omindu · July 12, 2016 20:55
diff --git a/samlsso_notification.jsp b/samlsso_notification.jsp
 <%--
  ~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
  ~
  ~ WSO2 Inc. licenses this file to you under the Apache License,
  ~ Version 2.0 (the "License"); you may not use this file except
  ~ in compliance with the License.
  ~ You may obtain a copy of the License at
  ~
  ~ http://www.apache.org/licenses/LICENSE-2.0
  ~
  ~ Unless required by applicable law or agreed to in writing,
  ~ software distributed under the License is distributed on an
  ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  ~ KIND, either express or implied.  See the License for the
  ~ specific language governing permissions and limitations
  ~ under the License.
  --%>

 <%@ page import="org.wso2.carbon.identity.application.authentication.endpoint.util.Constants" %>
 <%@ page import="org.owasp.encoder.Encode" %>
 <%@ page import="java.net.URLDecoder"%>
 <%@ page import="org.apache.commons.codec.binary.Base64"%>
 <%@ page import="java.util.zip.Inflater"%>
 <%@ page import="java.util.zip.InflaterInputStream"%>
 <%@ page import="java.util.zip.DataFormatException" %>
 <%@ page import="java.io.ByteArrayInputStream" %>
 <%@ page import="java.io.ByteArrayOutputStream" %>
 <%@ page import="java.nio.charset.StandardCharsets" %>

 <%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>

 <%

    String stat = request.getParameter(Constants.STATUS);
    String statusMessage = request.getParameter(Constants.STATUS_MSG);
    String encodedResponse = "";
    String acsURL = "";
    String decodedString;
    boolean success = false;

    if (stat == null || statusMessage == null) {
        success = false;
    }
    String samlError = request.getParameter("SAMLResponse");

    if (samlError == null || samlError.isEmpty()) {
        success = false;
    }

    try {
        Base64 base64Decoder = new Base64(0);
        byte[] xmlBytes = samlError.getBytes(StandardCharsets.UTF_8);
        byte[] base64DecodedByteArray = base64Decoder.decode(xmlBytes);

        try {

            Inflater inflater = new Inflater(true);
            inflater.setInput(base64DecodedByteArray);
            byte[] xmlMessageBytes = new byte[5000];
            int resultLength = inflater.inflate(xmlMessageBytes);
            inflater.end();
            decodedString = new String(xmlMessageBytes, 0, resultLength, StandardCharsets.UTF_8);

            if (!inflater.finished()) {
                success = false;
            } else {
                success = true;
            }

        } catch (DataFormatException e) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(base64DecodedByteArray);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            InflaterInputStream iis = new InflaterInputStream(byteArrayInputStream);
            byte[] buf = new byte[1024];
            int count = iis.read(buf);
            while (count != -1) {
                byteArrayOutputStream.write(buf, 0, count);
                count = iis.read(buf);
            }
            iis.close();
            decodedString = new String(byteArrayOutputStream.toByteArray(), StandardCharsets.UTF_8);
            success = true;
        }

        byte[] encodeBytes = base64Decoder.encode(decodedString.getBytes(StandardCharsets.UTF_8));
        encodedResponse = new String(encodeBytes, StandardCharsets.UTF_8);

        acsURL = request.getParameter("ACSUrl");

        if (acsURL == null || acsURL.isEmpty()) {
            success = false;
        } else {
            acsURL = URLDecoder.decode(acsURL, StandardCharsets.UTF_8.name());
            success = true;
        }
    } catch (Exception e) {
        success = false;
    }

    if (!success) {
        stat = "Authentication Error !";
        statusMessage = "Something went wrong during the authentication process. Please try signing in again.";
    }

    session.invalidate();
 %>

 <% if (success) {%>

 <html>
 <body>

 <form method='post' action='<%=acsURL%>'>
    <p>
        <input type='hidden' name='SAMLResponse' value='<%=Encode.forHtmlAttribute(encodedResponse)%>'>
    <noscript>
        <button type='submit'>Continue..</button>
    </noscript>
    </p>
 </form>
 <script type='text/javascript'>
    document.forms[0].submit();
 </script>
 </body>
 </html>

 <%} else {%>
 <style>
    .info-box {
        background-color: #EEF3F6;
        border: 1px solid #ABA7A7;
        font-size: 13px;
        font-weight: bold;
        margin-bottom: 10px;
        padding: 10px;
    }
 </style>

 <fmt:bundle basename="org.wso2.carbon.identity.application.authentication.endpoint.i18n.Resources">
    <div id="middle">
        <h2><fmt:message key='saml.sso'/></h2>

        <div id="workArea">
            <div class="info-box">
                <%=Encode.forHtml(stat)%>
            </div>
            <table class="styledLeft">
                <tbody>
                <tr>
                    <td><%=Encode.forHtmlContent(statusMessage)%>
                    </td>
                </tr>
                </tbody>
            </table>
        </div>
    </div>
 </fmt:bundle>

 <% } %>
	<%--
	~ Copyright (c) 2016, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
	~
	~ WSO2 Inc. licenses this file to you under the Apache License,
	~ Version 2.0 (the "License"); you may not use this file except
	~ in compliance with the License.
	~ You may obtain a copy of the License at
	~
	~ http://www.apache.org/licenses/LICENSE-2.0
	~
	~ Unless required by applicable law or agreed to in writing,
	~ software distributed under the License is distributed on an
	~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	~ KIND, either express or implied. See the License for the
	~ specific language governing permissions and limitations
	~ under the License.
	--%>

	<%@ page import="org.wso2.carbon.identity.application.authentication.endpoint.util.Constants" %>
	<%@ page import="org.owasp.encoder.Encode" %>
	<%@ page import="java.net.URLDecoder"%>
	<%@ page import="org.apache.commons.codec.binary.Base64"%>
	<%@ page import="java.util.zip.Inflater"%>
	<%@ page import="java.util.zip.InflaterInputStream"%>
	<%@ page import="java.util.zip.DataFormatException" %>
	<%@ page import="java.io.ByteArrayInputStream" %>
	<%@ page import="java.io.ByteArrayOutputStream" %>
	<%@ page import="java.nio.charset.StandardCharsets" %>

	<%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %>

	<%

	String stat = request.getParameter(Constants.STATUS);
	String statusMessage = request.getParameter(Constants.STATUS_MSG);
	String encodedResponse = "";
	String acsURL = "";
	String decodedString;
	boolean success = false;

	if (stat == null \|\| statusMessage == null) {
	success = false;
	}
	String samlError = request.getParameter("SAMLResponse");

	if (samlError == null \|\| samlError.isEmpty()) {
	success = false;
	}

	try {
	Base64 base64Decoder = new Base64(0);
	byte[] xmlBytes = samlError.getBytes(StandardCharsets.UTF_8);
	byte[] base64DecodedByteArray = base64Decoder.decode(xmlBytes);

	try {

	Inflater inflater = new Inflater(true);
	inflater.setInput(base64DecodedByteArray);
	byte[] xmlMessageBytes = new byte[5000];
	int resultLength = inflater.inflate(xmlMessageBytes);
	inflater.end();
	decodedString = new String(xmlMessageBytes, 0, resultLength, StandardCharsets.UTF_8);

	if (!inflater.finished()) {
	success = false;
	} else {
	success = true;
	}

	} catch (DataFormatException e) {
	ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(base64DecodedByteArray);
	ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
	InflaterInputStream iis = new InflaterInputStream(byteArrayInputStream);
	byte[] buf = new byte[1024];
	int count = iis.read(buf);
	while (count != -1) {
	byteArrayOutputStream.write(buf, 0, count);
	count = iis.read(buf);
	}
	iis.close();
	decodedString = new String(byteArrayOutputStream.toByteArray(), StandardCharsets.UTF_8);
	success = true;
	}

	byte[] encodeBytes = base64Decoder.encode(decodedString.getBytes(StandardCharsets.UTF_8));
	encodedResponse = new String(encodeBytes, StandardCharsets.UTF_8);

	acsURL = request.getParameter("ACSUrl");

	if (acsURL == null \|\| acsURL.isEmpty()) {
	success = false;
	} else {
	acsURL = URLDecoder.decode(acsURL, StandardCharsets.UTF_8.name());
	success = true;
	}
	} catch (Exception e) {
	success = false;
	}

	if (!success) {
	stat = "Authentication Error !";
	statusMessage = "Something went wrong during the authentication process. Please try signing in again.";
	}

	session.invalidate();
	%>

	<% if (success) {%>

	<html>
	<body>

	<form method='post' action='<%=acsURL%>'>
	<p>
	<input type='hidden' name='SAMLResponse' value='<%=Encode.forHtmlAttribute(encodedResponse)%>'>
	<noscript>
	<button type='submit'>Continue..</button>
	</noscript>
	</p>
	</form>
	<script type='text/javascript'>
	document.forms[0].submit();
	</script>
	</body>
	</html>

	<%} else {%>
	<style>
	.info-box {
	background-color: #EEF3F6;
	border: 1px solid #ABA7A7;
	font-size: 13px;
	font-weight: bold;
	margin-bottom: 10px;
	padding: 10px;
	}
	</style>

	<fmt:bundle basename="org.wso2.carbon.identity.application.authentication.endpoint.i18n.Resources">
	<div id="middle">
	<h2><fmt:message key='saml.sso'/></h2>

	<div id="workArea">
	<div class="info-box">
	<%=Encode.forHtml(stat)%>
	</div>
	<table class="styledLeft">
	<tbody>
	<tr>
	<td><%=Encode.forHtmlContent(statusMessage)%>
	</td>
	</tr>
	</tbody>
	</table>
	</div>
	</div>
	</fmt:bundle>

	<% } %>