use of javax.xml.soap.SOAPHeaderElement in project keycloak by keycloak.
the class SAMLServletAdapterTest method testSuccessfulEcpFlow.
@Test
public void testSuccessfulEcpFlow() throws Exception {
Response authnRequestResponse = AdminClientUtil.createResteasyClient().target(ecpSPPage.toString()).request().header("Accept", "text/html; application/vnd.paos+xml").header("PAOS", "ver='urn:liberty:paos:2003-08' ;'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'").get();
SOAPMessage authnRequestMessage = MessageFactory.newInstance().createMessage(null, new ByteArrayInputStream(authnRequestResponse.readEntity(byte[].class)));
// printDocument(authnRequestMessage.getSOAPPart().getContent(), System.out);
Iterator<javax.xml.soap.Node> it = authnRequestMessage.getSOAPHeader().<SOAPHeaderElement>getChildElements(new QName("urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp", "Request"));
SOAPHeaderElement ecpRequestHeader = (SOAPHeaderElement) it.next();
NodeList idpList = ecpRequestHeader.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:protocol", "IDPList");
Assert.assertThat("No IDPList returned from Service Provider", idpList.getLength(), is(1));
NodeList idpEntries = idpList.item(0).getChildNodes();
Assert.assertThat("No IDPEntry returned from Service Provider", idpEntries.getLength(), is(1));
String singleSignOnService = null;
for (int i = 0; i < idpEntries.getLength(); i++) {
Node item = idpEntries.item(i);
NamedNodeMap attributes = item.getAttributes();
Node location = attributes.getNamedItem("Loc");
singleSignOnService = location.getNodeValue();
}
Assert.assertThat("Could not obtain SSO Service URL", singleSignOnService, notNullValue());
Document authenticationRequest = authnRequestMessage.getSOAPBody().getFirstChild().getOwnerDocument();
String username = "pedroigor";
String password = "password";
String pair = username + ":" + password;
String authHeader = "Basic " + Base64.encodeBytes(pair.getBytes());
Response authenticationResponse = AdminClientUtil.createResteasyClient().target(singleSignOnService).request().header(HttpHeaders.AUTHORIZATION, authHeader).post(Entity.entity(DocumentUtil.asString(authenticationRequest), "text/xml"));
Assert.assertThat(authenticationResponse.getStatus(), is(OK.getStatusCode()));
SOAPMessage responseMessage = MessageFactory.newInstance().createMessage(null, new ByteArrayInputStream(authenticationResponse.readEntity(byte[].class)));
// printDocument(responseMessage.getSOAPPart().getContent(), System.out);
SOAPHeader responseMessageHeaders = responseMessage.getSOAPHeader();
NodeList ecpResponse = responseMessageHeaders.getElementsByTagNameNS(JBossSAMLURIConstants.ECP_PROFILE.get(), JBossSAMLConstants.RESPONSE__ECP.get());
Assert.assertThat("No ECP Response", ecpResponse.getLength(), is(1));
Node samlResponse = responseMessage.getSOAPBody().getFirstChild();
Assert.assertThat(samlResponse, notNullValue());
ResponseType responseType = (ResponseType) SAMLParser.getInstance().parse(samlResponse);
StatusCodeType statusCode = responseType.getStatus().getStatusCode();
Assert.assertThat(statusCode.getValue().toString(), is(JBossSAMLURIConstants.STATUS_SUCCESS.get()));
Assert.assertThat(responseType.getDestination(), is(ecpSPPage.toString()));
Assert.assertThat(responseType.getSignature(), notNullValue());
Assert.assertThat(responseType.getAssertions().size(), is(1));
SOAPMessage samlResponseRequest = MessageFactory.newInstance().createMessage();
samlResponseRequest.getSOAPBody().addDocument(responseMessage.getSOAPBody().extractContentAsDocument());
ByteArrayOutputStream os = new ByteArrayOutputStream();
samlResponseRequest.writeTo(os);
Response serviceProviderFinalResponse = AdminClientUtil.createResteasyClient().target(responseType.getDestination()).request().post(Entity.entity(os.toByteArray(), "application/vnd.paos+xml"));
Map<String, NewCookie> cookies = serviceProviderFinalResponse.getCookies();
Invocation.Builder resourceRequest = AdminClientUtil.createResteasyClient().target(responseType.getDestination()).request();
for (NewCookie cookie : cookies.values()) {
resourceRequest.cookie(cookie);
}
Response resourceResponse = resourceRequest.get();
Assert.assertThat(resourceResponse.readEntity(String.class), containsString("pedroigor"));
}
Aggregations