3
有效SAML2.0断言invalid_grant错误,我试图实现SSO使用OpenSAML SalesForce公司。我的代码生成有效的SAML断言,由salesforce SAML验证器验证。但是,当我尝试发送断言到Salesforce,我总是得到这个错误:与SalesForce公司
{"error_uri":"https://na4.salesforce.comnull/setup/secur/SAMLValidationPage.apexp","error":"invalid_grant","error_description":"invalid assertion"}
我使用folloving代码发送请求到Salesforce:
SAMLResponseGenerator responseGenerator = new SalesforceSAMLResponseGenerator(container, strIssuer, strNameID, strNameQualifier, sessionId);
String samlAssertion = Base64.encodeBase64String(responseGenerator.generateSAMLAssertionString());
try {
HttpClient httpClient = createHttpClient();
HttpPost httpPost = new HttpPost("https://login.salesforce.com/services/oauth2/token");
MultipartEntity entity = new MultipartEntity(HttpMultipartMode.BROWSER_COMPATIBLE);
entity.addPart("grant_type", new StringBody("assertion"));
entity.addPart("assertion_type", new StringBody("urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser"));
entity.addPart("assertion", new StringBody(samlAssertion));
httpPost.setEntity(entity);
HttpResponse httpResponse = httpClient.execute(httpPost);
// Get the response
BufferedReader rd = new BufferedReader(new InputStreamReader(httpResponse.getEntity().getContent()));
StringBuffer buffer = new StringBuffer();
String line = null;
while ((line = rd.readLine()) != null) {
buffer.append(line);
buffer.append("\n");
}
rd.close();
httpClient.getConnectionManager().shutdown();
System.out.println(buffer.toString());
} catch (Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
我发生器产生有效的SAML(如果我可以信任销售人员SAML验证器结果)。 似乎salesforce不能解码断言,因为当我发送随机数据而不是samlAssertion时,我收到了相同的错误消息。
我还试图用Base64.encodeBase64URLSafeString()来编码,但没有积极的成果。
任何人都可以帮助我解决这个问题吗?
有没有在我的代码相同,使用的HttpClient和HttpPost,但收到同样的错误 –