Example 1 with AuthnContextType
use of org.keycloak.dom.saml.v2.assertion.AuthnContextType in project keycloak by keycloak.
the class SAMLParserTest method testSaml20AssertionsAdviceTag.
@Test
public void testSaml20AssertionsAdviceTag() throws Exception {
Matcher<String>[] ATTR_NAME = new Matcher[] { is("portal_id"), is("organization_id"), is("status"), is("has_sub_organization"), is("anytype_test"), is("anytype_no_xml_test"), is("ssostartpage"), is("logouturl"), is("nil_value_attribute") };
Matcher<List<Object>>[] ATTR_VALUE = new Matcher[] { contains(is("060D00000000SHZ")), contains(is("<n1:elem2 xmlns:n1=\"http://example.net\" xml:lang=\"en\"><n3:stuff xmlns:n3=\"ftp://example.org\">00DD0000000F7L5</n3:stuff></n1:elem2>")), contains(is("<status><code><status>XYZ</status></code></status>")), contains(is("true")), contains(is("<elem1 atttr1=\"en\"><elem2>val2</elem2></elem1>")), contains(is("value_no_xml")), contains(is("http://www.salesforce.com/security/saml/saml20-gen.jsp")), contains(is("http://www.salesforce.com/security/del_auth/SsoLogoutPage.html")), contains(nullValue()) };
AssertionType a = assertParsed("saml20-assertion-advice.xml", AssertionType.class);
assertThat(a.getStatements(), containsInAnyOrder(instanceOf(AuthnStatementType.class), instanceOf(AttributeStatementType.class)));
for (StatementAbstractType statement : a.getStatements()) {
if (statement instanceof AuthnStatementType) {
AuthnStatementType as = (AuthnStatementType) statement;
final AuthnContextType ac = as.getAuthnContext();
assertThat(ac, notNullValue());
assertThat(ac.getSequence(), notNullValue());
assertThat(ac.getSequence().getClassRef().getValue(), is(JBossSAMLURIConstants.AC_UNSPECIFIED.getUri()));
assertThat(ac.getSequence(), notNullValue());
assertThat(ac.getSequence().getAuthnContextDecl(), notNullValue());
assertThat(ac.getSequence().getAuthnContextDecl().getValue(), instanceOf(Element.class));
final Element el = (Element) ac.getSequence().getAuthnContextDecl().getValue();
assertThat(el.getTextContent(), is("auth.weak"));
} else {
AttributeStatementType as = (AttributeStatementType) statement;
assertThat(as.getAttributes(), hasSize(9));
for (int i = 0; i < as.getAttributes().size(); i++) {
AttributeType attr = as.getAttributes().get(i).getAttribute();
assertThat(attr.getName(), ATTR_NAME[i]);
assertThat(attr.getAttributeValue(), ATTR_VALUE[i]);
}
}
}
assertThat(a.getConditions().getConditions(), contains(instanceOf(AudienceRestrictionType.class)));
}
Also used :
AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType)
Matcher(org.hamcrest.Matcher)
RequestedAttributeType(org.keycloak.dom.saml.v2.metadata.RequestedAttributeType)
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
Element(org.w3c.dom.Element)
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
SAML2Object(org.keycloak.dom.saml.v2.SAML2Object)
EncryptedAssertionType(org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
AuthnContextType(org.keycloak.dom.saml.v2.assertion.AuthnContextType)
StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType)
Test(org.junit.Test)
Example 2 with AuthnContextType
use of org.keycloak.dom.saml.v2.assertion.AuthnContextType in project keycloak by keycloak.
the class SAMLParserTest method testSaml20AssertionContents.
@Test
public void testSaml20AssertionContents() throws Exception {
AssertionType a = assertParsed("saml20-assertion-example.xml", AssertionType.class);
assertThat(a.getSubject().getConfirmation(), hasSize(1));
assertThat(a.getSubject().getConfirmation().get(0).getSubjectConfirmationData(), notNullValue());
assertThat(a.getSubject().getConfirmation().get(0).getSubjectConfirmationData().getAnyType(), instanceOf(KeyInfoType.class));
KeyInfoType kit = (KeyInfoType) a.getSubject().getConfirmation().get(0).getSubjectConfirmationData().getAnyType();
assertThat(kit.getContent(), hasItem(instanceOf(RSAKeyValueType.class)));
RSAKeyValueType rsaKit = (RSAKeyValueType) kit.getContent().get(0);
assertThat(rsaKit.getModulus(), notNullValue());
assertThat(rsaKit.getExponent(), notNullValue());
assertThat(a.getStatements(), containsInAnyOrder(instanceOf(AuthnStatementType.class), instanceOf(AttributeStatementType.class)));
for (StatementAbstractType statement : a.getStatements()) {
if (statement instanceof AuthnStatementType) {
AuthnStatementType as = (AuthnStatementType) statement;
assertThat(as.getSessionNotOnOrAfter(), notNullValue());
assertThat(as.getSessionNotOnOrAfter(), is(XMLTimeUtil.parse("2009-06-17T18:55:10.738Z")));
final AuthnContextType ac = as.getAuthnContext();
assertThat(ac, notNullValue());
assertThat(ac.getSequence(), notNullValue());
assertThat(ac.getSequence().getClassRef().getValue(), is(JBossSAMLURIConstants.AC_UNSPECIFIED.getUri()));
assertThat(ac.getSequence(), notNullValue());
assertThat(ac.getSequence().getAuthnContextDecl(), nullValue());
}
}
}
Also used :
AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType)
EncryptedAssertionType(org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
AuthnContextType(org.keycloak.dom.saml.v2.assertion.AuthnContextType)
RSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.RSAKeyValueType)
StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType)
KeyInfoType(org.keycloak.dom.xmlsec.w3.xmldsig.KeyInfoType)
Test(org.junit.Test)
Example 3 with AuthnContextType
use of org.keycloak.dom.saml.v2.assertion.AuthnContextType in project keycloak by keycloak.
the class SAMLAuthnContextParser method processSubElement.
@Override
protected void processSubElement(XMLEventReader xmlEventReader, AuthnContextType target, SAMLAssertionQNames element, StartElement elementDetail) throws ParsingException {
String text;
AuthnContextType.AuthnContextTypeSequence authnContextSequence;
switch(element) {
case AUTHN_CONTEXT_DECL:
Element dom = StaxParserUtil.getDOMElement(xmlEventReader);
AuthnContextDeclType authnContextDecl = new AuthnContextDeclType(dom);
authnContextSequence = target.getSequence() != null ? target.getSequence() : new AuthnContextType.AuthnContextTypeSequence();
authnContextSequence.setAuthnContextDecl(authnContextDecl);
target.setSequence(authnContextSequence);
break;
case AUTHN_CONTEXT_DECL_REF:
StaxParserUtil.advance(xmlEventReader);
text = StaxParserUtil.getElementText(xmlEventReader);
AuthnContextDeclRefType authnContextDeclRef = new AuthnContextDeclRefType(URI.create(text));
target.addURIType(authnContextDeclRef);
break;
case AUTHN_CONTEXT_CLASS_REF:
StaxParserUtil.advance(xmlEventReader);
text = StaxParserUtil.getElementText(xmlEventReader);
AuthnContextClassRefType authnContextClassRef = new AuthnContextClassRefType(URI.create(text));
authnContextSequence = target.getSequence() != null ? target.getSequence() : new AuthnContextType.AuthnContextTypeSequence();
authnContextSequence.setClassRef(authnContextClassRef);
target.setSequence(authnContextSequence);
break;
case AUTHENTICATING_AUTHORITY:
StaxParserUtil.advance(xmlEventReader);
text = StaxParserUtil.getElementText(xmlEventReader);
target.addAuthenticatingAuthority(URI.create(text));
break;
default:
throw LOGGER.parserUnknownTag(StaxParserUtil.getElementName(elementDetail), elementDetail.getLocation());
}
}
Also used :
AuthnContextClassRefType(org.keycloak.dom.saml.v2.assertion.AuthnContextClassRefType)
AuthnContextDeclType(org.keycloak.dom.saml.v2.assertion.AuthnContextDeclType)
Element(org.w3c.dom.Element)
StartElement(javax.xml.stream.events.StartElement)
AuthnContextDeclRefType(org.keycloak.dom.saml.v2.assertion.AuthnContextDeclRefType)
AuthnContextType(org.keycloak.dom.saml.v2.assertion.AuthnContextType)
Example 4 with AuthnContextType
use of org.keycloak.dom.saml.v2.assertion.AuthnContextType in project keycloak by keycloak.
the class SAML2Response method createAuthnStatement.
/**
* Create an AuthnStatement
*
* @param authnContextDeclRef such as JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT
* @param issueInstant
*
* @return
*/
public AuthnStatementType createAuthnStatement(String authnContextDeclRef, XMLGregorianCalendar issueInstant) {
AuthnStatementType authnStatement = new AuthnStatementType(issueInstant);
AuthnContextType act = new AuthnContextType();
String authContextDeclRef = JBossSAMLURIConstants.AC_PASSWORD_PROTECTED_TRANSPORT.get();
act.addAuthenticatingAuthority(URI.create(authContextDeclRef));
AuthnContextType.AuthnContextTypeSequence sequence = new AuthnContextType.AuthnContextTypeSequence();
sequence.setClassRef(new AuthnContextClassRefType(JBossSAMLURIConstants.AC_PASSWORD.getUri()));
act.setSequence(sequence);
authnStatement.setAuthnContext(act);
return authnStatement;
}
Also used :
AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType)
AuthnContextClassRefType(org.keycloak.dom.saml.v2.assertion.AuthnContextClassRefType)
AuthnContextType(org.keycloak.dom.saml.v2.assertion.AuthnContextType)
Example 5 with AuthnContextType
use of org.keycloak.dom.saml.v2.assertion.AuthnContextType in project keycloak by keycloak.
the class StatementUtil method createAuthnStatement.
/**
* Create an AuthnStatementType given the issue instant and the type of authentication
*
* @param instant an instanceof {@link XMLGregorianCalendar}
* @param authnContextClassRefValue indicate the type of authentication performed
*
* @return {@link AuthnStatementType}
*/
public static AuthnStatementType createAuthnStatement(XMLGregorianCalendar instant, String authnContextClassRefValue) {
AuthnStatementType authnStatement = new AuthnStatementType(instant);
AuthnContextType authnContext = new AuthnContextType();
AuthnContextClassRefType authnContextClassRef = new AuthnContextClassRefType(URI.create(authnContextClassRefValue));
AuthnContextType.AuthnContextTypeSequence sequence = new AuthnContextType.AuthnContextTypeSequence();
sequence.setClassRef(authnContextClassRef);
authnContext.setSequence(sequence);
authnStatement.setAuthnContext(authnContext);
return authnStatement;
}
Also used :
AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType)
AuthnContextClassRefType(org.keycloak.dom.saml.v2.assertion.AuthnContextClassRefType)
AuthnContextType(org.keycloak.dom.saml.v2.assertion.AuthnContextType)
Aggregations
AuthnContextType (org.keycloak.dom.saml.v2.assertion.AuthnContextType)7
AuthnContextClassRefType (org.keycloak.dom.saml.v2.assertion.AuthnContextClassRefType)4
AuthnStatementType (org.keycloak.dom.saml.v2.assertion.AuthnStatementType)4
Test (org.junit.Test)2
AssertionType (org.keycloak.dom.saml.v2.assertion.AssertionType)2
AuthnContextDeclRefType (org.keycloak.dom.saml.v2.assertion.AuthnContextDeclRefType)2
AuthnContextDeclType (org.keycloak.dom.saml.v2.assertion.AuthnContextDeclType)2
EncryptedAssertionType (org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType)2
StatementAbstractType (org.keycloak.dom.saml.v2.assertion.StatementAbstractType)2
Element (org.w3c.dom.Element)2
URI (java.net.URI)1
XMLGregorianCalendar (javax.xml.datatype.XMLGregorianCalendar)1
StartElement (javax.xml.stream.events.StartElement)1
Matcher (org.hamcrest.Matcher)1
SAML2Object (org.keycloak.dom.saml.v2.SAML2Object)1
AttributeStatementType (org.keycloak.dom.saml.v2.assertion.AttributeStatementType)1
AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)1
URIType (org.keycloak.dom.saml.v2.assertion.URIType)1
RequestedAttributeType (org.keycloak.dom.saml.v2.metadata.RequestedAttributeType)1
KeyInfoType (org.keycloak.dom.xmlsec.w3.xmldsig.KeyInfoType)1
