saml logging
This commit is contained in:
Bill Burke
parent
85c4279f0b
commit
1b0aa8e55b
7 changed files with 56 additions and 9 deletions
|
|
@ -1,5 +1,7 @@
|
|||
package org.keycloak.saml;
|
||||
|
||||
import org.jboss.logging.Logger;
|
||||
import org.keycloak.common.util.StreamUtil;
|
||||
import org.keycloak.saml.common.PicketLinkLogger;
|
||||
import org.keycloak.saml.common.PicketLinkLoggerFactory;
|
||||
import org.keycloak.saml.processing.api.saml.v2.request.SAML2Request;
|
||||
|
|
@ -9,6 +11,7 @@ import org.keycloak.saml.processing.web.util.PostBindingUtil;
|
|||
import org.keycloak.saml.processing.web.util.RedirectBindingUtil;
|
||||
|
||||
import java.io.ByteArrayInputStream;
|
||||
import java.io.IOException;
|
||||
import java.io.InputStream;
|
||||
|
||||
/**
|
||||
|
|
@ -17,10 +20,23 @@ import java.io.InputStream;
|
|||
*/
|
||||
public class SAMLRequestParser {
|
||||
private static final PicketLinkLogger logger = PicketLinkLoggerFactory.getLogger();
|
||||
protected static Logger log = Logger.getLogger(SAMLRequestParser.class);
|
||||
|
||||
public static SAMLDocumentHolder parseRequestRedirectBinding(String samlMessage) {
|
||||
InputStream is;
|
||||
is = RedirectBindingUtil.base64DeflateDecode(samlMessage);
|
||||
if (log.isDebugEnabled()) {
|
||||
String message = null;
|
||||
try {
|
||||
message = StreamUtil.readString(is);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
log.debug("SAML Redirect Binding");
|
||||
log.debug(message);
|
||||
is = new ByteArrayInputStream(message.getBytes());
|
||||
|
||||
}
|
||||
SAML2Request saml2Request = new SAML2Request();
|
||||
try {
|
||||
saml2Request.getSAML2ObjectFromStream(is);
|
||||
|
|
@ -35,6 +51,11 @@ public class SAMLRequestParser {
|
|||
public static SAMLDocumentHolder parseRequestPostBinding(String samlMessage) {
|
||||
InputStream is;
|
||||
byte[] samlBytes = PostBindingUtil.base64Decode(samlMessage);
|
||||
if (log.isDebugEnabled()) {
|
||||
String str = new String(samlBytes);
|
||||
log.debug("SAML POST Binding");
|
||||
log.debug(str);
|
||||
}
|
||||
is = new ByteArrayInputStream(samlBytes);
|
||||
SAML2Request saml2Request = new SAML2Request();
|
||||
try {
|
||||
|
|
@ -48,10 +69,15 @@ public class SAMLRequestParser {
|
|||
|
||||
public static SAMLDocumentHolder parseResponsePostBinding(String samlMessage) {
|
||||
byte[] samlBytes = PostBindingUtil.base64Decode(samlMessage);
|
||||
log.debug("SAML POST Binding");
|
||||
return parseResponseDocument(samlBytes);
|
||||
}
|
||||
|
||||
public static SAMLDocumentHolder parseResponseDocument(byte[] samlBytes) {
|
||||
if (log.isDebugEnabled()) {
|
||||
String str = new String(samlBytes);
|
||||
log.debug(str);
|
||||
}
|
||||
InputStream is = new ByteArrayInputStream(samlBytes);
|
||||
SAML2Response response = new SAML2Response();
|
||||
try {
|
||||
|
|
@ -65,6 +91,18 @@ public class SAMLRequestParser {
|
|||
|
||||
public static SAMLDocumentHolder parseResponseRedirectBinding(String samlMessage) {
|
||||
InputStream is = RedirectBindingUtil.base64DeflateDecode(samlMessage);
|
||||
if (log.isDebugEnabled()) {
|
||||
String message = null;
|
||||
try {
|
||||
message = StreamUtil.readString(is);
|
||||
} catch (IOException e) {
|
||||
throw new RuntimeException(e);
|
||||
}
|
||||
log.debug("SAML Redirect Binding");
|
||||
log.debug(message);
|
||||
is = new ByteArrayInputStream(message.getBytes());
|
||||
|
||||
}
|
||||
SAML2Response response = new SAML2Response();
|
||||
try {
|
||||
response.getSAML2ObjectFromStream(is);
|
||||
|
|
|
|||
|
|
@ -61,7 +61,6 @@
|
|||
<groupId>org.jboss.logging</groupId>
|
||||
<artifactId>jboss-logging-annotations</artifactId>
|
||||
<scope>provided</scope>
|
||||
<optional>true</optional>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.jboss.logging</groupId>
|
||||
|
|
|
|||
|
|
@ -434,7 +434,7 @@ public class SAMLEndpoint {
|
|||
|
||||
@Override
|
||||
protected SAMLDocumentHolder extractResponseDocument(String response) {
|
||||
return SAMLRequestParser.parseRequestRedirectBinding(response);
|
||||
return SAMLRequestParser.parseResponseRedirectBinding(response);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -429,7 +429,7 @@ public class SamlService extends AuthorizationEndpointBase {
|
|||
|
||||
@Override
|
||||
protected SAMLDocumentHolder extractResponseDocument(String response) {
|
||||
return SAMLRequestParser.parseRequestRedirectBinding(response);
|
||||
return SAMLRequestParser.parseResponseRedirectBinding(response);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
17
services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java
Normal file → Executable file
17
services/src/main/java/org/keycloak/services/DefaultKeycloakSessionFactory.java
Normal file → Executable file
|
|
@ -69,7 +69,17 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory {
|
|||
|
||||
ProviderManager pm = new ProviderManager(getClass().getClassLoader(), Config.scope().getArray("providers"));
|
||||
|
||||
for (Spi spi : ServiceLoader.load(Spi.class, getClass().getClassLoader())) {
|
||||
ServiceLoader<Spi> load = ServiceLoader.load(Spi.class, getClass().getClassLoader());
|
||||
loadSPIs(pm, load);
|
||||
for ( Map<String, ProviderFactory> factories : factoriesMap.values()) {
|
||||
for (ProviderFactory factory : factories.values()) {
|
||||
factory.postInit(this);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
protected void loadSPIs(ProviderManager pm, ServiceLoader<Spi> load) {
|
||||
for (Spi spi : load) {
|
||||
Map<String, ProviderFactory> factories = new HashMap<String, ProviderFactory>();
|
||||
factoriesMap.put(spi.getProviderClass(), factories);
|
||||
|
||||
|
|
@ -118,11 +128,6 @@ public class DefaultKeycloakSessionFactory implements KeycloakSessionFactory {
|
|||
}
|
||||
}
|
||||
}
|
||||
for ( Map<String, ProviderFactory> factories : factoriesMap.values()) {
|
||||
for (ProviderFactory factory : factories.values()) {
|
||||
factory.postInit(this);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public KeycloakSession create() {
|
||||
|
|
|
|||
|
|
@ -92,6 +92,10 @@
|
|||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpclient</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-server-spi</artifactId>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.keycloak</groupId>
|
||||
<artifactId>keycloak-ldap-federation</artifactId>
|
||||
|
|
|
|||
|
|
@ -38,6 +38,7 @@ log4j.logger.org.keycloak.connections.jpa.updater.liquibase.LiquibaseJpaUpdaterP
|
|||
|
||||
# Enable to view detailed AS REQ and TGS REQ requests to embedded Kerberos server
|
||||
# log4j.logger.org.apache.directory.server.kerberos=debug
|
||||
log4j.logger.org.keycloak.saml=debug
|
||||
|
||||
log4j.logger.org.xnio=off
|
||||
log4j.logger.org.hibernate=off
|
||||
|
|
|
|||
Loading…
Reference in a new issue