Examples with SubjectConfirmationType - org.keycloak.dom.saml.v2.assertion.SubjectConfirmationType

Example 11 with SubjectConfirmationType

use of org.keycloak.dom.saml.v2.assertion.SubjectConfirmationType in project keycloak by keycloak.

the class SAMLSubjectConfirmationParser method instantiateElement.

@Override
protected SubjectConfirmationType instantiateElement(XMLEventReader xmlEventReader, StartElement element) throws ParsingException {
    final SubjectConfirmationType res = new SubjectConfirmationType();
    res.setMethod(StaxParserUtil.getAttributeValue(element, SAMLAssertionQNames.ATTR_METHOD));
    return res;
}

Also used : SubjectConfirmationType(org.keycloak.dom.saml.v2.assertion.SubjectConfirmationType)

Example 12 with SubjectConfirmationType

use of org.keycloak.dom.saml.v2.assertion.SubjectConfirmationType in project keycloak by keycloak.

the class BaseWriter method write.

private void write(SubjectConfirmationType subjectConfirmationType) throws ProcessingException {
    StaxUtil.writeStartElement(writer, ASSERTION_PREFIX, JBossSAMLConstants.SUBJECT_CONFIRMATION.get(), ASSERTION_NSURI.get());
    StaxUtil.writeAttribute(writer, JBossSAMLConstants.METHOD.get(), subjectConfirmationType.getMethod());
    BaseIDAbstractType baseID = subjectConfirmationType.getBaseID();
    if (baseID != null) {
        write(baseID);
    }
    NameIDType nameIDType = subjectConfirmationType.getNameID();
    if (nameIDType != null) {
        write(nameIDType, new QName(ASSERTION_NSURI.get(), JBossSAMLConstants.NAMEID.get(), ASSERTION_PREFIX));
    }
    SubjectConfirmationDataType subjectConfirmationData = subjectConfirmationType.getSubjectConfirmationData();
    if (subjectConfirmationData != null) {
        write(subjectConfirmationData);
    }
    StaxUtil.writeEndElement(writer);
}

Also used : SubjectConfirmationDataType(org.keycloak.dom.saml.v2.assertion.SubjectConfirmationDataType) QName(javax.xml.namespace.QName) BaseIDAbstractType(org.keycloak.dom.saml.v2.assertion.BaseIDAbstractType) NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)

Example 13 with SubjectConfirmationType

use of org.keycloak.dom.saml.v2.assertion.SubjectConfirmationType in project keycloak by keycloak.

the class SessionNotOnOrAfterTest method checkSessionNotOnOrAfter.

private SAML2Object checkSessionNotOnOrAfter(SAML2Object ob, int ssoMaxLifespan, int accessCodeLifespan, int accessTokenLifespan) {
    assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
    ResponseType resp = (ResponseType) ob;
    Assert.assertNotNull(resp);
    Assert.assertNotNull(resp.getAssertions());
    Assert.assertThat(resp.getAssertions().size(), greaterThan(0));
    Assert.assertNotNull(resp.getAssertions().get(0));
    Assert.assertNotNull(resp.getAssertions().get(0).getAssertion());
    // session lifespan
    Assert.assertNotNull(resp.getAssertions().get(0).getAssertion().getStatements());
    Set<StatementAbstractType> statements = resp.getAssertions().get(0).getAssertion().getStatements();
    AuthnStatementType authType = statements.stream().filter(statement -> statement instanceof AuthnStatementType).map(s -> (AuthnStatementType) s).findFirst().orElse(null);
    assertThat(authType, notNullValue());
    assertThat(authType.getSessionNotOnOrAfter(), notNullValue());
    assertThat(authType.getSessionNotOnOrAfter(), is(XMLTimeUtil.add(authType.getAuthnInstant(), ssoMaxLifespan * 1000L)));
    // Conditions
    Assert.assertNotNull(resp.getAssertions().get(0).getAssertion().getConditions());
    Assert.assertNotNull(resp.getAssertions().get(0).getAssertion().getConditions());
    ConditionsType condition = resp.getAssertions().get(0).getAssertion().getConditions();
    Assert.assertEquals(XMLTimeUtil.add(condition.getNotBefore(), accessCodeLifespan * 1000L), condition.getNotOnOrAfter());
    // SubjectConfirmation (confirmationData has no NotBefore, using the previous one because it's the same)
    Assert.assertNotNull(resp.getAssertions().get(0).getAssertion().getSubject());
    Assert.assertNotNull(resp.getAssertions().get(0).getAssertion().getSubject().getConfirmation());
    List<SubjectConfirmationType> confirmations = resp.getAssertions().get(0).getAssertion().getSubject().getConfirmation();
    SubjectConfirmationDataType confirmationData = confirmations.stream().map(c -> c.getSubjectConfirmationData()).filter(c -> c != null).findFirst().orElse(null);
    Assert.assertNotNull(confirmationData);
    Assert.assertEquals(XMLTimeUtil.add(condition.getNotBefore(), accessTokenLifespan * 1000L), confirmationData.getNotOnOrAfter());
    return null;
}

Also used : AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType) XMLTimeUtil(org.keycloak.saml.processing.core.saml.v2.util.XMLTimeUtil) ClientAttributeUpdater(org.keycloak.testsuite.updaters.ClientAttributeUpdater) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) Matchers.notNullValue(org.hamcrest.Matchers.notNullValue) Matchers(org.keycloak.testsuite.util.Matchers) JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants) Set(java.util.Set) Test(org.junit.Test) SubjectConfirmationType(org.keycloak.dom.saml.v2.assertion.SubjectConfirmationType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) SamlConfigAttributes(org.keycloak.protocol.saml.SamlConfigAttributes) RealmAttributeUpdater(org.keycloak.testsuite.updaters.RealmAttributeUpdater) SubjectConfirmationDataType(org.keycloak.dom.saml.v2.assertion.SubjectConfirmationDataType) Assert.assertThat(org.junit.Assert.assertThat) SAML2Object(org.keycloak.dom.saml.v2.SAML2Object) List(java.util.List) AuthnStatementType(org.keycloak.dom.saml.v2.assertion.AuthnStatementType) StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType) ConditionsType(org.keycloak.dom.saml.v2.assertion.ConditionsType) SamlClient(org.keycloak.testsuite.util.SamlClient) Matchers.greaterThan(org.hamcrest.Matchers.greaterThan) Matchers.is(org.hamcrest.Matchers.is) Assert(org.junit.Assert) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) SubjectConfirmationDataType(org.keycloak.dom.saml.v2.assertion.SubjectConfirmationDataType) SubjectConfirmationType(org.keycloak.dom.saml.v2.assertion.SubjectConfirmationType) ConditionsType(org.keycloak.dom.saml.v2.assertion.ConditionsType) StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)

Aggregations

SubjectConfirmationType (org.keycloak.dom.saml.v2.assertion.SubjectConfirmationType)7 SubjectConfirmationDataType (org.keycloak.dom.saml.v2.assertion.SubjectConfirmationDataType)6 NameIDType (org.keycloak.dom.saml.v2.assertion.NameIDType)5 SubjectType (org.keycloak.dom.saml.v2.assertion.SubjectType)5 ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)3 Calendar (java.util.Calendar)2 QName (javax.xml.namespace.QName)2 StartElement (javax.xml.stream.events.StartElement)2 Test (org.junit.Test)2 AssertionType (org.keycloak.dom.saml.v2.assertion.AssertionType)2 BaseIDAbstractType (org.keycloak.dom.saml.v2.assertion.BaseIDAbstractType)2 ConditionsType (org.keycloak.dom.saml.v2.assertion.ConditionsType)2 EncryptedAssertionType (org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType)2 EncryptedElementType (org.keycloak.dom.saml.v2.assertion.EncryptedElementType)2 StatementAbstractType (org.keycloak.dom.saml.v2.assertion.StatementAbstractType)2 StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)2 Element (org.w3c.dom.Element)2 SubjectConfirmationDataType (xmlbeans.org.oasis.saml2.assertion.SubjectConfirmationDataType)2 SubjectConfirmationType (xmlbeans.org.oasis.saml2.assertion.SubjectConfirmationType)2 LinkedList (java.util.LinkedList)1