Examples with STSubType org.keycloak.dom.saml.v2.assertion.SubjectType.STSubType used on opensource projects

Example 1 with STSubType

use of org.keycloak.dom.saml.v2.assertion.SubjectType.STSubType in project keycloak by keycloak.

the class AssertionUtil method createAssertionSubject.

/**
 * Given a user name, create a {@code SubjectType} that can then be inserted into an assertion
 *
 * @param userName
 *
 * @return
 */
public static SubjectType createAssertionSubject(String userName) {
    SubjectType assertionSubject = new SubjectType();
    STSubType subType = new STSubType();
    NameIDType anil = new NameIDType();
    anil.setValue(userName);
    subType.addBaseID(anil);
    assertionSubject.setSubType(subType);
    return assertionSubject;
}

Example 2 with STSubType

use of org.keycloak.dom.saml.v2.assertion.SubjectType.STSubType in project keycloak by keycloak.

the class AssertionUtil method decryptId.

public static void decryptId(final ResponseType responseType, final PrivateKey privateKey) throws ConfigurationException, ProcessingException, ParsingException {
    final STSubType subTypeElement = getSubTypeElement(responseType);
    if (subTypeElement == null) {
        return;
    }
    final EncryptedElementType encryptedID = subTypeElement.getEncryptedID();
    if (encryptedID == null) {
        return;
    }
    Element encryptedElement = encryptedID.getEncryptedElement();
    Document newDoc = DocumentUtil.createDocument();
    Node importedNode = newDoc.importNode(encryptedElement, true);
    newDoc.appendChild(importedNode);
    Element decryptedNameIdElement = XMLEncryptionUtil.decryptElementInDocument(newDoc, privateKey);
    final XMLEventReader xmlEventReader = StaxParserUtil.getXMLEventReader(DocumentUtil.getNodeAsStream(decryptedNameIdElement));
    NameIDType nameIDType = SAMLParserUtil.parseNameIDType(xmlEventReader);
    // Add unencrypted id, remove encrypted
    subTypeElement.addBaseID(nameIDType);
    subTypeElement.setEncryptedID(null);
}

Example 3 with STSubType

use of org.keycloak.dom.saml.v2.assertion.SubjectType.STSubType in project keycloak by keycloak.

the class AssertionUtilTest method testSaml20DecryptId.

@Test
public void testSaml20DecryptId() throws Exception {
    try (InputStream st = getEncryptedIdTestFileInputStream()) {
        ResponseType responseType = (ResponseType) SAMLParser.getInstance().parse(st);
        STSubType subType = responseType.getAssertions().get(0).getAssertion().getSubject().getSubType();
        assertNotNull(subType.getEncryptedID());
        assertNull(subType.getBaseID());
        AssertionUtil.decryptId(responseType, extractPrivateKey());
        assertNull(subType.getEncryptedID());
        assertNotNull(subType.getBaseID());
        assertTrue(subType.getBaseID() instanceof NameIDType);
        assertEquals("myTestId", ((NameIDType) subType.getBaseID()).getValue());
    }
}

Example 4 with STSubType

use of org.keycloak.dom.saml.v2.assertion.SubjectType.STSubType in project keycloak by keycloak.

the class AssertionUtil method getSubTypeElement.

private static STSubType getSubTypeElement(final ResponseType responseType) {
    final List<ResponseType.RTChoiceType> assertions = responseType.getAssertions();
    if (assertions.isEmpty()) {
        return null;
    }
    final AssertionType assertion = assertions.get(0).getAssertion();
    if (assertion.getSubject() == null) {
        return null;
    }
    return assertion.getSubject().getSubType();
}