private AuthenticationInfo processAssertionConsumerService()

in src/main/java/org/apache/sling/auth/saml2/impl/AuthenticationHandlerSAML2Impl.java [231:255]

• 23 lines of code
• 4 McCabe index (conditional complexity)

    private AuthenticationInfo processAssertionConsumerService(final HttpServletRequest httpServletRequest){
        doClassloading();
        MessageContext messageContext = decodeHttpPostSamlResp(httpServletRequest);
        Assertion assertion = null;
        boolean relayStateIsOk = validateRelayState(httpServletRequest, messageContext);
        // If relay state from request == relay state from session))
        if (relayStateIsOk) {
            Response response = (Response) messageContext.getMessage();
            if (this.getSaml2SPEncryptAndSign()) {
                EncryptedAssertion encryptedAssertion = response.getEncryptedAssertions().get(0);
                assertion = decryptAssertion(encryptedAssertion);
                verifyAssertionSignature(assertion);
            } else {
                // Not using encryption
                assertion = response.getAssertions().get(0);
            }
            if (validateSaml2Conditions(httpServletRequest, assertion)) {
                logger.debug("Decrypted Assertion: ");
                User extUser = doUserManagement(assertion);
                return this.buildAuthInfo(extUser);
            }
            logger.error("Validation of SubjectConfirmation failed");
        }
        return null;
    }