From 03b1dff1bd7e0b70d919f5426fbd9c82999bb1b0 Mon Sep 17 00:00:00 2001
From: Hynek Mlnarik <hmlnarik@redhat.com>
Date: Mon, 22 May 2017 15:11:06 +0200
Subject: [PATCH] KEYCLOAK-4941

---
 .../java/org/keycloak/broker/saml/SAMLDataMarshaller.java  | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/services/src/main/java/org/keycloak/broker/saml/SAMLDataMarshaller.java b/services/src/main/java/org/keycloak/broker/saml/SAMLDataMarshaller.java
index 78459e89e4..508fcbd2f5 100644
--- a/services/src/main/java/org/keycloak/broker/saml/SAMLDataMarshaller.java
+++ b/services/src/main/java/org/keycloak/broker/saml/SAMLDataMarshaller.java
@@ -21,6 +21,7 @@ import org.keycloak.broker.provider.DefaultDataMarshaller;
 import org.keycloak.dom.saml.v2.assertion.AssertionType;
 import org.keycloak.dom.saml.v2.assertion.AuthnStatementType;
 import org.keycloak.dom.saml.v2.protocol.ResponseType;
+import org.keycloak.saml.common.constants.GeneralConstants;
 import org.keycloak.saml.common.exceptions.ParsingException;
 import org.keycloak.saml.common.exceptions.ProcessingException;
 import org.keycloak.saml.common.util.StaxUtil;
@@ -66,7 +67,7 @@ public class SAMLDataMarshaller extends DefaultDataMarshaller {
                 throw new RuntimeException(pe);
             }
 
-            return new String(bos.toByteArray());
+            return new String(bos.toByteArray(), GeneralConstants.SAML_CHARSET);
         } else {
             return super.serialize(obj);
         }
@@ -79,12 +80,12 @@ public class SAMLDataMarshaller extends DefaultDataMarshaller {
 
             try {
                 if (clazz.equals(ResponseType.class) || clazz.equals(AssertionType.class)) {
-                    byte[] bytes = xmlString.getBytes();
+                    byte[] bytes = xmlString.getBytes(GeneralConstants.SAML_CHARSET);
                     InputStream is = new ByteArrayInputStream(bytes);
                     Object respType = new SAMLParser().parse(is);
                     return clazz.cast(respType);
                 } else if (clazz.equals(AuthnStatementType.class)) {
-                    byte[] bytes = xmlString.getBytes();
+                    byte[] bytes = xmlString.getBytes(GeneralConstants.SAML_CHARSET);
                     InputStream is = new ByteArrayInputStream(bytes);
                     XMLEventReader xmlEventReader = new SAMLParser().createEventReader(is);
                     AuthnStatementType authnStatement = SAMLParserUtil.parseAuthnStatement(xmlEventReader);