1. 首頁
  2. 問答
  3. 與SalesForce公司

與SalesForce公司

2012-09-05 277 views
3

有效SAML2.0斷言invalid_grant錯誤,我試圖實現SSO使用OpenSAML SalesForce公司。我的代碼生成有效的SAML斷言,由salesforce SAML驗證器驗證。但是,當我嘗試發送斷言到Salesforce,我總是得到這個錯誤:與SalesForce公司

{"error_uri":"https://na4.salesforce.comnull/setup/secur/SAMLValidationPage.apexp","error":"invalid_grant","error_description":"invalid assertion"}

我使用folloving代碼發送請求到Salesforce:

SAMLResponseGenerator responseGenerator = new SalesforceSAMLResponseGenerator(container, strIssuer, strNameID, strNameQualifier, sessionId); 

    String samlAssertion = Base64.encodeBase64String(responseGenerator.generateSAMLAssertionString()); 
    try { 
     HttpClient httpClient = createHttpClient(); 
     HttpPost httpPost = new HttpPost("https://login.salesforce.com/services/oauth2/token"); 
     MultipartEntity entity = new MultipartEntity(HttpMultipartMode.BROWSER_COMPATIBLE); 
     entity.addPart("grant_type", new StringBody("assertion")); 
     entity.addPart("assertion_type", new StringBody("urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser")); 
     entity.addPart("assertion", new StringBody(samlAssertion)); 
     httpPost.setEntity(entity); 
     HttpResponse httpResponse = httpClient.execute(httpPost); 

     // Get the response 
     BufferedReader rd = new BufferedReader(new InputStreamReader(httpResponse.getEntity().getContent())); 
     StringBuffer buffer = new StringBuffer(); 
     String line = null; 
     while ((line = rd.readLine()) != null) { 
      buffer.append(line); 
      buffer.append("\n"); 
     } 
     rd.close(); 
     httpClient.getConnectionManager().shutdown(); 
     System.out.println(buffer.toString()); 
    } catch (Exception e) { 
     // TODO Auto-generated catch block 
     e.printStackTrace(); 
    }

我發生器產生有效的SAML(如果我可以信任銷售人員SAML驗證器結果)。 似乎salesforce不能解碼斷言,因爲當我發送隨機數據而不是samlAssertion時,我收到了相同的錯誤消息。

我還試圖用Base64.encodeBase64URLSafeString()來編碼,但沒有積極的成果。

任何人都可以幫助我解決這個問題嗎?

來源

2012-09-05 Eugene Burtsev

回答

2

我的問題的解決方案非常簡單。不信任SalesForce的文檔,只信任protocol specs :) 根據規格,我需要在SAMLResponse參數中發送Base64編碼的SAML。就這些。

我使用下面的代碼所示的解決方案:

HttpClient httpClient = initHttpClient(); 
    HttpPost httpPost = new HttpPost("https://login.salesforce.com/"); 
    MultipartEntity entity = new MultipartEntity(HttpMultipartMode.STRICT); 
    entity.addPart("SAMLResponse", new StringBody(Base64.encodeBase64String(samlAssertion))); 
    httpPost.setEntity(entity); 
    HttpResponse httpResponse = httpClient.execute(httpPost); 

    Header location = httpResponse.getFirstHeader("Location"); 
    if (null != location) { 
     System.out.println(location.getValue()); 
    }

來源

2012-09-06 10:50:15

+0

有沒有在我的代碼相同,使用的HttpClient和HttpPost,但收到同樣的錯誤 –

相關問題

 相關問題