diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostDecoder.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostDecoder.java index 6bfb03b20..fcd174f97 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostDecoder.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostDecoder.java @@ -28,6 +28,7 @@ import org.opensaml.xml.parse.ParserPool; import org.opensaml.xml.util.DatatypeHelper; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.security.web.util.UrlUtils; public class OpenHTTPPostDecoder extends HTTPPostDecoder { private final Logger log = LoggerFactory.getLogger(OpenHTTPPostDecoder.class); @@ -108,14 +109,15 @@ public class OpenHTTPPostDecoder extends HTTPPostDecoder { if (!(inTransport instanceof HttpServletRequestAdapter)) { throw new MessageDecodingException("Message context InTransport instance was an unsupported type"); } - HttpServletRequest httpRequest = ((HttpServletRequestAdapter) inTransport).getWrappedRequest(); + HttpServletRequest httpRequest = + ((HttpServletRequestAdapter) inTransport).getWrappedRequest(); - StringBuffer urlBuilder = httpRequest.getRequestURL(); - - String tempUrl = urlBuilder.toString(); - // 从http协议头开始,跳过前面两个斜杠 - tempUrl = tempUrl.substring(tempUrl.indexOf("/", 8) + 1); - return receiverEndpoint + tempUrl; + String requestUrl = UrlUtils.buildFullRequestUrl(httpRequest); + if(requestUrl.indexOf("?") > -1) { + return requestUrl.substring(0, requestUrl.indexOf("?")); + }else { + return requestUrl; + } } /** diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostSimpleSignDecoder.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostSimpleSignDecoder.java index bacdc9020..b29a8a30b 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostSimpleSignDecoder.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPPostSimpleSignDecoder.java @@ -28,6 +28,7 @@ import org.opensaml.xml.parse.ParserPool; import org.opensaml.xml.util.DatatypeHelper; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.security.web.util.UrlUtils; public class OpenHTTPPostSimpleSignDecoder extends HTTPPostSimpleSignDecoder { private final Logger log = LoggerFactory.getLogger(OpenHTTPPostSimpleSignDecoder.class); @@ -113,14 +114,15 @@ public class OpenHTTPPostSimpleSignDecoder extends HTTPPostSimpleSignDecoder { if (!(inTransport instanceof HttpServletRequestAdapter)) { throw new MessageDecodingException("Message context InTransport instance was an unsupported type"); } - HttpServletRequest httpRequest = ((HttpServletRequestAdapter) inTransport).getWrappedRequest(); + HttpServletRequest httpRequest = + ((HttpServletRequestAdapter) inTransport).getWrappedRequest(); - StringBuffer urlBuilder = httpRequest.getRequestURL(); - - String tempUrl = urlBuilder.toString(); - // 从http协议头开始,跳过前面两个斜杠 - tempUrl = tempUrl.substring(tempUrl.indexOf("/", 8) + 1); - return receiverEndpoint + tempUrl; + String requestUrl = UrlUtils.buildFullRequestUrl(httpRequest); + if(requestUrl.indexOf("?") > -1) { + return requestUrl.substring(0, requestUrl.indexOf("?")); + }else { + return requestUrl; + } } /** diff --git a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPRedirectDecoder.java b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPRedirectDecoder.java index 4e883dbf6..69906828f 100644 --- a/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPRedirectDecoder.java +++ b/maxkey-protocols/maxkey-protocol-saml-2.0/src/main/java/org/maxkey/authz/saml20/binding/decoder/OpenHTTPRedirectDecoder.java @@ -28,6 +28,7 @@ import org.opensaml.xml.parse.ParserPool; import org.opensaml.xml.util.DatatypeHelper; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.security.web.util.UrlUtils; public class OpenHTTPRedirectDecoder extends HTTPRedirectDeflateDecoder { private final Logger log = LoggerFactory.getLogger(OpenHTTPRedirectDecoder.class); @@ -121,15 +122,14 @@ public class OpenHTTPRedirectDecoder extends HTTPRedirectDeflateDecoder { throw new MessageDecodingException( "Message context InTransport instance was an unsupported type"); } - HttpServletRequest httpRequest = ((HttpServletRequestAdapter) inTransport) - .getWrappedRequest(); - - StringBuffer urlBuilder = httpRequest.getRequestURL(); - - String tempUrl = urlBuilder.toString(); - // 从http协议头开始,跳过前面两个斜杠 - tempUrl = tempUrl.substring(tempUrl.indexOf("/", 8) + 1); - return receiverEndpoint + tempUrl; + HttpServletRequest httpRequest = + ((HttpServletRequestAdapter) inTransport).getWrappedRequest(); + String requestUrl = UrlUtils.buildFullRequestUrl(httpRequest); + if(requestUrl.indexOf("?") > -1) { + return requestUrl.substring(0, requestUrl.indexOf("?")); + }else { + return requestUrl; + } } /** diff --git a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/apps/contorller/BaseAppContorller.java b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/apps/contorller/BaseAppContorller.java index d827dc1da..d4e7caca7 100644 --- a/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/apps/contorller/BaseAppContorller.java +++ b/maxkey-webs/maxkey-web-mgt/src/main/java/org/maxkey/web/apps/contorller/BaseAppContorller.java @@ -20,7 +20,6 @@ */ package org.maxkey.web.apps.contorller; -import org.maxkey.constants.ConstsProtocols; import org.maxkey.crypto.password.PasswordReciprocal; import org.maxkey.entity.apps.Apps; import org.maxkey.persistence.service.AppsService;