use of org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType in project keycloak by keycloak.
the class SAMLParserTest method testSaml20EncryptedAssertionsSignedReceivedWithRedirectBinding.
@Test
public void testSaml20EncryptedAssertionsSignedReceivedWithRedirectBinding() throws Exception {
ResponseType resp = assertParsed("saml20-encrypted-signed-redirect-response.xml", ResponseType.class);
assertThat(resp.getSignature(), nullValue());
assertThat(resp.getConsent(), nullValue());
assertThat(resp.getIssuer(), not(nullValue()));
assertThat(resp.getIssuer().getValue(), is("http://localhost:8081/auth/realms/saml-demo"));
assertThat(resp.getIssuer().getFormat(), is(JBossSAMLURIConstants.NAMEID_FORMAT_ENTITY.getUri()));
assertThat(resp.getExtensions(), not(nullValue()));
assertThat(resp.getExtensions().getAny().size(), is(1));
assertThat(resp.getExtensions().getAny().get(0), instanceOf(Element.class));
Element el = (Element) resp.getExtensions().getAny().get(0);
assertThat(el.getLocalName(), is("KeyInfo"));
assertThat(el.getNamespaceURI(), is("urn:keycloak:ext:key:1.0"));
assertThat(el.hasAttribute("MessageSigningKeyId"), is(true));
assertThat(el.getAttribute("MessageSigningKeyId"), is("FJ86GcF3jTbNLOco4NvZkUCIUmfYCqoqtOQeMfbhNlE"));
assertThat(resp.getAssertions(), not(nullValue()));
assertThat(resp.getAssertions().size(), is(1));
final EncryptedAssertionType ea = resp.getAssertions().get(0).getEncryptedAssertion();
assertThat(ea, notNullValue());
assertThat(ea.getEncryptedElement(), notNullValue());
assertThat(ea.getEncryptedElement().getLocalName(), is("EncryptedAssertion"));
}
use of org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType in project keycloak by keycloak.
the class SAMLEncryptedAssertionParser method parse.
@Override
public EncryptedAssertionType parse(XMLEventReader xmlEventReader) throws ParsingException {
EncryptedAssertionType res = new EncryptedAssertionType();
res.setEncryptedElement(StaxParserUtil.getDOMElement(xmlEventReader));
return res;
}
use of org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType in project keycloak by keycloak.
the class SAMLResponseWriter method write.
/**
* Write a {@code ResponseType} to stream
*
* @param response
* @param out
*
* @throws org.keycloak.saml.common.exceptions.ProcessingException
*/
public void write(ResponseType response) throws ProcessingException {
StaxUtil.writeStartElement(writer, PROTOCOL_PREFIX, JBossSAMLConstants.RESPONSE__PROTOCOL.get(), JBossSAMLURIConstants.PROTOCOL_NSURI.get());
StaxUtil.writeNameSpace(writer, PROTOCOL_PREFIX, JBossSAMLURIConstants.PROTOCOL_NSURI.get());
StaxUtil.writeNameSpace(writer, ASSERTION_PREFIX, JBossSAMLURIConstants.ASSERTION_NSURI.get());
writeBaseAttributes(response);
NameIDType issuer = response.getIssuer();
if (issuer != null) {
write(issuer, new QName(JBossSAMLURIConstants.ASSERTION_NSURI.get(), JBossSAMLConstants.ISSUER.get(), ASSERTION_PREFIX));
}
ExtensionsType extensions = response.getExtensions();
if (extensions != null && extensions.getAny() != null && !extensions.getAny().isEmpty()) {
write(extensions);
}
StatusType status = response.getStatus();
write(status);
List<ResponseType.RTChoiceType> choiceTypes = response.getAssertions();
if (choiceTypes != null) {
for (ResponseType.RTChoiceType choiceType : choiceTypes) {
AssertionType assertion = choiceType.getAssertion();
if (assertion != null) {
assertionWriter.write(assertion);
}
EncryptedAssertionType encryptedAssertion = choiceType.getEncryptedAssertion();
if (encryptedAssertion != null) {
Element encElement = encryptedAssertion.getEncryptedElement();
StaxUtil.writeDOMElement(writer, encElement);
}
}
}
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
use of org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType in project keycloak by keycloak.
the class JBossSAMLAuthnResponseFactory method createResponseType.
/**
* Create a Response Type
*
* @param ID
* @param issuerInfo
* @param encryptedAssertion a DOM {@link Element} that represents an encrypted assertion
*
* @return
*
* @throws ConfigurationException
*/
public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo, Element encryptedAssertion) {
ResponseType responseType = new ResponseType(ID, XMLTimeUtil.getIssueInstant());
// Issuer
NameIDType issuer = issuerInfo.getIssuer();
responseType.setIssuer(issuer);
// Status
String statusCode = issuerInfo.getStatusCode();
if (statusCode == null)
throw logger.issuerInfoMissingStatusCodeError();
responseType.setStatus(createStatusType(statusCode));
responseType.addAssertion(new RTChoiceType(new EncryptedAssertionType(encryptedAssertion)));
return responseType;
}
use of org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType in project keycloak by keycloak.
the class AssertionUtil method getAssertion.
public static AssertionType getAssertion(SAMLDocumentHolder holder, ResponseType responseType, PrivateKey privateKey) throws ParsingException, ProcessingException, ConfigurationException {
List<ResponseType.RTChoiceType> assertions = responseType.getAssertions();
if (assertions.isEmpty()) {
throw new ProcessingException("No assertion from response.");
}
ResponseType.RTChoiceType rtChoiceType = assertions.get(0);
EncryptedAssertionType encryptedAssertion = rtChoiceType.getEncryptedAssertion();
if (encryptedAssertion != null) {
if (privateKey == null) {
throw new ProcessingException("Encryptd assertion and decrypt private key is null");
}
decryptAssertion(holder, responseType, privateKey);
}
return responseType.getAssertions().get(0).getAssertion();
}
Aggregations