2

我一直在开发 SAML 2.0 SSO。我在解码 64Base 字符串以将其转换为 xml 然后稍后读取内容时遇到问题。

以下是我一直在使用的代码:

Protected Function uf_getIDFromSAMLRequest(ByVal as_samlRequest As String) As String
        Dim ms As New MemoryStream(Convert.FromBase64String(as_samlRequest))
        Dim decompress As New DeflateStream(ms, CompressionMode.Decompress)
        Dim xmlMessageBytes As Byte() = New Byte() {}
        Dim m1 As New MemoryStream(xmlMessageBytes)
        decompress.CopyTo(m1)
        Dim document As New XmlDocument() With { _
         .PreserveWhitespace = True _
        }
        document.LoadXml(Encoding.UTF8.GetString(xmlMessageBytes))
        Return document.DocumentElement.Attributes("ID").InnerXml.ToString()
End Function

下面是base64字符串加密的saml请求:

PHNhbWxwOkF1dGhuUmVxdWVzdCB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiBJRD0iX2JlYzQyNGZhNTEwMzQyODkwOWEzMGZmMWUzMTE2ODMyN2Y3OTQ3NDk4NCIgVmVyc2lvbj0iMi4wIiBJc3N1ZUluc3RhbnQ9IjIwMDctMTItMTBUMTE6Mzk6MzRaIiBGb3JjZUF1dGhuPSJmYWxzZSIgSXNQYXNzaXZlPSJmYWxzZSIgUHJvdG9jb2xCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiBBc3NlcnRpb25Db25zdW1lclNlcnZpY2VVUkw9Imh0dHBzOi8vaWZpbS1xYS5wcnVkZW50aWFsLmNvbS9zcHMvaW50LW1pY3JvbnN5c3RlbXMvc2FtbDIwL2xvZ2luIj4NCiAgICA8c2FtbDpJc3N1ZXIgeG1sbnM6c2FtbD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiI+DQogICAgICAgIHVybjptYWNlOmZlaWRlLm5vOnNlcnZpY2VzOm5vLmZlaWRlLm1vb2RsZQ0KICAgIDwvc2FtbDpJc3N1ZXI+DQogICAgPHNhbWxwOk5hbWVJRFBvbGljeSB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpuYW1laWQtZm9ybWF0OnBlcnNpc3RlbnQiIFNQTmFtZVF1YWxpZmllcj0ibW9vZGxlLmJyaWRnZS5mZWlkZS5ubyIgQWxsb3dDcmVhdGU9InRydWUiIC8+DQogICAgPHNhbWxwOlJlcXVlc3RlZEF1dGhuQ29udGV4dCB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiBDb21wYXJpc29uPSJleGFjdCI+DQogICAgICAgIDxzYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPg0KICAgICAgICAgICAgdXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmRQcm90ZWN0ZWRUcmFuc3BvcnQNCiAgICAgICAgPC9zYW1sOkF1dGhuQ29udGV4dENsYXNzUmVmPg0KICAgIDwvc2FtbHA6UmVxdWVzdGVkQXV0aG5Db250ZXh0Pg0KPC9zYW1scDpBdXRoblJlcXVlc3Q+

我遇到了一个异常:“解码时发现无效数据。” 在使用上面的代码。

在使用SAML 2.0 调试器测试这个加密的 saml 请求时,它应该读作:

<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="_bec424fa5103428909a30ff1e31168327f79474984" Version="2.0" IssueInstant="2007-12-10T11:39:34Z" ForceAuthn="false" IsPassive="false" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="https://ifim-qa.prudential.com/sps/int-micronsystems/saml20/login">
    <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
        urn:mace:feide.no:services:no.feide.moodle
    </saml:Issuer>
    <samlp:NameIDPolicy xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" SPNameQualifier="moodle.bridge.feide.no" AllowCreate="true" />
    <samlp:RequestedAuthnContext xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Comparison="exact">
        <saml:AuthnContextClassRef xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
            urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
        </saml:AuthnContextClassRef>
    </samlp:RequestedAuthnContext>
</samlp:AuthnRequest>

我在这里先向您的帮助表示感谢!

4

1 回答 1

1

好的,我使用以下代码使其工作:

Protected Function uf_getIDFromSAMLRequest(ByVal as_samlRequest As String) As String
        Dim xmlMessageBytes As Byte() = Convert.FromBase64String(as_samlRequest)
        Dim document As New XmlDocument() With { _
         .PreserveWhitespace = True _
        }
        document.LoadXml(Encoding.UTF8.GetString(xmlMessageBytes))
        Return document.DocumentElement.Attributes("ID").InnerXml.ToString()
End Function
于 2011-06-07T01:12:52.583 回答