Improve sample project

Author: pitbulk

samples/java-saml-jspsample/src/main/webapp/acs.jsp

@@ -1,4 +1,5 @@
 <%@page import="com.onelogin.saml2.Auth"%>
+<%@page import="com.onelogin.saml2.servlet.ServletUtils"%>
 <%@page import="java.util.Collection"%>
 <%@page import="java.util.HashMap"%>
 <%@page import="java.util.List"%>
@@ -25,21 +26,21 @@
 <body>
 	<div class="container">
     	<h1>A Java SAML Toolkit by OneLogin demo</h1>
-    	
+
     	<!--  TODO Session support  --> 
-    	
+
 	<%
 		Auth auth = new Auth(request, response);
 		auth.processResponse();
 
 		if (!auth.isAuthenticated()) {
 			out.println("<div class=\"alert alert-danger\" role=\"alert\">Not authenticated</div>");
 		}
-		
+
 		List<String> errors = auth.getErrors();
-    	out.println("<p>" + StringUtils.join(errors, ", ") + "</p>");
-		
+
 	    if (!errors.isEmpty()) {
+	    	out.println("<p>" + StringUtils.join(errors, ", ") + "</p>");
 	    	if (auth.isDebugActive()) {
 	    		String errorReason = auth.getLastErrorReason();
 	    		if (errorReason != null && !errorReason.isEmpty()) {
@@ -50,45 +51,54 @@
 	    } else {
 			Map<String, List<String>> attributes = auth.getAttributes();
 			String nameId = auth.getNameId();
-			
+
 			session.setAttribute("attributes", attributes);
 			session.setAttribute("nameId", nameId);
-			
-			if (attributes.isEmpty()) {
-	%>
-				<div class="alert alert-danger" role="alert">You don't have any attributes</div>
-	<%							
-			}
-			else {
-    %>
-        		<table class="table table-striped">
-      				<thead>
-        				<th>Name</th>
-        				<th>Values</th>
-      				</thead>
-      				<tbody>
-    <%				
-				Collection<String> keys = attributes.keySet();
-				for(String name :keys){
-					out.println("<tr><td>" + name + "</td><td>");
-					List<String> values = attributes.get(name);
-					for(String value :values) {
-						out.println("<li>" + value + "</li>");
+
+			String relayState = request.getParameter("RelayState");
+
+			if (relayState != null && relayState != ServletUtils.getSelfRoutedURLNoQuery(request) &&
+				!relayState.contains("/dologin.jsp") ) { // We don't want to be redirected to login.jsp neither
+				response.sendRedirect(request.getParameter("RelayState"));
+			} else {
+				
+
+				if (attributes.isEmpty()) {
+		%>
+					<div class="alert alert-danger" role="alert">You don't have any attributes</div>
+		<%							
+				}
+				else {
+	    %>
+	        		<table class="table table-striped">
+	      				<thead>
+	        				<th>Name</th>
+	        				<th>Values</th>
+	      				</thead>
+	      				<tbody>
+	    <%				
+					Collection<String> keys = attributes.keySet();
+					for(String name :keys){
+						out.println("<tr><td>" + name + "</td><td>");
+						List<String> values = attributes.get(name);
+						for(String value :values) {
+							out.println("<li>" + value + "</li>");
+						}
+	
+						out.println("</td></tr>");
 					}
-					
-					out.println("</td></tr>");
+		%>
+						</tbody>
+					</table>
+		<%				
 				}
-	%>
-					</tbody>
-				</table>
-	<%				
+		%>
+				<a href="attrs.jsp" class="btn btn-primary">See user data stored at session</a>
+				<a href="dologout.jsp" class="btn btn-primary">Logout</a>
+		<%
 			}
-	%>
-			<a href="attrs.jsp" class="btn btn-primary">See user data stored at session</a>
-			<a href="dologout.jsp" class="btn btn-primary">Logout</a>
-	<%
 		}
-	%>
+		%>
 	</div>
 </body>
 </html>

samples/java-saml-jspsample/src/main/webapp/dologin.jsp

@@ -8,7 +8,12 @@
 <body>
 	<%
 		Auth auth = new Auth(request, response);
-		auth.login();
+		if (request.getParameter("attrs") == null) {
+			auth.login();
+		} else {
+			String x = request.getPathInfo();
+			auth.login("/java-saml-tookit-jspsample/attrs.jsp");
+		}
 	%>
 </body>
 </html>

samples/java-saml-jspsample/src/main/webapp/index.jsp

@@ -20,6 +20,7 @@
 	<div class="container">
     	<h1>A Java SAML Toolkit by OneLogin demo</h1>
 		<a href="dologin.jsp" class="btn btn-primary">Login</a>
+		<a href="dologin.jsp?attrs=1" class="btn btn-primary">Login and access to attrs.jsp page </a>
 	</div>
 </body>
 </html>