comments added to sample code

Author: Christian Pedersen

com/onelogin/AccountSettings.java

@@ -13,7 +13,7 @@ public void setCertificate(String certificate) {
 	public String getIdp_sso_target_url() {
 		return idp_sso_target_url;
 	}
-	public void setIdp_sso_target_url(String idp_sso_target_url) {
+	public void setIdpSsoTargetUrl(String idp_sso_target_url) {
 		this.idp_sso_target_url = idp_sso_target_url;
 	}
 }

sample/consume.jsp

@@ -19,14 +19,16 @@
     "qdt/19BZrpm7zZI6BWzQKimTLS0gYpgkqbreoKK+AdbbwtyXAgMBAAEwAwYBAAMB"+
     "AA==";
 
+  // user account specific settings. Import the certificate here
   AccountSettings accountSettings = new AccountSettings();
   accountSettings.setCertificate(certificateS);
 
   Response samlResponse = new Response(accountSettings);
   samlResponse.loadXmlFromBase64(request.getParameter("SAMLResponse"));
 
-  if(samlResponse.isValid()){
+  if (samlResponse.isValid()) {
 
+    // the signature of the SAML Response is valid. The source is trusted
   	java.io.PrintWriter writer = response.getWriter();
   	writer.write("OK!");
   	String nameId = samlResponse.getNameId();
@@ -35,6 +37,7 @@
 	
   } else {
 
+    // the signature of the SAML Response is not valid
   	java.io.PrintWriter writer = response.getWriter();
   	writer.write("Failed");
   	writer.flush();

sample/index.jsp

@@ -7,17 +7,29 @@
 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
 <title>Auth Request</title>
 <%
+
+  // the appSettings object contain application specific settings used by the SAML library
   AppSettings appSettings = new AppSettings();
+
+  // set the URL of the consume.jsp (or similar) file for this app. The SAML Response will be posted to this URL
   appSettings.setAssertionConsumerServiceUrl("http://68.169.49.120:8080/testOneLogin/consume.jsp");
-  appSettings.setIssuer("user@onelogin.com");
+
+  // set the issuer of the authentication request. This would usually be the URL of the issuing web application
+  appSettings.setIssuer("https://www.mywebapp.com");
+  
+  // the accSettings object contains settings specific to the users account. 
+  // At this point, your application must have identified the users origin
   AccountSettings accSettings = new AccountSettings();
-  accSettings.setIdp_sso_target_url("https://app.onelogin.com/saml/signon/20956");
+
+  // The URL at the Identity Provider where to the authentication request should be sent
+  accSettings.setIdpSsoTargetUrl("https://app.onelogin.com/saml/signon/20956");
+  
+  // Generate an AuthRequest and send it to the identity provider
   AuthRequest authReq = new AuthRequest(appSettings, accSettings);
   String reqString = accSettings.getIdp_sso_target_url()+"?SAMLRequest=" + AuthRequest.getRidOfCRLF(URLEncoder.encode(authReq.getRequest(AuthRequest.base64),"UTF-8"));
   response.sendRedirect(reqString);
 %>
 </head>
 <body>
-
 </body>
 </html>