Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

+ and = chars in Base64 encoded data

Tags:

java

base64

I am converting a SAML XML string into base 64 encoded data and posting from a JSP to Controller in java application. For some reason when I receive the data at the server side all the '+' chars are changed to + and all the '=' chars are changed to = . Please explain what is happening there. For the time being I have written code to find any such strings to replace with + and = chars. Also let me know how can I stop this.

My Code and design is: testSSO.jsp -> TestServletSSO.java -> SSOController.java -> CustomRequestWrapper.java

JSP:

<html>
<title>Test page for SSO</title>
<body>
    <h3>Test page for SSO</h3>
    Please enter SAML in the input box below and submit the page. It will perform SSO with the application. 
    <form id="form1" method="post" action="testsso">
        <TEXTAREA NAME="saml" id="saml" COLS=40 ROWS=6></TEXTAREA>
        <input type="submit" />
    </form>

</body>

</html>

TestServlet.java

package com.testsso;

import java.io.IOException;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

public class TestServletSSO extends HttpServlet {

    /**
     * 
     */
    private static final long serialVersionUID = 1L;

    public void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        CustomRequestWrapper requestWrapper = new CustomRequestWrapper(request);
        RequestDispatcher dispatcher = getServletContext().getRequestDispatcher("/sso/fetchAndRegister");  
        dispatcher.forward(requestWrapper, response);
    }

}

SSOController.java

package com.controller;

import javax.servlet.http.HttpServletRequest;

import org.apache.commons.lang.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationEventPublisher;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.web.authentication.RememberMeServices;
import org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken;
import org.springframework.security.web.context.HttpSessionSecurityContextRepository;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

@RequestMapping("/sso")
public class SSOController {

    @RequestMapping("/fetchAndRegister")
    public ModelAndView fetchAndRegister(HttpServletRequest request) {

        /**
         * This will call CustomRequestWrapper.getHeader() method.
         */
        String authHeaderStr = (String) request
                .getHeader("Authorization");

        
        System.out.println(authHeaderStr); // authHeaderStr has changed here.
        
        UserDetails userDetails = SSOService
                .fetchAndRegister(authHeaderStr);
        login(request, userDetails);
        return new ModelAndView("redirect:/account/eligibility");

    }

CustomRequestWrapper.java:

package com.testsso;

import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletRequestWrapper;

public class CustomRequestWrapper extends HttpServletRequestWrapper {
     
    public CustomRequestWrapper(HttpServletRequest request) {
        super(request);
    }
     
    public String getHeader(String name) {
        //get the request object and cast it
        HttpServletRequest request = (HttpServletRequest)getRequest();
        String value = "";
        
        if ("Authorization".equals(name)){
            value = (String) request.getParameter("saml");
            return value;
        }   
        
        return request.getHeader(name);
    }
}
like image 347
always Avatar asked Oct 20 '25 16:10

always


2 Answers

I had this problem with Handlebars.

var htmlsrc64 = '{{posting.html64}}';

result:

var htmlsrc64 = '... wvZGl2Pgo&#x3D;';

after changing the statement to 3 curly brackets it didn't longer escape the =

var htmlsrc64 = '{{{posting.html64}}}';

result:

var htmlsrc64 = '... wvZGl2Pgo=';
like image 151
werty1st Avatar answered Oct 23 '25 05:10

werty1st


had similar problem, in my case I was updating an html component with a javacript, values in javascript and html seems not to agree on special characters.

this quick trick can help

function htmlDecode(input){
  var e = document.createElement('div');
  e.innerHTML = input;
  return e.childNodes[0].nodeValue;
}
like image 33
AmerS Avatar answered Oct 23 '25 05:10

AmerS



Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!