Examples with AttributeType org.keycloak.dom.saml.v2.assertion.AttributeType used on opensource projects

Search in sources :

Example 26 with AttributeType

use of org.keycloak.dom.saml.v2.assertion.AttributeType in project keycloak by keycloak.

the class SAMLAttributeParser method instantiateElement.

@Override
protected AttributeType instantiateElement(XMLEventReader xmlEventReader, StartElement element) throws ParsingException {
    String name = StaxParserUtil.getRequiredAttributeValue(element, SAMLMetadataQNames.ATTR_NAME);
    final AttributeType attribute = new AttributeType(name);
    attribute.setFriendlyName(StaxParserUtil.getAttributeValue(element, SAMLMetadataQNames.ATTR_FRIENDLY_NAME));
    attribute.setNameFormat(StaxParserUtil.getAttributeValue(element, SAMLMetadataQNames.ATTR_NAME_FORMAT));
    final String x500Encoding = StaxParserUtil.getAttributeValue(element, SAMLMetadataQNames.ATTR_X500_ENCODING);
    if (x500Encoding != null) {
        attribute.getOtherAttributes().put(SAMLMetadataQNames.ATTR_X500_ENCODING.getQName(), x500Encoding);
    }
    return attribute;
}
Also used : AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)

Example 27 with AttributeType

use of org.keycloak.dom.saml.v2.assertion.AttributeType in project keycloak by keycloak.

the class SAMLLoginResponseHandlingTest method testNilAttributeValueAttribute.

@Test
public void testNilAttributeValueAttribute() {
    beginAuthenticationAndLogin(employee2ServletPage, SamlClient.Binding.POST).processSamlResponse(// Update response with Nil attribute
    SamlClient.Binding.POST).transformObject(ob -> {
        assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
        ResponseType resp = (ResponseType) ob;
        Set<StatementAbstractType> statements = resp.getAssertions().get(0).getAssertion().getStatements();
        AttributeStatementType attributeType = (AttributeStatementType) statements.stream().filter(statement -> statement instanceof AttributeStatementType).findFirst().orElse(new AttributeStatementType());
        AttributeType attr = new AttributeType("attribute-with-null-attribute-value");
        attr.addAttributeValue(null);
        attributeType.addAttribute(new AttributeStatementType.ASTChoiceType(attr));
        resp.getAssertions().get(0).getAssertion().addStatement(attributeType);
        return ob;
    }).build().navigateTo(employee2ServletPage.getUriBuilder().clone().path("getAttributes").build()).execute(response -> {
        Assert.assertThat(response, statusCodeIsHC(Response.Status.OK));
        Assert.assertThat(response, bodyHC(containsString("attribute-with-null-attribute-value: <br />")));
    });
}
Also used : AttributeStatementHelper(org.keycloak.protocol.saml.mappers.AttributeStatementHelper) AbstractSamlTest(org.keycloak.testsuite.saml.AbstractSamlTest) WaitUtils.waitUntilElement(org.keycloak.testsuite.util.WaitUtils.waitUntilElement) RoleListMapper(org.keycloak.protocol.saml.mappers.RoleListMapper) Matchers.statusCodeIsHC(org.keycloak.testsuite.util.Matchers.statusCodeIsHC) X500SAMLProfileConstants(org.keycloak.saml.processing.core.saml.v2.constants.X500SAMLProfileConstants) HashMap(java.util.HashMap) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) Matchers.bodyHC(org.keycloak.testsuite.util.Matchers.bodyHC) AdapterActionsFilter(org.keycloak.testsuite.adapter.filter.AdapterActionsFilter) Page(org.jboss.arquillian.graphene.page.Page) REALM_PUBLIC_KEY(org.keycloak.testsuite.saml.AbstractSamlTest.REALM_PUBLIC_KEY) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) REALM_PRIVATE_KEY(org.keycloak.testsuite.saml.AbstractSamlTest.REALM_PRIVATE_KEY) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) LinkedHashMap(java.util.LinkedHashMap) Assert.assertThat(org.junit.Assert.assertThat) EmployeeSigServlet(org.keycloak.testsuite.adapter.page.EmployeeSigServlet) Document(org.w3c.dom.Document) Map(java.util.Map) SamlClient(org.keycloak.testsuite.util.SamlClient) ContainerConstants(org.keycloak.testsuite.utils.arquillian.ContainerConstants) URI(java.net.URI) ClientResource(org.keycloak.admin.client.resource.ClientResource) ApiUtil(org.keycloak.testsuite.admin.ApiUtil) WaitUtils(org.keycloak.testsuite.util.WaitUtils) WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive) ProtocolMappersResource(org.keycloak.admin.client.resource.ProtocolMappersResource) Matchers(org.keycloak.testsuite.util.Matchers) JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants) By(org.openqa.selenium.By) Set(java.util.Set) Test(org.junit.Test) Employee2Servlet(org.keycloak.testsuite.adapter.page.Employee2Servlet) WaitUtils.waitForPageToLoad(org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad) ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) URLAssert.assertCurrentUrlStartsWith(org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith) Response(javax.ws.rs.core.Response) Deployment(org.jboss.arquillian.container.test.api.Deployment) StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType) AppServerContainer(org.keycloak.testsuite.arquillian.annotation.AppServerContainer) ApiUtil.getCreatedId(org.keycloak.testsuite.admin.ApiUtil.getCreatedId) Assert(org.junit.Assert) PublicKeyLocator(org.keycloak.adapters.rotation.PublicKeyLocator) Matchers.containsString(org.hamcrest.Matchers.containsString) UIUtils.getRawPageSource(org.keycloak.testsuite.util.UIUtils.getRawPageSource) SAML2ErrorResponseBuilder(org.keycloak.saml.SAML2ErrorResponseBuilder) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) Set(java.util.Set) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) AbstractSamlTest(org.keycloak.testsuite.saml.AbstractSamlTest) Test(org.junit.Test)

Example 28 with AttributeType

use of org.keycloak.dom.saml.v2.assertion.AttributeType in project keycloak by keycloak.

the class RoleMapperTest method testExpectedRoles.

public void testExpectedRoles(String clientId, String... expectedRoles) {
    SAMLDocumentHolder document = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), clientId, SAML_ASSERTION_CONSUMER_URL_EMPLOYEE_2, Binding.POST).build().login().user(bburkeUser).build().getSamlResponse(Binding.POST);
    assertThat(document.getSamlObject(), Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
    Stream<AssertionType> assertions = assertionsUnencrypted(document.getSamlObject());
    Stream<AttributeType> attributes = attributesUnecrypted(attributeStatements(assertions));
    Set<String> roles = attributes.filter(a -> a.getName().equals(ROLE_ATTRIBUTE_NAME)).flatMap(a -> a.getAttributeValue().stream()).map(Object::toString).collect(Collectors.toSet());
    assertThat(roles, containsInAnyOrder(expectedRoles));
}
Also used : AttributeStatementHelper(org.keycloak.protocol.saml.mappers.AttributeStatementHelper) RoleListMapper(org.keycloak.protocol.saml.mappers.RoleListMapper) ClientAttributeUpdater(org.keycloak.testsuite.updaters.ClientAttributeUpdater) ProtocolMappersUpdater(org.keycloak.testsuite.updaters.ProtocolMappersUpdater) SamlStreams.attributesUnecrypted(org.keycloak.testsuite.util.SamlStreams.attributesUnecrypted) HashMap(java.util.HashMap) RoleNameMapper(org.keycloak.protocol.saml.mappers.RoleNameMapper) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) Assert.assertThat(org.junit.Assert.assertThat) AUTH_SERVER_SSL_REQUIRED(org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SSL_REQUIRED) Map(java.util.Map) After(org.junit.After) SamlStreams.assertionsUnencrypted(org.keycloak.testsuite.util.SamlStreams.assertionsUnencrypted) RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) Before(org.junit.Before) AUTH_SERVER_SCHEME(org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_SCHEME) Matchers(org.keycloak.testsuite.util.Matchers) JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants) RoleScopeUpdater(org.keycloak.testsuite.updaters.RoleScopeUpdater) Set(java.util.Set) SamlProtocol(org.keycloak.protocol.saml.SamlProtocol) IOException(java.io.IOException) Test(org.junit.Test) AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType) Collectors(java.util.stream.Collectors) ProtocolMapperRepresentation(org.keycloak.representations.idm.ProtocolMapperRepresentation) AUTH_SERVER_PORT(org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_PORT) Stream(java.util.stream.Stream) UserAttributeUpdater(org.keycloak.testsuite.updaters.UserAttributeUpdater) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) Binding(org.keycloak.testsuite.util.SamlClient.Binding) SamlStreams.attributeStatements(org.keycloak.testsuite.util.SamlStreams.attributeStatements) Collections(java.util.Collections) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)

Example 29 with AttributeType

use of org.keycloak.dom.saml.v2.assertion.AttributeType in project keycloak by keycloak.

the class GroupMembershipMapper method transformAttributeStatement.

@Override
public void transformAttributeStatement(AttributeStatementType attributeStatement, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, AuthenticatedClientSessionModel clientSession) {
    String single = mappingModel.getConfig().get(SINGLE_GROUP_ATTRIBUTE);
    boolean singleAttribute = Boolean.parseBoolean(single);
    boolean fullPath = useFullPath(mappingModel);
    final AtomicReference<AttributeType> singleAttributeType = new AtomicReference<>(null);
    userSession.getUser().getGroupsStream().forEach(group -> {
        String groupName;
        if (fullPath) {
            groupName = ModelToRepresentation.buildGroupPath(group);
        } else {
            groupName = group.getName();
        }
        AttributeType attributeType;
        if (singleAttribute) {
            if (singleAttributeType.get() == null) {
                singleAttributeType.set(AttributeStatementHelper.createAttributeType(mappingModel));
                attributeStatement.addAttribute(new AttributeStatementType.ASTChoiceType(singleAttributeType.get()));
            }
            attributeType = singleAttributeType.get();
        } else {
            attributeType = AttributeStatementHelper.createAttributeType(mappingModel);
            attributeStatement.addAttribute(new AttributeStatementType.ASTChoiceType(attributeType));
        }
        attributeType.addAttributeValue(groupName);
    });
}
Also used : AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) AtomicReference(java.util.concurrent.atomic.AtomicReference)

Example 30 with AttributeType

use of org.keycloak.dom.saml.v2.assertion.AttributeType in project keycloak by keycloak.

the class RoleListMapper method mapRoles.

@Override
public void mapRoles(AttributeStatementType roleAttributeStatement, ProtocolMapperModel mappingModel, KeycloakSession session, UserSessionModel userSession, ClientSessionContext clientSessionCtx) {
    String single = mappingModel.getConfig().get(SINGLE_ROLE_ATTRIBUTE);
    boolean singleAttribute = Boolean.parseBoolean(single);
    List<SamlProtocol.ProtocolMapperProcessor<SAMLRoleNameMapper>> roleNameMappers = new LinkedList<>();
    AtomicReference<AttributeType> singleAttributeType = new AtomicReference<>(null);
    ProtocolMapperUtils.getSortedProtocolMappers(session, clientSessionCtx).forEach(entry -> {
        ProtocolMapperModel mapping = entry.getKey();
        ProtocolMapper mapper = entry.getValue();
        if (mapper instanceof SAMLRoleNameMapper) {
            roleNameMappers.add(new SamlProtocol.ProtocolMapperProcessor<>((SAMLRoleNameMapper) mapper, mapping));
        }
        if (mapper instanceof HardcodedRole) {
            AttributeType attributeType;
            if (singleAttribute) {
                if (singleAttributeType.get() == null) {
                    singleAttributeType.set(AttributeStatementHelper.createAttributeType(mappingModel));
                    roleAttributeStatement.addAttribute(new AttributeStatementType.ASTChoiceType(singleAttributeType.get()));
                }
                attributeType = singleAttributeType.get();
            } else {
                attributeType = AttributeStatementHelper.createAttributeType(mappingModel);
                roleAttributeStatement.addAttribute(new AttributeStatementType.ASTChoiceType(attributeType));
            }
            attributeType.addAttributeValue(mapping.getConfig().get(HardcodedRole.ROLE_ATTRIBUTE));
        }
    });
    List<String> allRoleNames = clientSessionCtx.getRolesStream().map(roleModel -> roleNameMappers.stream().map(entry -> entry.mapper.mapName(entry.model, roleModel)).filter(Objects::nonNull).findFirst().orElse(roleModel.getName())).collect(Collectors.toList());
    for (String roleName : allRoleNames) {
        AttributeType attributeType;
        if (singleAttribute) {
            if (singleAttributeType.get() == null) {
                singleAttributeType.set(AttributeStatementHelper.createAttributeType(mappingModel));
                roleAttributeStatement.addAttribute(new AttributeStatementType.ASTChoiceType(singleAttributeType.get()));
            }
            attributeType = singleAttributeType.get();
        } else {
            attributeType = AttributeStatementHelper.createAttributeType(mappingModel);
            roleAttributeStatement.addAttribute(new AttributeStatementType.ASTChoiceType(attributeType));
        }
        attributeType.addAttributeValue(roleName);
    }
}
Also used : ProtocolMapperModel(org.keycloak.models.ProtocolMapperModel) ProviderConfigProperty(org.keycloak.provider.ProviderConfigProperty) KeycloakSession(org.keycloak.models.KeycloakSession) SamlProtocol(org.keycloak.protocol.saml.SamlProtocol) HashMap(java.util.HashMap) UserSessionModel(org.keycloak.models.UserSessionModel) AtomicReference(java.util.concurrent.atomic.AtomicReference) Collectors(java.util.stream.Collectors) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) ArrayList(java.util.ArrayList) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) Objects(java.util.Objects) List(java.util.List) ClientSessionContext(org.keycloak.models.ClientSessionContext) Map(java.util.Map) ProtocolMapperUtils(org.keycloak.protocol.ProtocolMapperUtils) ProtocolMapper(org.keycloak.protocol.ProtocolMapper) LinkedList(java.util.LinkedList) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) AtomicReference(java.util.concurrent.atomic.AtomicReference) ProtocolMapper(org.keycloak.protocol.ProtocolMapper) SamlProtocol(org.keycloak.protocol.saml.SamlProtocol) LinkedList(java.util.LinkedList) ProtocolMapperModel(org.keycloak.models.ProtocolMapperModel) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) Objects(java.util.Objects)

Aggregations

AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)42 AttributeStatementType (org.keycloak.dom.saml.v2.assertion.AttributeStatementType)24 Test (org.junit.Test)17 AssertionType (org.keycloak.dom.saml.v2.assertion.AssertionType)13 ASTChoiceType (org.keycloak.dom.saml.v2.assertion.AttributeStatementType.ASTChoiceType)12 RequestedAttributeType (org.keycloak.dom.saml.v2.metadata.RequestedAttributeType)10 QName (javax.xml.namespace.QName)9 Element (org.w3c.dom.Element)9 Matchers.containsString (org.hamcrest.Matchers.containsString)8 StatementAbstractType (org.keycloak.dom.saml.v2.assertion.StatementAbstractType)8 ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)8 SAML2Object (org.keycloak.dom.saml.v2.SAML2Object)7 NameIDType (org.keycloak.dom.saml.v2.assertion.NameIDType)7 JBossSAMLURIConstants (org.keycloak.saml.common.constants.JBossSAMLURIConstants)7 SamlClientBuilder (org.keycloak.testsuite.util.SamlClientBuilder)7 URI (java.net.URI)6 HashMap (java.util.HashMap)6 Set (java.util.Set)6 Collectors (java.util.stream.Collectors)6 Assert.assertThat (org.junit.Assert.assertThat)6
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial