Request headers again; IdP request MUST be Content-Type: text/xml apparently

2 files changed, 11 insertions, 8 deletions

diff --git a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java
index 3d9d801..60833a1 100644
--- a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java
+++ b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticator.java
@@ -51,8 +51,8 @@ public class ECPAuthenticator extends ECPAuthenticatorBase {
 		logger.info("Sending initial SP Request");

 		

 		HttpGet httpGet = new HttpGet(authInfo.getSpUrl().toString());

-		httpGet.setHeader("Accept", "text/html; application/vnd.paos+xml");

-		httpGet.setHeader("PAOS", "ver='urn:liberty:paos:2003-08';'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'");

+		httpGet.setHeader("Accept", "text/html, application/vnd.paos+xml");

+		httpGet.setHeader("PAOS", "ver=\"urn:liberty:paos:2003-08\";\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp\"");

 

 		HttpResponse httpResponse;

 		String responseBody;

@@ -119,7 +119,7 @@ public class ECPAuthenticator extends ECPAuthenticatorBase {
 		logger.info("Sending Assertion to SP");

 		HttpPost httpPost = new HttpPost(assertionConsumerUrl);

 		httpPost.setHeader("Content-Type", "application/vnd.paos+xml");

-		httpPost.setHeader("PAOS", "ver='urn:liberty:paos:2003-08';'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'");

+		//httpPost.setHeader("PAOS", "ver=\"urn:liberty:paos:2003-08\";\"urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp\"");

 		try {

 			httpPost.setEntity(new StringEntity(documentToString(idpResponse)));

 			httpResponse = client.execute(httpPost);

@@ -145,6 +145,7 @@ public class ECPAuthenticator extends ECPAuthenticatorBase {
 

 	private String getStatusCode(Document idpResponse) {

 		NodeList nl;

+		String result = null;

 		try {

 			nl = (NodeList) queryDocument(idpResponse, "//*", XPathConstants.NODESET);

 		} catch (XPathException e) {

@@ -161,8 +162,10 @@ public class ECPAuthenticator extends ECPAuthenticatorBase {
 			Node val = ns.getAttributes().getNamedItem("Value");

 			if (val == null)

 				continue;

-			return val.getNodeValue();

+			if (result == null || result.endsWith(":Responder")) {

+				result = val.getNodeValue();

+			}

 		}

-		return null;

+		return result;

 	}

 }

diff --git a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java
index 0607281..048f1c7 100644
--- a/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java
+++ b/src/main/java/edu/kit/scc/dei/ecplean/ECPAuthenticatorBase.java
@@ -78,9 +78,9 @@ public abstract class ECPAuthenticatorBase extends Observable {
 

 		try {

 			httpPost.setEntity(new StringEntity(documentToString(idpRequest)));

-			httpPost.setHeader("Accept", "text/html; application/vnd.paos+xml");

-			httpPost.setHeader("PAOS", "ver='urn:liberty:paos:2003-08';'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'");

-			httpPost.setHeader("Content-Type", "application/vnd.paos+xml");

+			//httpPost.setHeader("Accept", "text/xml, text/html, application/vnd.paos+xml, application/soap+xml, text/xml, */*;q=0.1");

+			//httpPost.setHeader("PAOS", "ver='urn:liberty:paos:2003-08';'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'");

+			httpPost.setHeader("Content-Type", "text/xml; charset=utf-8");

 			httpResponse = client.execute(httpPost);

 			

 			if (httpResponse.getStatusLine().getStatusCode() == HttpStatus.SC_UNAUTHORIZED) {