I am a college student trying to implement a service provider plugin for WebSSO in java. I am using Shibboleth IdP as identity provider. I have been able to send the authentication request to IdP and is successfully receiving the response from IdP through a servlet. I tried decoding the response and was able to get the XMLObject. Now the issue is that the response is encrypted. So when I am using
Assertion assertion = response.getAssertions().get(0);
It basically returns null. But when I am using
Assertion assertion = response.getEncryptedAssertions().get(0);
It is not null. So it basically means that the response is encrypted. Now I don't know the flow of how to decrypt the SAMLReponse. Any pointer, code or suggestion is welcome.
You can use something like this(replace yourCredential with your Credential object):
StaticKeyInfoCredentialResolver keyresolver =
new StaticKeyInfoCredentialResolver(yourCredential);
Decrypter samlDecrypter = new Decrypter(null, keyresolver, new InlineEncryptedKeyResolver());
Assertion assertion = samlDecrypter.decrypt(response.getEncryptedAssertions().get(0));
If your scenario is more complicated, a more detailed example can be found here on shibboleth's wiki: Link