如何使用ColdFusion生成saml响应
我有公钥、私钥和证书文件 我想创建rsh sha1算法,用于创建签名和摘要值 这是我的密码如何使用ColdFusion生成saml响应,coldfusion,dropbox,saml-2.0,cfml,lucee,Coldfusion,Dropbox,Saml 2.0,Cfml,Lucee,我有公钥、私钥和证书文件 我想创建rsh sha1算法,用于创建签名和摘要值 这是我的密码 <cfscript> var samlData = { NotBefore = DateFormat(DateConvert('local2utc',Now()),'YYYY-MM-DDT') & TimeFormat(DateConvert('local2utc',DateAdd('n',-1,Now())),'HH:mm:SSZ') ,NotAfter = Dat
<cfscript>
var samlData =
{
NotBefore = DateFormat(DateConvert('local2utc',Now()),'YYYY-MM-DDT') & TimeFormat(DateConvert('local2utc',DateAdd('n',-1,Now())),'HH:mm:SSZ')
,NotAfter = DateFormat(DateConvert('local2utc',DateAdd('n',1,Now())),'YYYY-MM-DDT') & TimeFormat(DateConvert('local2utc',DateAdd('n',1,Now())),'HH:mm:SSZ')
,assertionId = createUUID()
,IDPDomain = "xxx.com"
,Issuer = "xxx"
,SPService = "dropbox"
,SPDomain = "dropbox.com"
,email = "xxxx@gmail.com"
,name = "xxxxx"
,Destination="https://www.dropbox.com/saml_login"
};
</cfscript>
<cfoutput>
<cfxml variable="samlAssertionXML">
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="#samlData['Destination']#" ID="#samlData['assertionId']#" IssueInstant="#samlData['NotBefore']#" Version="2.0" >
<saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" >#samlData['Issuer']#</saml2:Issuer>
<saml2p:Status>
<saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
</saml2p:Status>
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="#createUUID()#" IssueInstant="#samlData['NotBefore']#" Version="2.0" >
<saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">#samlData['Issuer']#</saml2:Issuer>
<saml2:Subject>
<saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress">#samlData['email']#</saml2:NameID>
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml2:SubjectConfirmationData NotOnOrAfter="#samlData['NotAfter']#" Recipient="#samlData['Destination']#" />
</saml2:SubjectConfirmation>
</saml2:Subject>
<saml2:Conditions NotBefore="#samlData['NotBefore']#" NotOnOrAfter="#samlData['NotAfter']#" >
<saml2:AudienceRestriction>
<saml2:Audience>#samlData['SPService']#</saml2:Audience>
</saml2:AudienceRestriction>
</saml2:Conditions>
<saml2:AuthnStatement AuthnInstant="#samlData['NotBefore']#" SessionIndex="997f3463-8d81-4fac-ab8c-916fdc04898b" >
<saml2:AuthnContext>
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
</saml2:AuthnContext>
</saml2:AuthnStatement>
</saml2:Assertion>
</saml2p:Response>
</cfxml>
</cfoutput>
<cfset samlXML = ToString(samlAssertionXML)>
<cfset samlResponce = replaceNoCase(samlXML, '+0000', "Z","all")>
<cfset samlXML = replaceNoCase(samlXML, '<?xml version="1.0" encoding="UTF-8"?>', "")>
<cfdump var="#samlXML#" />
<cfoutput>
<form method="post" action="https://www.dropbox.com/saml_login">
<input type="hidden" name="RelayState" value="">
<input type="hidden" name="SAMLResponse" value="#toBase64(samlXML)#">
<input type="submit" name="submit" vaule="submit">
</form>
</cfoutput>
变量samlData=
{
NotBefore=DateFormat(DateConvert('local2utc',Now()),'YYYY-MM-DDT')和TimeFormat(DateConvert('local2utc',DateAdd('n',-1,Now()),'HH:MM:SSZ'))
,NotAfter=DateFormat(DateConvert('local2utc',DateAdd('n',1,Now()),'YYYY-MM-DDT')和TimeFormat(DateConvert('local2utc',DateAdd('n',1,Now()),'HH:MM:SSZ'))
,断言ID=createUUID()
,IDPDomain=“xxx.com”
,Issuer=“xxx”
,SPService=“dropbox”
,SPDomain=“dropbox.com”
,电邮=”xxxx@gmail.com"
,name=“xxxxx”
,目的地=”https://www.dropbox.com/saml_login"
};
#samlData[“发行人”]#
#samlData[“发行人”]#
#samlData['email']#
#samlData['SPService']#
urn:oasis:name:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
你做了什么测试?@TRose我尝试在我的web应用程序中集成dropbox sso。你做了什么测试?@TRose我尝试在我的web应用程序中集成dropbox sso