+qMLus+N09YfUOKPswP6MtT9vNhPeIBP87qZLl4qbVCY+TWdNr5lONAH+Xmtk3Pf2phg74qZIZ87bEmJBSXKp8/Qm6Y4ruj6S+SPYt3/vKw130VfaGaSFyOlfAq3naiJqffa2tzneJ7Om/sHFee2Zj2hYqncxu6KR1qeR7lucB5o7z0ljGeUukp8GiVcubsQ3RNnfuCdsaeSwIDAQABo4HyMIHvMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFKewY7diVRP96TRYhW2f/1ktWrJAMIGvBgNVHSMEgacwgaSAFKewY7diVRP96TRYhW2f/1ktWrJAoXakdDByMQswCQYDVQQGEwJVUzErMCkGA1UECgwiT25lTG9naW4gVGVzdCAoc2dhcmNpYS11cy1wcmVwcm9kKTEVMBMGA1UECwwMT25lTG9naW4gSWRQMR8wHQYDVQQDDBZPbmVMb2dpbiBBY2NvdW50IDg5MTQ2ghQsRbZQ8dz61Ayj+PQ0Ez7xJtYrsjAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggIBAC2TQ4yqwk0ePey99JYI5PfMRVEnUyyCSPfKmyVJgoOZwk97+CZuq1MNqGavcExd1ofc4wkN3unk/g7qVRPBV24k9FZaicYrp5maSHakL2SJD8qo/deohYFaeH8RzszxEZbJJYMLiXyRJi44T28TyF8admIwUJVg/KBhNAHi/IlAsRWPL92nWJjSCBHgiPaG5HF10t/GaQSJuQpdhxniUlseuqXZ/Qm0MjAgSTlyaBIxLyOErrpVujwiR5RTHLw0wn+2P0WmfVp7e79GOqzFuwmoLfxUtJgalc7av9VwFdEB2nWF2hu7BwE9rzg8FTaw1uAEu+LQ++IUuI+ydparFWoo/IwtSrXF59mBoKMld58K4L+TfWwUYF3hAmH2XNiSBTFZn1HBsK+XqS1CUGD8R0WSVvQC2jjFbxztFkrOIzz5ITLzKcjr1E86r5PvBQXeeTvVz6g2L+wEA5VXGYh/RItHEkuwn7EPWpvJUfc5B0m57rfr0+UqWZaLbhczrmHFn0HaDXcs2ldi7y+Eiv6IP3vrJrHhdCDlVPLQH8w0f4vNcR8YYVOfWFHYzyo4oqRYFMRmoqfubs90zGLcB5ugm56k5VaseP+VGwjjTEyiD4CYPLEvKm0Z2M0L6MIkhp/9VYl8ZAWvPGKFMSaANkiMlux2uEBeG3s4nLQcunumphAo</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml:Subject><saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">[email protected]</saml:NameID><saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData NotOnOrAfter="2017-06-21T14:05:53Z" Recipient="http://localhost:8080/java-saml-tookit-jspsample/acs.jsp" InResponseTo="ONELOGIN_ff471784-2ea6-46eb-9d49-4cb8b608364a"/></saml:SubjectConfirmation></saml:Subject><saml:Conditions NotBefore="2017-06-21T13:59:53Z" NotOnOrAfter="2017-06-21T14:05:53Z"><saml:AudienceRestriction><saml:Audience>http://localhost:8080/java-saml-tookit-jspsample/metadata.jsp</saml:Audience></saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement AuthnInstant="2017-06-21T14:02:52Z" SessionNotOnOrAfter="2017-06-22T14:02:53Z" SessionIndex="_f12653a0-3897-0135-9ed0-024f2443b5dc"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement><saml:AttributeStatement><saml:Attribute Name="User.LastName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">garcia</saml:AttributeValue></saml:Attribute><saml:Attribute Name="User.FirstName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">sixto</saml:AttributeValue></saml:Attribute><saml:Attribute Name="PersonImmutableID" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string"/></saml:Attribute><saml:Attribute Name="memberOf" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string"/></saml:Attribute><saml:Attribute Name="User.email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">[email protected]</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion></samlp:Response>
diff --git a/core/src/test/resources/data/responses/response_long_cert.xml.deflated.base64 b/core/src/test/resources/data/responses/response_long_cert.xml.deflated.base64
@@ -0,0 +1 @@
+3TnZkqNIkr9Slv0oU4EQSCDrShtugQTiluBljCM4xClOia8fpKzMyayuqq7uWbOd3QdMFh5+u4dHuOv3xs2zaqOBpiqLBny65lnRbO7AL09dXWxKt0maTeHmoNm0/kYnpf0G+Qxv3KYBdZuUxdM7kurnNFVdtqVfZk+fBObLkwYvcOAi8HoJlgGOLGEE4B4WYuHa90MXRlyAuFjgrr2nTxaom0nUl6eJy0TcNB0QiqZ1i3YCwYv1HF7NkYWxQDcwssGWztMnBjRtUrjtgypu22oDQVnpu1lcNu0Gh3EYOru9O79rPW/LMk3a+bmppmWVAcj1m8/TahJVvDrGKL88HWR2f+AF+Z9hiK4XaxydI8BdzdEV8OZEgBJz1PdwbwXjyxXqPj3/fme+eWhbP991aCYl3Kr6XBYgK6Ok+OyXOXRHgnLQuoHbutD1ev0dek/3+0t89NZtu+bjii4D8Mlysw783O3NA3ujd74PmuYJen6R8JHphnwN6N9PgWvz5uthGD4Py89lHUEIDC+gk7TX/Rjk7r9xkz9HniePKPvgDykw5U8VXnEPRnwEmeKAeav5IiDwuR+uiHkY4gANYd/FV7+WL/9DsQomLyfRlHZd/XqSgh/5BIZgAppwgiaJfnt6owWBUITlY0m7RVkkU84m4yORJdDGZfCJzKKyTto4/6H/FvCd8Rxc/bm/QIvf7iF/r9ovMvqgYd1MhyV2F195aSAENZgi88nUhC9Pv/1qMB7ERu0WTVjWefNx+dc0AkU/haYCwbx5Neyrcr/O8Pu+gv6oI5NEU0X5O45757QXJo8T+ywzrXYwOCRUlCT1Rb7MO/TKa2eHGr48FHiP/AC8ufxl+U2yvAX3hQK7YSLfdo5KxXkiH4s0ExVCOG29RuqHo4pvHaU7RIsztFtXC5QMOdXy5BvaiZwWN9da3yLBZZeuCQky1mQ0mDdJzjULMlYxdZIjWBOOsxCxqzUFLvQJO4Xx7kR7h0aj7AG0vWmqFV8znMRux5u9Nrkjm8kHPL2Rwiq+MstlIK1V7KAx7bUFXA4fZJuAL4renDCBp4sByRHBYaFcKLwWdJpj8+Pu2nmetlJP6v5UB3V0OgadicN8FqywCyZKh+WO3UK7Fevdcpi/pTdtWeqL4HTqR6JtZg7FEVoCNJ8Ul9gCu2iBuByClUhTTS10yBF3KBIoBOSsboUhDueldFob7i6HgWT6M15abc0zaR3SNllx6E6Z1VmzYlejJl4ZpARWdk6xpsmBU2Q8u8xH6yokzKlp81xvLxc5OGrqUk7lruht0vWmIkJ5HqOPmrDFr8ZwghX1snaYti1gDst3AZFxeOFT4V7FHTeuwd7Ud1pk3kwTpm5+ZIRdHxrcARKPreTJVAnySg9nVWutlshwYshxZOhdnfC9zAMUSggi7FE8Nsz+XEe+Uyp6H7ppvGZvBdtSULRdi9qJgAX8YM3UokjBZVUw0bGTlTzOKWItqnTidqV+QfqdiSIGTXAJVHkMd1zmPXYZK0/d4pceukAGlDM+kPcgu5mNwCs8dRqVQc4VnA7M3Z5F9wW6EphZfEFhCtgL2wr8L2/p/C5/7ym9A7e39D5hMMFMRfdtQd+vnnCqji14lgSBdwyaplgkIgeBIiPB3LNHxFS2/qxVpRI6wzIlzXDdO+7WwsCotrgrHSHufZlU2T2lkoN/ZvcSmfLkwmSpWKItS7ruRrKiItmiyFISUqJzzGvvIFkncFrmL9Vot5UL+ySe3SPbBiep9bdiNn29Q6dXziCNF9pGYth3tGyWmgwbShT8kEUOw9FAsMzgicI9opF6lM/e0uoCmkQPBgvLZxJwA3yVRxKRzuRVYkhUMjJ3gt2m9QRj32DSVrjSIym+yLUNMrMMSW+GnWozlqruGFpUvNySPCSovIQynZMMC3Q8Ogh3s5Es3p+scX+ibs70eYhaSZo5sMODds+Q1/e0osOR1+1IBi+yJIl77x+WO9sIsfAKNTow6VVm7CGKhEQiYZ7WL7wueEtGZSlSNUkSFWhmIO/7O7IUaFJlxsMR5NaZFw2NXyNkRtqFPF3FyOpSFDKQVatFAba6JjNsFZ+P2MEIozpRkHXdk4dgRgNFsMmlc9vDVYrsDwoJiS0JiyS+38mL3uf7UPTrym88TsJshJKxwSguVW3gdc9jUzUCO7ReIxcRHTzUMx2xLg1iFppQ1EDiIRljBXXWROLvVd8zDADnPlrMoFtpXI2YJGuXbJJDvdyp4ykzbAofFYlEeIEwRIw5+7MIQ2ikT5FDvGddnVRO/G4f98cu9W6mpC/RMiwuW1c+wI43mPkww7NoS52FIjg1uss1+QLXlWJntGGz8PcgHZkecL0IG5iFK+qxLC9HM4iWcVoLyc6pDoI/4p3NZlWqMiJymc2kM722GmPR7tKzxBv9WpcSX2n8K8njxME9atFszF1mvPRBKys8B2Z46banCuYoqSmy5iYMgV9ujabNSov1D4aeGPiQn/s0FSLM1la97uf7WFuRKllrCpIdNTg9lXoQsEyKhRzDzy7SvmtmMkzYoXnYKc2grKTWIHo5VoBAKfj64uwz9OJZtD0zjoFcY9lBJrezU96mSyVEqjhaoxdHcPC1x+YipZ92FQ6p+cpG6+680me6YrdLqN8NiyVshS7v6tztkIXkZVm4iXgJQxdpxwKI68P0ottyACDOGYntS+Ffu9VOW1yAts46n8LK9QhnZx6YXVrhfGL5ndeoS00uwo4OGhfog8BMdlIlur1JwraXyOF+pgN2YCloUGmJJIft/exp8IGibJbbgcFeB4mlKcTK0Oz4iITQIm2PtUhKAt/fz9JWl9jI9Ydoyo6f4ZcnNw0Y6iapzUC/nG+eHUTLHNlaol/qGB0NyfvaYvHWONWV0keC2M/lytYXC/+2GPzcmj4i3RmsJVHSC+0wSO9p9ekKkzT8xR5VZRjKeV8PKBuR++CIwQITYZKhIlGsNprnqHgwrhbk7TxTVJgd11extevmTB4etqo4RYb4VAgkmkLJ79VlZqoLFEkjhoreLkMKAwXcCEK0BUwJJc1iC/N2o3Ul3OU3S4zKgzOkxHpGO91lIckX3u199hosytBHh1RedkUKRevL5E/KQtCU4Bw38e26wnJX37rpHtFFBr+UUADK2OZcsMW1sRmvrOOJoi3tk9NNExMUNRDcuHG4G+TCYIpWBO2oeMrQBBIystGOyp5AiqN41mlqGyWKy2NbbgG3EO+qutipVRBfi8TMGtBdTs6UuPBUxyPdyG4uJVz3twNb15XVnYdEwzRjux/goZghCnzMQ6tagzXBHy4j1w15uQ+vZitGbuav3Z6wBi5gqUkyh8TdmhpYoh4jnDPcYdGRbDfbq7OZYHbC7BZUbs1NxQIShlavTxxG5FS5k7IAw3fofmaEx8G0uWVM5lvkJCc6ZXBOsdhSzW52uugL2uQZXIOPutWrNHI+c951bLm0PgjjiAnGftz553rB4qsaU3pKPQFg9Na4ipD9bGBJzDrxdgxpQrtl024o1qxyrHrRDH2MgnNsXYc1PDMvR8fde7E/1vmWK+Cty5z8BsmCZH2bsUm/EpRlX4v1Ng5oJrOU/fQAGeAQ7WVfw23bOoRHbmuPtxItL5rNSVpeXsLp9BLwyO+nk91FObZKMcttgDKz+OF8NthbwqC0rezZfnr2OYgE71fTrR9XEGHZGe6Qx17hd5yku6ScJlLWXZGOpQC/bNBiugu6osurmCwfj5lvHyhvwJcnDPT+cfPh8fO1D9U77wz89utKnjpvgfnETc2I2/64JV98XjwgSTAPH6ibqYNOMjII6nvb/9wk17b8HLm1n7izrplXNajqMvjH+w73az/7IvGjMnRZhMmd7X1E8NII/Xw84OcbD7g1qJ9+zOjuj09y2R6KQ02GLaj/0J9jL/McDfhJlYB7A/+/M815nZp8z4pvtr6aO2EEyX27uVtIgSko4KN5yw1GvJj3Cy54HdN0QXJvAidL2jrxX8R/2Hn+yw56nWjcvfTVlDdm36w/iIW+sfNNkTYu7rMlkE8B+/RY/mT8gkz261OGThx+4Abk/WTvK+r0JALXL0//DBfIClu68HyJExP2YonNCRDAcxhBQwRFlx4W+E/vFZvUbcG1/Q6Iztymmbrs558OvfyNf8ebwMr0M5R1oNRlO4UdBI+ZQVXW7ZvTvsP8O3sfYG+Oe9WwnRzudS344can+3H98mQ2oP68d5v2vnx6AP+sZDwMmtjcoa9Fw5vw/u2xVxmPruxvju4m/E17qyYVr83mnj5F9PT8UodeDf8g5vlb6M8M5pL6/4jFj/r7HxmsgLqZMj/Pu9b1sqlC/7fbDP2qZTnIPVAfwv83Bj1y83H//reb9FfeBX+attAPSxb08U+Gt/8gXm/k538B
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		<samlp:Response xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="R018ea2073e3d82302e8b5f5f7ccfa02ae2a5da7b" Version="2.0" IssueInstant="2017-06-21T14:02:53Z" Destination="http://localhost:8080/java-saml-tookit-jspsample/acs.jsp" InResponseTo="ONELOGIN_ff471784-2ea6-46eb-9d49-4cb8b608364a"><saml:Issuer>https://app.onelogin.com/saml/metadata/xxx</saml:Issuer><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/></samlp:Status><saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Version="2.0" ID="pfx8b02c224-25b6-1d98-cf69-ff8e4f0ca860" IssueInstant="2017-06-21T14:02:53Z"><saml:Issuer>https://app.onelogin.com/saml/metadata/xxx</saml:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#pfx8b02c224-25b6-1d98-cf69-ff8e4f0ca860"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>NDtROTF2fPPikcJGomu4xGRjZBw=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>5y5JGtuZQBhmiNWnklJP9IXHbsMvwWQ8HZPuOg1j/K7p14AfFQVbNy4uJFRhsxrSH2dqKk79M/T7AgwUyMNmRV/T6hBXNg0RIW+f2Yp7BeqCX5XfhKXCbOsRBYwetvUUQpGrDFMEHzyY7UFWElNO8kyAI6hxD33dM7Q5ORDtxteFm0ONY90qPSsX5IGCnw2m2IZE/mInbteuRZYGzKxubbR6QXQLXrdrgXWduU80Gld65q5JMO3KEH/K6Ebym0GykyR3oS1dXXvz9ts+ZBF9RieRcAJ3515qRdJ3wd6JCBsrIu2W8ZBAeP9/Z6ynTJwj3MX7TaKm0eMUc+GM6HUjAVOkti6F4KP+rls6E6zRJxD2oeVljk5ssmeZnlGE3mzVxIiDXstmmStqqNdWRQ3NkNunvYAabml/BbbDSzRIH8xTwX0PQq7ZDttn0F5mKd9lF8ncBfLQ8ZahreLUSKRgUyUU0BycgTfuvfTFO/JWtMbNBoempSf+ptV632wXDAzzDCKriGvNGe4/i99fv48hTUvjrgcZoPSvfakh7EynEtB/gH7JRX90I8OV+Qnnkeq6nDgWuNPmhmB97JQCiauoSq2vKU42TC9Fi/pbDFW3mv5qzpbQH8qv/q/T/mDceNLelyUsIGPGBXzPwNmP8CdUKLE4Ln46ID+hq40BeY1YVdc=</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIGZTCCBE2gAwIBAgIULEW2UPHc+tQMo/j0NBM+8SbWK7IwDQYJKoZIhvcNAQELBQAwcjELMAkGA1UEBhMCVVMxKzApBgNVBAoMIk9uZUxvZ2luIFRlc3QgKHNnYXJjaWEtdXMtcHJlcHJvZCkxFTATBgNVBAsMDE9uZUxvZ2luIElkUDEfMB0GA1UEAwwWT25lTG9naW4gQWNjb3VudCA4OTE0NjAeFw0xNzA2MjAxMDA4MTlaFw0yMjA2MjExMDA4MTlaMHIxCzAJBgNVBAYTAlVTMSswKQYDVQQKDCJPbmVMb2dpbiBUZXN0IChzZ2FyY2lhLXVzLXByZXByb2QpMRUwEwYDVQQLDAxPbmVMb2dpbiBJZFAxHzAdBgNVBAMMFk9uZUxvZ2luIEFjY291bnQgODkxNDYwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDzOWemVjGJTRG72AlAYnNapp26qnnNeNQVt4e56xi+56hjW5OTfgriP27rvAOd+CePIYA3ZyL0pk2LOPA/JtA0JA8LKN1vcGvfJcrpcsbFM5Y2BN5wTnqprT8rvG5eFmeK4r72qJ4wb4bUZJroT9+fU/gs/JOizhP4Z79icLQcbTTe0mc4n+/yoTxThAAraAsiOr3KQzXlTYB8zPMA2GI9TJ5Djc+g52C2vk2OhLEaSAPXGKLhvWukbyUMS34ofnqHaNO0ZbwUmw+8lgHBjIndXsSaFsm18SPnKTtfs1cLekzDveFvJ0T5V8PQWooqWUdg3hkrIiKZpOIcz8uYElpkQDJ2q++MjC7VsT1tKkjMGTv7SMicPscxAG89OaWRg+zmaDzqvdtNPGFe+8oatXp0FBMsnlsyIwdcoHTstloVEcOTSiT8wmjvkkIg5YR6vScmLhR6AQArRP2lWR0kXoSddEDk5fFDG+qMLus+N09YfUOKPswP6MtT9vNhPeIBP87qZLl4qbVCY+TWdNr5lONAH+Xmtk3Pf2phg74qZIZ87bEmJBSXKp8/Qm6Y4ruj6S+SPYt3/vKw130VfaGaSFyOlfAq3naiJqffa2tzneJ7Om/sHFee2Zj2hYqncxu6KR1qeR7lucB5o7z0ljGeUukp8GiVcubsQ3RNnfuCdsaeSwIDAQABo4HyMIHvMAwGA1UdEwEB/wQCMAAwHQYDVR0OBBYEFKewY7diVRP96TRYhW2f/1ktWrJAMIGvBgNVHSMEgacwgaSAFKewY7diVRP96TRYhW2f/1ktWrJAoXakdDByMQswCQYDVQQGEwJVUzErMCkGA1UECgwiT25lTG9naW4gVGVzdCAoc2dhcmNpYS11cy1wcmVwcm9kKTEVMBMGA1UECwwMT25lTG9naW4gSWRQMR8wHQYDVQQDDBZPbmVMb2dpbiBBY2NvdW50IDg5MTQ2ghQsRbZQ8dz61Ayj+PQ0Ez7xJtYrsjAOBgNVHQ8BAf8EBAMCB4AwDQYJKoZIhvcNAQELBQADggIBAC2TQ4yqwk0ePey99JYI5PfMRVEnUyyCSPfKmyVJgoOZwk97+CZuq1MNqGavcExd1ofc4wkN3unk/g7qVRPBV24k9FZaicYrp5maSHakL2SJD8qo/deohYFaeH8RzszxEZbJJYMLiXyRJi44T28TyF8admIwUJVg/KBhNAHi/IlAsRWPL92nWJjSCBHgiPaG5HF10t/GaQSJuQpdhxniUlseuqXZ/Qm0MjAgSTlyaBIxLyOErrpVujwiR5RTHLw0wn+2P0WmfVp7e79GOqzFuwmoLfxUtJgalc7av9VwFdEB2nWF2hu7BwE9rzg8FTaw1uAEu+LQ++IUuI+ydparFWoo/IwtSrXF59mBoKMld58K4L+TfWwUYF3hAmH2XNiSBTFZn1HBsK+XqS1CUGD8R0WSVvQC2jjFbxztFkrOIzz5ITLzKcjr1E86r5PvBQXeeTvVz6g2L+wEA5VXGYh/RItHEkuwn7EPWpvJUfc5B0m57rfr0+UqWZaLbhczrmHFn0HaDXcs2ldi7y+Eiv6IP3vrJrHhdCDlVPLQH8w0f4vNcR8YYVOfWFHYzyo4oqRYFMRmoqfubs90zGLcB5ugm56k5VaseP+VGwjjTEyiD4CYPLEvKm0Z2M0L6MIkhp/9VYl8ZAWvPGKFMSaANkiMlux2uEBeG3s4nLQcunumphAo</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml:Subject><saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">[email protected]</saml:NameID><saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><saml:SubjectConfirmationData NotOnOrAfter="2017-06-21T14:05:53Z" Recipient="http://localhost:8080/java-saml-tookit-jspsample/acs.jsp" InResponseTo="ONELOGIN_ff471784-2ea6-46eb-9d49-4cb8b608364a"/></saml:SubjectConfirmation></saml:Subject><saml:Conditions NotBefore="2017-06-21T13:59:53Z" NotOnOrAfter="2017-06-21T14:05:53Z"><saml:AudienceRestriction><saml:Audience>http://localhost:8080/java-saml-tookit-jspsample/metadata.jsp</saml:Audience></saml:AudienceRestriction></saml:Conditions><saml:AuthnStatement AuthnInstant="2017-06-21T14:02:52Z" SessionNotOnOrAfter="2017-06-22T14:02:53Z" SessionIndex="_f12653a0-3897-0135-9ed0-024f2443b5dc"><saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml:AuthnContextClassRef></saml:AuthnContext></saml:AuthnStatement><saml:AttributeStatement><saml:Attribute Name="User.LastName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">garcia</saml:AttributeValue></saml:Attribute><saml:Attribute Name="User.FirstName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">sixto</saml:AttributeValue></saml:Attribute><saml:Attribute Name="PersonImmutableID" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string"/></saml:Attribute><saml:Attribute Name="memberOf" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string"/></saml:Attribute><saml:Attribute Name="User.email" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"><saml:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">[email protected]</saml:AttributeValue></saml:Attribute></saml:AttributeStatement></saml:Assertion></samlp:Response>
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		3TnZkqNIkr9Slv0oU4EQSCDrShtugQTiluBljCM4xClOia8fpKzMyayuqq7uWbOd3QdMFh5+u4dHuOv3xs2zaqOBpiqLBny65lnRbO7AL09dXWxKt0maTeHmoNm0/kYnpf0G+Qxv3KYBdZuUxdM7kurnNFVdtqVfZk+fBObLkwYvcOAi8HoJlgGOLGEE4B4WYuHa90MXRlyAuFjgrr2nTxaom0nUl6eJy0TcNB0QiqZ1i3YCwYv1HF7NkYWxQDcwssGWztMnBjRtUrjtgypu22oDQVnpu1lcNu0Gh3EYOru9O79rPW/LMk3a+bmppmWVAcj1m8/TahJVvDrGKL88HWR2f+AF+Z9hiK4XaxydI8BdzdEV8OZEgBJz1PdwbwXjyxXqPj3/fme+eWhbP991aCYl3Kr6XBYgK6Ok+OyXOXRHgnLQuoHbutD1ev0dek/3+0t89NZtu+bjii4D8Mlysw783O3NA3ujd74PmuYJen6R8JHphnwN6N9PgWvz5uthGD4Py89lHUEIDC+gk7TX/Rjk7r9xkz9HniePKPvgDykw5U8VXnEPRnwEmeKAeav5IiDwuR+uiHkY4gANYd/FV7+WL/9DsQomLyfRlHZd/XqSgh/5BIZgAppwgiaJfnt6owWBUITlY0m7RVkkU84m4yORJdDGZfCJzKKyTto4/6H/FvCd8Rxc/bm/QIvf7iF/r9ovMvqgYd1MhyV2F195aSAENZgi88nUhC9Pv/1qMB7ERu0WTVjWefNx+dc0AkU/haYCwbx5Neyrcr/O8Pu+gv6oI5NEU0X5O45757QXJo8T+ywzrXYwOCRUlCT1Rb7MO/TKa2eHGr48FHiP/AC8ufxl+U2yvAX3hQK7YSLfdo5KxXkiH4s0ExVCOG29RuqHo4pvHaU7RIsztFtXC5QMOdXy5BvaiZwWN9da3yLBZZeuCQky1mQ0mDdJzjULMlYxdZIjWBOOsxCxqzUFLvQJO4Xx7kR7h0aj7AG0vWmqFV8znMRux5u9Nrkjm8kHPL2Rwiq+MstlIK1V7KAx7bUFXA4fZJuAL4renDCBp4sByRHBYaFcKLwWdJpj8+Pu2nmetlJP6v5UB3V0OgadicN8FqywCyZKh+WO3UK7Fevdcpi/pTdtWeqL4HTqR6JtZg7FEVoCNJ8Ul9gCu2iBuByClUhTTS10yBF3KBIoBOSsboUhDueldFob7i6HgWT6M15abc0zaR3SNllx6E6Z1VmzYlejJl4ZpARWdk6xpsmBU2Q8u8xH6yokzKlp81xvLxc5OGrqUk7lruht0vWmIkJ5HqOPmrDFr8ZwghX1snaYti1gDst3AZFxeOFT4V7FHTeuwd7Ud1pk3kwTpm5+ZIRdHxrcARKPreTJVAnySg9nVWutlshwYshxZOhdnfC9zAMUSggi7FE8Nsz+XEe+Uyp6H7ppvGZvBdtSULRdi9qJgAX8YM3UokjBZVUw0bGTlTzOKWItqnTidqV+QfqdiSIGTXAJVHkMd1zmPXYZK0/d4pceukAGlDM+kPcgu5mNwCs8dRqVQc4VnA7M3Z5F9wW6EphZfEFhCtgL2wr8L2/p/C5/7ym9A7e39D5hMMFMRfdtQd+vnnCqji14lgSBdwyaplgkIgeBIiPB3LNHxFS2/qxVpRI6wzIlzXDdO+7WwsCotrgrHSHufZlU2T2lkoN/ZvcSmfLkwmSpWKItS7ruRrKiItmiyFISUqJzzGvvIFkncFrmL9Vot5UL+ySe3SPbBiep9bdiNn29Q6dXziCNF9pGYth3tGyWmgwbShT8kEUOw9FAsMzgicI9opF6lM/e0uoCmkQPBgvLZxJwA3yVRxKRzuRVYkhUMjJ3gt2m9QRj32DSVrjSIym+yLUNMrMMSW+GnWozlqruGFpUvNySPCSovIQynZMMC3Q8Ogh3s5Es3p+scX+ibs70eYhaSZo5sMODds+Q1/e0osOR1+1IBi+yJIl77x+WO9sIsfAKNTow6VVm7CGKhEQiYZ7WL7wueEtGZSlSNUkSFWhmIO/7O7IUaFJlxsMR5NaZFw2NXyNkRtqFPF3FyOpSFDKQVatFAba6JjNsFZ+P2MEIozpRkHXdk4dgRgNFsMmlc9vDVYrsDwoJiS0JiyS+38mL3uf7UPTrym88TsJshJKxwSguVW3gdc9jUzUCO7ReIxcRHTzUMx2xLg1iFppQ1EDiIRljBXXWROLvVd8zDADnPlrMoFtpXI2YJGuXbJJDvdyp4ykzbAofFYlEeIEwRIw5+7MIQ2ikT5FDvGddnVRO/G4f98cu9W6mpC/RMiwuW1c+wI43mPkww7NoS52FIjg1uss1+QLXlWJntGGz8PcgHZkecL0IG5iFK+qxLC9HM4iWcVoLyc6pDoI/4p3NZlWqMiJymc2kM722GmPR7tKzxBv9WpcSX2n8K8njxME9atFszF1mvPRBKys8B2Z46banCuYoqSmy5iYMgV9ujabNSov1D4aeGPiQn/s0FSLM1la97uf7WFuRKllrCpIdNTg9lXoQsEyKhRzDzy7SvmtmMkzYoXnYKc2grKTWIHo5VoBAKfj64uwz9OJZtD0zjoFcY9lBJrezU96mSyVEqjhaoxdHcPC1x+YipZ92FQ6p+cpG6+680me6YrdLqN8NiyVshS7v6tztkIXkZVm4iXgJQxdpxwKI68P0ottyACDOGYntS+Ffu9VOW1yAts46n8LK9QhnZx6YXVrhfGL5ndeoS00uwo4OGhfog8BMdlIlur1JwraXyOF+pgN2YCloUGmJJIft/exp8IGibJbbgcFeB4mlKcTK0Oz4iITQIm2PtUhKAt/fz9JWl9jI9Ydoyo6f4ZcnNw0Y6iapzUC/nG+eHUTLHNlaol/qGB0NyfvaYvHWONWV0keC2M/lytYXC/+2GPzcmj4i3RmsJVHSC+0wSO9p9ekKkzT8xR5VZRjKeV8PKBuR++CIwQITYZKhIlGsNprnqHgwrhbk7TxTVJgd11extevmTB4etqo4RYb4VAgkmkLJ79VlZqoLFEkjhoreLkMKAwXcCEK0BUwJJc1iC/N2o3Ul3OU3S4zKgzOkxHpGO91lIckX3u199hosytBHh1RedkUKRevL5E/KQtCU4Bw38e26wnJX37rpHtFFBr+UUADK2OZcsMW1sRmvrOOJoi3tk9NNExMUNRDcuHG4G+TCYIpWBO2oeMrQBBIystGOyp5AiqN41mlqGyWKy2NbbgG3EO+qutipVRBfi8TMGtBdTs6UuPBUxyPdyG4uJVz3twNb15XVnYdEwzRjux/goZghCnzMQ6tagzXBHy4j1w15uQ+vZitGbuav3Z6wBi5gqUkyh8TdmhpYoh4jnDPcYdGRbDfbq7OZYHbC7BZUbs1NxQIShlavTxxG5FS5k7IAw3fofmaEx8G0uWVM5lvkJCc6ZXBOsdhSzW52uugL2uQZXIOPutWrNHI+c951bLm0PgjjiAnGftz553rB4qsaU3pKPQFg9Na4ipD9bGBJzDrxdgxpQrtl024o1qxyrHrRDH2MgnNsXYc1PDMvR8fde7E/1vmWK+Cty5z8BsmCZH2bsUm/EpRlX4v1Ng5oJrOU/fQAGeAQ7WVfw23bOoRHbmuPtxItL5rNSVpeXsLp9BLwyO+nk91FObZKMcttgDKz+OF8NthbwqC0rezZfnr2OYgE71fTrR9XEGHZGe6Qx17hd5yku6ScJlLWXZGOpQC/bNBiugu6osurmCwfj5lvHyhvwJcnDPT+cfPh8fO1D9U77wz89utKnjpvgfnETc2I2/64JV98XjwgSTAPH6ibqYNOMjII6nvb/9wk17b8HLm1n7izrplXNajqMvjH+w73az/7IvGjMnRZhMmd7X1E8NII/Xw84OcbD7g1qJ9+zOjuj09y2R6KQ02GLaj/0J9jL/McDfhJlYB7A/+/M815nZp8z4pvtr6aO2EEyX27uVtIgSko4KN5yw1GvJj3Cy54HdN0QXJvAidL2jrxX8R/2Hn+yw56nWjcvfTVlDdm36w/iIW+sfNNkTYu7rMlkE8B+/RY/mT8gkz261OGThx+4Abk/WTvK+r0JALXL0//DBfIClu68HyJExP2YonNCRDAcxhBQwRFlx4W+E/vFZvUbcG1/Q6Iztymmbrs558OvfyNf8ebwMr0M5R1oNRlO4UdBI+ZQVXW7ZvTvsP8O3sfYG+Oe9WwnRzudS344can+3H98mQ2oP68d5v2vnx6AP+sZDwMmtjcoa9Fw5vw/u2xVxmPruxvju4m/E17qyYVr83mnj5F9PT8UodeDf8g5vlb6M8M5pL6/4jFj/r7HxmsgLqZMj/Pu9b1sqlC/7fbDP2qZTnIPVAfwv83Bj1y83H//reb9FfeBX+attAPSxb08U+Gt/8gXm/k538B