Search in sources :

Example 1 with StatementAbstractType

use of org.keycloak.dom.saml.v2.assertion.StatementAbstractType in project keycloak by keycloak.

the class SAMLServletSessionTimeoutTest method addSessionNotOnOrAfter.

private SAML2Object addSessionNotOnOrAfter(SAML2Object ob) {
    assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
    ResponseType resp = (ResponseType) ob;
    Set<StatementAbstractType> statements = resp.getAssertions().get(0).getAssertion().getStatements();
    AuthnStatementType authType = (AuthnStatementType) statements.stream().filter(statement -> statement instanceof AuthnStatementType).findFirst().orElse(new AuthnStatementType(XMLTimeUtil.getIssueInstant()));
    XMLGregorianCalendar sessionTimeout = XMLTimeUtil.add(XMLTimeUtil.getIssueInstant(), SESSION_LENGTH_IN_SECONDS * 1000);
    sessionNotOnOrAfter.set(sessionTimeout.toString());
    authType.setSessionNotOnOrAfter(sessionTimeout);
    resp.getAssertions().get(0).getAssertion().addStatement(authType);
    return ob;
}
Also used : AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType) XMLTimeUtil(org.keycloak.saml.processing.core.saml.v2.util.XMLTimeUtil) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) Matchers.bodyHC(org.keycloak.testsuite.util.Matchers.bodyHC) AdapterActionsFilter(org.keycloak.testsuite.adapter.filter.AdapterActionsFilter) Page(org.jboss.arquillian.graphene.page.Page) AtomicReference(java.util.concurrent.atomic.AtomicReference) EntityUtils(org.apache.http.util.EntityUtils) Assert.assertThat(org.junit.Assert.assertThat) SAML2Object(org.keycloak.dom.saml.v2.SAML2Object) AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType) SamlClient(org.keycloak.testsuite.util.SamlClient) ContainerConstants(org.keycloak.testsuite.utils.arquillian.ContainerConstants) WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive) Matchers.notNullValue(org.hamcrest.Matchers.notNullValue) Matchers(org.keycloak.testsuite.util.Matchers) Matchers.allOf(org.hamcrest.Matchers.allOf) JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants) REALM_NAME(org.keycloak.testsuite.saml.AbstractSamlTest.REALM_NAME) Set(java.util.Set) Test(org.junit.Test) Employee2Servlet(org.keycloak.testsuite.adapter.page.Employee2Servlet) RealmAttributeUpdater(org.keycloak.testsuite.updaters.RealmAttributeUpdater) XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) Deployment(org.jboss.arquillian.container.test.api.Deployment) StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType) AppServerContainer(org.keycloak.testsuite.arquillian.annotation.AppServerContainer) SessionTimeoutHelper(org.keycloak.models.utils.SessionTimeoutHelper) Matchers.is(org.hamcrest.Matchers.is) PublicKeyLocator(org.keycloak.adapters.rotation.PublicKeyLocator) Matchers.containsString(org.hamcrest.Matchers.containsString) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)

Example 2 with StatementAbstractType

use of org.keycloak.dom.saml.v2.assertion.StatementAbstractType in project keycloak by keycloak.

the class SAMLParserTest method testSaml20AssertionsAdviceTag.

@Test
public void testSaml20AssertionsAdviceTag() throws Exception {
    Matcher<String>[] ATTR_NAME = new Matcher[] { is("portal_id"), is("organization_id"), is("status"), is("has_sub_organization"), is("anytype_test"), is("anytype_no_xml_test"), is("ssostartpage"), is("logouturl"), is("nil_value_attribute") };
    Matcher<List<Object>>[] ATTR_VALUE = new Matcher[] { contains(is("060D00000000SHZ")), contains(is("<n1:elem2 xmlns:n1=\"http://example.net\" xml:lang=\"en\"><n3:stuff xmlns:n3=\"ftp://example.org\">00DD0000000F7L5</n3:stuff></n1:elem2>")), contains(is("<status><code><status>XYZ</status></code></status>")), contains(is("true")), contains(is("<elem1 atttr1=\"en\"><elem2>val2</elem2></elem1>")), contains(is("value_no_xml")), contains(is("http://www.salesforce.com/security/saml/saml20-gen.jsp")), contains(is("http://www.salesforce.com/security/del_auth/SsoLogoutPage.html")), contains(nullValue()) };
    AssertionType a = assertParsed("saml20-assertion-advice.xml", AssertionType.class);
    assertThat(a.getStatements(), containsInAnyOrder(instanceOf(AuthnStatementType.class), instanceOf(AttributeStatementType.class)));
    for (StatementAbstractType statement : a.getStatements()) {
        if (statement instanceof AuthnStatementType) {
            AuthnStatementType as = (AuthnStatementType) statement;
            final AuthnContextType ac = as.getAuthnContext();
            assertThat(ac, notNullValue());
            assertThat(ac.getSequence(), notNullValue());
            assertThat(ac.getSequence().getClassRef().getValue(), is(JBossSAMLURIConstants.AC_UNSPECIFIED.getUri()));
            assertThat(ac.getSequence(), notNullValue());
            assertThat(ac.getSequence().getAuthnContextDecl(), notNullValue());
            assertThat(ac.getSequence().getAuthnContextDecl().getValue(), instanceOf(Element.class));
            final Element el = (Element) ac.getSequence().getAuthnContextDecl().getValue();
            assertThat(el.getTextContent(), is("auth.weak"));
        } else {
            AttributeStatementType as = (AttributeStatementType) statement;
            assertThat(as.getAttributes(), hasSize(9));
            for (int i = 0; i < as.getAttributes().size(); i++) {
                AttributeType attr = as.getAttributes().get(i).getAttribute();
                assertThat(attr.getName(), ATTR_NAME[i]);
                assertThat(attr.getAttributeValue(), ATTR_VALUE[i]);
            }
        }
    }
    assertThat(a.getConditions().getConditions(), contains(instanceOf(AudienceRestrictionType.class)));
}
Also used : AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType) Matcher(org.hamcrest.Matcher) RequestedAttributeType(org.keycloak.dom.saml.v2.metadata.RequestedAttributeType) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) Element(org.w3c.dom.Element) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) SAML2Object(org.keycloak.dom.saml.v2.SAML2Object) EncryptedAssertionType(org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType) AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType) AuthnContextType(org.keycloak.dom.saml.v2.assertion.AuthnContextType) StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType) Test(org.junit.Test)

Example 3 with StatementAbstractType

use of org.keycloak.dom.saml.v2.assertion.StatementAbstractType in project keycloak by keycloak.

the class SAMLParserTest method testSaml20AssertionContents.

@Test
public void testSaml20AssertionContents() throws Exception {
    AssertionType a = assertParsed("saml20-assertion-example.xml", AssertionType.class);
    assertThat(a.getSubject().getConfirmation(), hasSize(1));
    assertThat(a.getSubject().getConfirmation().get(0).getSubjectConfirmationData(), notNullValue());
    assertThat(a.getSubject().getConfirmation().get(0).getSubjectConfirmationData().getAnyType(), instanceOf(KeyInfoType.class));
    KeyInfoType kit = (KeyInfoType) a.getSubject().getConfirmation().get(0).getSubjectConfirmationData().getAnyType();
    assertThat(kit.getContent(), hasItem(instanceOf(RSAKeyValueType.class)));
    RSAKeyValueType rsaKit = (RSAKeyValueType) kit.getContent().get(0);
    assertThat(rsaKit.getModulus(), notNullValue());
    assertThat(rsaKit.getExponent(), notNullValue());
    assertThat(a.getStatements(), containsInAnyOrder(instanceOf(AuthnStatementType.class), instanceOf(AttributeStatementType.class)));
    for (StatementAbstractType statement : a.getStatements()) {
        if (statement instanceof AuthnStatementType) {
            AuthnStatementType as = (AuthnStatementType) statement;
            assertThat(as.getSessionNotOnOrAfter(), notNullValue());
            assertThat(as.getSessionNotOnOrAfter(), is(XMLTimeUtil.parse("2009-06-17T18:55:10.738Z")));
            final AuthnContextType ac = as.getAuthnContext();
            assertThat(ac, notNullValue());
            assertThat(ac.getSequence(), notNullValue());
            assertThat(ac.getSequence().getClassRef().getValue(), is(JBossSAMLURIConstants.AC_UNSPECIFIED.getUri()));
            assertThat(ac.getSequence(), notNullValue());
            assertThat(ac.getSequence().getAuthnContextDecl(), nullValue());
        }
    }
}
Also used : AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType) EncryptedAssertionType(org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType) AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType) AuthnContextType(org.keycloak.dom.saml.v2.assertion.AuthnContextType) RSAKeyValueType(org.keycloak.dom.xmlsec.w3.xmldsig.RSAKeyValueType) StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType) KeyInfoType(org.keycloak.dom.xmlsec.w3.xmldsig.KeyInfoType) Test(org.junit.Test)

Example 4 with StatementAbstractType

use of org.keycloak.dom.saml.v2.assertion.StatementAbstractType in project keycloak by keycloak.

the class KcSamlIdPInitiatedSsoTest method testProviderTransientIdpInitiatedLogin.

@Test
public void testProviderTransientIdpInitiatedLogin() throws Exception {
    IdentityProviderResource idp = adminClient.realm(REALM_CONS_NAME).identityProviders().get("saml-leaf");
    IdentityProviderRepresentation rep = idp.toRepresentation();
    rep.getConfig().put(SAMLIdentityProviderConfig.NAME_ID_POLICY_FORMAT, JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get());
    rep.getConfig().put(SAMLIdentityProviderConfig.PRINCIPAL_TYPE, SamlPrincipalType.ATTRIBUTE.name());
    rep.getConfig().put(SAMLIdentityProviderConfig.PRINCIPAL_ATTRIBUTE, X500SAMLProfileConstants.UID.get());
    idp.update(rep);
    SAMLDocumentHolder samlResponse = new SamlClientBuilder().navigateTo(getSamlIdpInitiatedUrl(REALM_PROV_NAME, "samlbroker")).login().user(PROVIDER_REALM_USER_NAME, PROVIDER_REALM_USER_PASSWORD).build().processSamlResponse(Binding.POST).transformObject(ob -> {
        assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
        ResponseType resp = (ResponseType) ob;
        assertThat(resp.getDestination(), is(getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales")));
        assertAudience(resp, getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales"));
        NameIDType nameId = new NameIDType();
        nameId.setFormat(URI.create(JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get()));
        nameId.setValue("subjectId1");
        resp.getAssertions().get(0).getAssertion().getSubject().getSubType().addBaseID(nameId);
        Set<StatementAbstractType> statements = resp.getAssertions().get(0).getAssertion().getStatements();
        AttributeStatementType attributeType = (AttributeStatementType) statements.stream().filter(statement -> statement instanceof AttributeStatementType).findFirst().orElse(new AttributeStatementType());
        AttributeType attr = new AttributeType(X500SAMLProfileConstants.UID.get());
        attr.addAttributeValue(PROVIDER_REALM_USER_NAME);
        attributeType.addAttribute(new AttributeStatementType.ASTChoiceType(attr));
        resp.getAssertions().get(0).getAssertion().addStatement(attributeType);
        return ob;
    }).build().navigateTo(getSamlIdpInitiatedUrl(REALM_PROV_NAME, "samlbroker-2")).login().sso(true).build().processSamlResponse(Binding.POST).transformObject(ob -> {
        assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
        ResponseType resp = (ResponseType) ob;
        assertThat(resp.getDestination(), is(getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales2")));
        assertAudience(resp, getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales2"));
        NameIDType nameId = new NameIDType();
        nameId.setFormat(URI.create(JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get()));
        nameId.setValue("subjectId2");
        resp.getAssertions().get(0).getAssertion().getSubject().getSubType().addBaseID(nameId);
        Set<StatementAbstractType> statements = resp.getAssertions().get(0).getAssertion().getStatements();
        AttributeStatementType attributeType = (AttributeStatementType) statements.stream().filter(statement -> statement instanceof AttributeStatementType).findFirst().orElse(new AttributeStatementType());
        AttributeType attr = new AttributeType(X500SAMLProfileConstants.UID.get());
        attr.addAttributeValue(PROVIDER_REALM_USER_NAME);
        attributeType.addAttribute(new AttributeStatementType.ASTChoiceType(attr));
        resp.getAssertions().get(0).getAssertion().addStatement(attributeType);
        return ob;
    }).build().updateProfile().username(CONSUMER_CHOSEN_USERNAME).email("test@localhost").firstName("Firstname").lastName("Lastname").build().followOneRedirect().getSamlResponse(Binding.POST);
    assertThat(samlResponse.getSamlObject(), Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
    ResponseType resp = (ResponseType) samlResponse.getSamlObject();
    assertThat(resp.getDestination(), is(urlRealmConsumer + "/app/auth2/saml"));
    assertAudience(resp, urlRealmConsumer + "/app/auth2");
    UsersResource users = adminClient.realm(REALM_CONS_NAME).users();
    List<UserRepresentation> userList = users.search(CONSUMER_CHOSEN_USERNAME);
    assertEquals(1, userList.size());
    String id = userList.get(0).getId();
    FederatedIdentityRepresentation fed = users.get(id).getFederatedIdentity().get(0);
    assertThat(fed.getUserId(), is(PROVIDER_REALM_USER_NAME));
    assertThat(fed.getUserName(), is(PROVIDER_REALM_USER_NAME));
    // check that no user with sent subject-id was sent
    userList = users.search("subjectId1");
    assertTrue(userList.isEmpty());
    userList = users.search("subjectId2");
    assertTrue(userList.isEmpty());
}
Also used : AssertionUtil(org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil) Page(org.jboss.arquillian.graphene.page.Page) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) Assert.assertThat(org.junit.Assert.assertThat) SAMLIdentityProviderConfig(org.keycloak.broker.saml.SAMLIdentityProviderConfig) ByteArrayInputStream(java.io.ByteArrayInputStream) ClientsResource(org.keycloak.admin.client.resource.ClientsResource) Map(java.util.Map) REALM_PROV_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_PROV_NAME) URI(java.net.URI) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation) Matchers.notNullValue(org.hamcrest.Matchers.notNullValue) Matchers(org.keycloak.testsuite.util.Matchers) Set(java.util.Set) Collectors(java.util.stream.Collectors) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) IOUtil(org.keycloak.testsuite.utils.io.IOUtil) IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Matchers.instanceOf(org.hamcrest.Matchers.instanceOf) List(java.util.List) Response(javax.ws.rs.core.Response) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) LoginPage(org.keycloak.testsuite.pages.LoginPage) Matchers.contains(org.hamcrest.Matchers.contains) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) Matchers.greaterThan(org.hamcrest.Matchers.greaterThan) Matchers.is(org.hamcrest.Matchers.is) Matchers.containsString(org.hamcrest.Matchers.containsString) SamlPrincipalType(org.keycloak.protocol.saml.SamlPrincipalType) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) WebDriverWait(org.openqa.selenium.support.ui.WebDriverWait) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) UserSessionRepresentation(org.keycloak.representations.idm.UserSessionRepresentation) Assert(org.keycloak.testsuite.Assert) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) WebDriver(org.openqa.selenium.WebDriver) X500SAMLProfileConstants(org.keycloak.saml.processing.core.saml.v2.constants.X500SAMLProfileConstants) ExpectedCondition(org.openqa.selenium.support.ui.ExpectedCondition) UsersResource(org.keycloak.admin.client.resource.UsersResource) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) AudienceRestrictionType(org.keycloak.dom.saml.v2.assertion.AudienceRestrictionType) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) StringPropertyReplacer(org.keycloak.common.util.StringPropertyReplacer) UpdateAccountInformationPage(org.keycloak.testsuite.pages.UpdateAccountInformationPage) PageUtils(org.keycloak.testsuite.pages.PageUtils) Matchers.hasSize(org.hamcrest.Matchers.hasSize) StreamUtil(org.keycloak.common.util.StreamUtil) AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer) Before(org.junit.Before) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Properties(java.util.Properties) JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants) By(org.openqa.selenium.By) Assert.assertTrue(org.junit.Assert.assertTrue) IOException(java.io.IOException) Test(org.junit.Test) AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType) NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType) StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType) REALM_CONS_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME) Binding(org.keycloak.testsuite.util.SamlClient.Binding) Assert.assertEquals(org.junit.Assert.assertEquals) InputStream(java.io.InputStream) Set(java.util.Set) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) Matchers.containsString(org.hamcrest.Matchers.containsString) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) UsersResource(org.keycloak.admin.client.resource.UsersResource) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType) StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType) FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Example 5 with StatementAbstractType

use of org.keycloak.dom.saml.v2.assertion.StatementAbstractType in project keycloak by keycloak.

the class KcSamlIdPInitiatedSsoTest method testProviderIdpInitiatedLoginWithPrincipalAttribute.

// KEYCLOAK-7969
@Test
public void testProviderIdpInitiatedLoginWithPrincipalAttribute() throws Exception {
    IdentityProviderResource idp = adminClient.realm(REALM_CONS_NAME).identityProviders().get("saml-leaf");
    IdentityProviderRepresentation rep = idp.toRepresentation();
    rep.getConfig().put(SAMLIdentityProviderConfig.PRINCIPAL_TYPE, SamlPrincipalType.ATTRIBUTE.name());
    rep.getConfig().put(SAMLIdentityProviderConfig.PRINCIPAL_ATTRIBUTE, X500SAMLProfileConstants.UID.get());
    idp.update(rep);
    SAMLDocumentHolder samlResponse = new SamlClientBuilder().navigateTo(getSamlIdpInitiatedUrl(REALM_PROV_NAME, "samlbroker")).login().user(PROVIDER_REALM_USER_NAME, PROVIDER_REALM_USER_PASSWORD).build().processSamlResponse(Binding.POST).transformObject(ob -> {
        assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
        ResponseType resp = (ResponseType) ob;
        assertThat(resp.getDestination(), is(getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales")));
        assertAudience(resp, getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales"));
        Set<StatementAbstractType> statements = resp.getAssertions().get(0).getAssertion().getStatements();
        AttributeStatementType attributeType = (AttributeStatementType) statements.stream().filter(statement -> statement instanceof AttributeStatementType).findFirst().orElse(new AttributeStatementType());
        AttributeType attr = new AttributeType(X500SAMLProfileConstants.UID.get());
        attr.addAttributeValue(PROVIDER_REALM_USER_NAME);
        attributeType.addAttribute(new AttributeStatementType.ASTChoiceType(attr));
        resp.getAssertions().get(0).getAssertion().addStatement(attributeType);
        return ob;
    }).build().updateProfile().username(CONSUMER_CHOSEN_USERNAME).email("test@localhost").firstName("Firstname").lastName("Lastname").build().followOneRedirect().getSamlResponse(Binding.POST);
    assertThat(samlResponse.getSamlObject(), Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
    ResponseType resp = (ResponseType) samlResponse.getSamlObject();
    assertThat(resp.getDestination(), is(urlRealmConsumer + "/app/auth"));
    assertAudience(resp, urlRealmConsumer + "/app/auth");
    UsersResource users = adminClient.realm(REALM_CONS_NAME).users();
    String id = users.search(CONSUMER_CHOSEN_USERNAME).get(0).getId();
    FederatedIdentityRepresentation fed = users.get(id).getFederatedIdentity().get(0);
    assertThat(fed.getUserId(), is(PROVIDER_REALM_USER_NAME));
    assertThat(fed.getUserName(), is(PROVIDER_REALM_USER_NAME));
}
Also used : AssertionUtil(org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil) Page(org.jboss.arquillian.graphene.page.Page) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) Assert.assertThat(org.junit.Assert.assertThat) SAMLIdentityProviderConfig(org.keycloak.broker.saml.SAMLIdentityProviderConfig) ByteArrayInputStream(java.io.ByteArrayInputStream) ClientsResource(org.keycloak.admin.client.resource.ClientsResource) Map(java.util.Map) REALM_PROV_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_PROV_NAME) URI(java.net.URI) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation) Matchers.notNullValue(org.hamcrest.Matchers.notNullValue) Matchers(org.keycloak.testsuite.util.Matchers) Set(java.util.Set) Collectors(java.util.stream.Collectors) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) IOUtil(org.keycloak.testsuite.utils.io.IOUtil) IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Matchers.instanceOf(org.hamcrest.Matchers.instanceOf) List(java.util.List) Response(javax.ws.rs.core.Response) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) LoginPage(org.keycloak.testsuite.pages.LoginPage) Matchers.contains(org.hamcrest.Matchers.contains) Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder) Matchers.greaterThan(org.hamcrest.Matchers.greaterThan) Matchers.is(org.hamcrest.Matchers.is) Matchers.containsString(org.hamcrest.Matchers.containsString) SamlPrincipalType(org.keycloak.protocol.saml.SamlPrincipalType) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) WebDriverWait(org.openqa.selenium.support.ui.WebDriverWait) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) UserSessionRepresentation(org.keycloak.representations.idm.UserSessionRepresentation) Assert(org.keycloak.testsuite.Assert) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) WebDriver(org.openqa.selenium.WebDriver) X500SAMLProfileConstants(org.keycloak.saml.processing.core.saml.v2.constants.X500SAMLProfileConstants) ExpectedCondition(org.openqa.selenium.support.ui.ExpectedCondition) UsersResource(org.keycloak.admin.client.resource.UsersResource) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) AudienceRestrictionType(org.keycloak.dom.saml.v2.assertion.AudienceRestrictionType) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) StringPropertyReplacer(org.keycloak.common.util.StringPropertyReplacer) UpdateAccountInformationPage(org.keycloak.testsuite.pages.UpdateAccountInformationPage) PageUtils(org.keycloak.testsuite.pages.PageUtils) Matchers.hasSize(org.hamcrest.Matchers.hasSize) StreamUtil(org.keycloak.common.util.StreamUtil) AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer) Before(org.junit.Before) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) Properties(java.util.Properties) JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants) By(org.openqa.selenium.By) Assert.assertTrue(org.junit.Assert.assertTrue) IOException(java.io.IOException) Test(org.junit.Test) AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType) NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType) StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType) REALM_CONS_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME) Binding(org.keycloak.testsuite.util.SamlClient.Binding) Assert.assertEquals(org.junit.Assert.assertEquals) InputStream(java.io.InputStream) Set(java.util.Set) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType) Matchers.containsString(org.hamcrest.Matchers.containsString) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) UsersResource(org.keycloak.admin.client.resource.UsersResource) IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation) FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation) AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest) Test(org.junit.Test)

Aggregations

StatementAbstractType (org.keycloak.dom.saml.v2.assertion.StatementAbstractType)15 Test (org.junit.Test)9 AttributeStatementType (org.keycloak.dom.saml.v2.assertion.AttributeStatementType)9 ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)9 AssertionType (org.keycloak.dom.saml.v2.assertion.AssertionType)8 AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)8 Set (java.util.Set)7 Assert.assertThat (org.junit.Assert.assertThat)7 AuthnStatementType (org.keycloak.dom.saml.v2.assertion.AuthnStatementType)7 JBossSAMLURIConstants (org.keycloak.saml.common.constants.JBossSAMLURIConstants)7 SamlClientBuilder (org.keycloak.testsuite.util.SamlClientBuilder)7 Matchers (org.keycloak.testsuite.util.Matchers)6 URI (java.net.URI)5 Matchers.is (org.hamcrest.Matchers.is)5 Matchers.notNullValue (org.hamcrest.Matchers.notNullValue)5 Response (javax.ws.rs.core.Response)4 IOException (java.io.IOException)3 List (java.util.List)3 Map (java.util.Map)3 Collectors (java.util.stream.Collectors)3