Wednesday, March 10, 2021

SignOn PeopleCode: Deflate + Base64 Encode (SAML Request)

Often, I hear questions about PeopleSoft's support for SAML, OAuth or other types of SSO. I have also seen some bolt-on solutions that are available for purchase. My thoughts on this age old question is as follows:

Signon PeopleCode + SetAuthenticationResult Function + PeopleCode Java Functions

Signon PeopleCode is incredibly flexible and allows us to build any custom SSO integration that might be unique to our requirements. Couple this with the built in SetAuthenticationResult function (to manage redirects and authentication) and PeopleCode Java functions, we have everything that we need to develop an integration with any SSO solution.

Working on PeopleSoft SSO implementations is interesting. No matter what standard or tailored solution we choose, there is always something unique with each environment. I plan to write more follow-up posts on this topic! Stay tuned.

This brings my focus to the purpose of this particular post. A SignOn PeopleCode requirement that was brought to my attention by Diego De Boni - a colleague (and a new friend) in the PeopleSoft community!

The requirement is to Deflate and Base64 encode a string (in this case a SAML Request) in SignOn PeopleCode. This is where PeopleCode Java functions come in handy!

Useful Resources:
What is SAML and how does it work?
SAML Developer Tools - Deflate + Base64 Encode SAML Message

Here is an example of a simple string "ABCDE" that is deflated and Base64 encoded. This string could be replaced with a SAML Request for real use cases.

Before I could come up with a solution, Diego beat me to it and found a way to achieve the Deflate + Base64 encoding using Java in Signon PeopleCode. I asked his permission to share the following sample code as it will help many others in the community. More importantly, it shows the power of this formula:

Signon PeopleCode + SetAuthenticationResult Function + PeopleCode Java Functions

Signon PeopleCode Snippet

I look forward to your comments and feedback (please use the comments section).

3 comments:

  1. How about using open source CAS? Fairly simple and 10 line of Peoplecode calling CAS Java classes will do it.

    ReplyDelete
    Replies
    1. CAS is a SSO solution. Yes, SSO using (native CAS) is relatively easy but will still involve PeopleCode Java classes. However, CAS also has an option to use SAML.

      The example in this post is just to demonstrate how we can deflate + base64 encode a SAML request. Also, this example (i.e., creation of SAML request) is only a part of the bigger SSO puzzle. This is not the entire solution for SAML based SSO in PeopleSoft.

      Delete
  2. You may find some documentation on SAML SSO within PeopleSoft here:

    https://github.com/peoplesoft-info/peoplesoft-azure-sso

    ReplyDelete