use of org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType in project keycloak by keycloak.
the class SAMLParserTest method testSAML20MetadataEntityDescriptorAttrA.
@Test
public void testSAML20MetadataEntityDescriptorAttrA() throws Exception {
EntityDescriptorType entityDescriptor = assertParsed("saml20-entity-descriptor-idp.xml", EntityDescriptorType.class);
List<EntityDescriptorType.EDTChoiceType> descriptors = entityDescriptor.getChoiceType();
assertThat(descriptors, hasSize(2));
AttributeAuthorityDescriptorType aaDescriptor = descriptors.get(1).getDescriptors().get(0).getAttribDescriptor();
assertThat(aaDescriptor, is(notNullValue()));
assertThat(aaDescriptor.getProtocolSupportEnumeration(), contains("urn:oasis:names:tc:SAML:2.0:protocol"));
// Key descriptor
List<KeyDescriptorType> keyDescriptors = aaDescriptor.getKeyDescriptor();
assertThat(keyDescriptors, hasSize(1));
KeyDescriptorType signingKey = keyDescriptors.get(0);
assertThat(signingKey.getUse(), is(KeyTypes.SIGNING));
assertThat(signingKey.getEncryptionMethod(), is(emptyCollectionOf(EncryptionMethodType.class)));
assertThat(signingKey.getKeyInfo().getElementsByTagName("ds:KeyName").item(0).getTextContent(), is("IdentityProvider.com AA Key"));
// Attribute service
assertThat(aaDescriptor.getAttributeService(), hasSize(1));
EndpointType attrServ = aaDescriptor.getAttributeService().get(0);
assertThat(attrServ.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:SOAP")));
assertThat(attrServ.getLocation(), is(URI.create("https://IdentityProvider.com/SAML/AA/SOAP")));
assertThat(attrServ.getResponseLocation(), is(nullValue()));
assertThat(attrServ.getAny(), is(emptyCollectionOf(Object.class)));
assertThat(attrServ.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
// AssertionIDRequestService
assertThat(aaDescriptor.getAssertionIDRequestService(), hasSize(1));
EndpointType assertIDRServ = aaDescriptor.getAssertionIDRequestService().get(0);
assertThat(assertIDRServ.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:URI")));
assertThat(assertIDRServ.getLocation(), is(URI.create("https://IdentityProvider.com/SAML/AA/URI")));
assertThat(assertIDRServ.getResponseLocation(), is(nullValue()));
assertThat(assertIDRServ.getAny(), is(emptyCollectionOf(Object.class)));
assertThat(assertIDRServ.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
// NameID
assertThat(aaDescriptor.getNameIDFormat(), containsInAnyOrder("urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName", "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"));
assertThat(aaDescriptor.getAttribute(), hasSize(2));
AttributeType attr1 = aaDescriptor.getAttribute().get(0);
assertThat(attr1.getNameFormat(), is("urn:oasis:names:tc:SAML:2.0:attrname-format:uri"));
assertThat(attr1.getName(), is("urn:oid:1.3.6.1.4.1.5923.1.1.1.6"));
assertThat(attr1.getFriendlyName(), is("eduPersonPrincipalName"));
assertThat(attr1.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
assertThat(attr1.getAttributeValue(), is(emptyCollectionOf(Object.class)));
AttributeType attr2 = aaDescriptor.getAttribute().get(1);
assertThat(attr2.getNameFormat(), is("urn:oasis:names:tc:SAML:2.0:attrname-format:uri"));
assertThat(attr2.getName(), is("urn:oid:1.3.6.1.4.1.5923.1.1.1.1"));
assertThat(attr2.getFriendlyName(), is("eduPersonAffiliation"));
assertThat(attr2.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
assertThat(attr2.getAttributeValue(), containsInAnyOrder((Object) "member", "student", "faculty", "employee", "staff"));
}
use of org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType in project keycloak by keycloak.
the class SAMLMetadataWriter method writeEntityDescriptor.
public void writeEntityDescriptor(EntityDescriptorType entityDescriptor) throws ProcessingException {
StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.ENTITY_DESCRIPTOR.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
StaxUtil.writeDefaultNameSpace(writer, JBossSAMLURIConstants.METADATA_NSURI.get());
StaxUtil.writeNameSpace(writer, "md", JBossSAMLURIConstants.METADATA_NSURI.get());
StaxUtil.writeNameSpace(writer, "saml", JBossSAMLURIConstants.ASSERTION_NSURI.get());
StaxUtil.writeNameSpace(writer, "ds", JBossSAMLURIConstants.XMLDSIG_NSURI.get());
StaxUtil.writeAttribute(writer, JBossSAMLConstants.ENTITY_ID.get(), entityDescriptor.getEntityID());
if (entityDescriptor.getValidUntil() != null) {
StaxUtil.writeAttribute(writer, JBossSAMLConstants.VALID_UNTIL.get(), entityDescriptor.getValidUntil().toString());
}
if (entityDescriptor.getID() != null) {
StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), entityDescriptor.getID());
}
Element signature = entityDescriptor.getSignature();
if (signature != null) {
StaxUtil.writeDOMElement(writer, signature);
}
ExtensionsType extensions = entityDescriptor.getExtensions();
if (extensions != null) {
write(extensions);
}
List<EntityDescriptorType.EDTChoiceType> choiceTypes = entityDescriptor.getChoiceType();
for (EntityDescriptorType.EDTChoiceType edtChoice : choiceTypes) {
AffiliationDescriptorType affliationDesc = edtChoice.getAffiliationDescriptor();
if (affliationDesc != null)
// TODO: affiliation
throw logger.notImplementedYet("affliation");
List<EntityDescriptorType.EDTDescriptorChoiceType> edtDescChoices = edtChoice.getDescriptors();
for (EntityDescriptorType.EDTDescriptorChoiceType edtDescChoice : edtDescChoices) {
RoleDescriptorType roleDesc = edtDescChoice.getRoleDescriptor();
if (roleDesc != null)
throw logger.notImplementedYet("Role Descriptor type");
IDPSSODescriptorType idpSSO = edtDescChoice.getIdpDescriptor();
if (idpSSO != null)
write(idpSSO);
SPSSODescriptorType spSSO = edtDescChoice.getSpDescriptor();
if (spSSO != null)
write(spSSO);
AttributeAuthorityDescriptorType attribAuth = edtDescChoice.getAttribDescriptor();
if (attribAuth != null)
writeAttributeAuthorityDescriptor(attribAuth);
AuthnAuthorityDescriptorType authNDesc = edtDescChoice.getAuthnDescriptor();
if (authNDesc != null)
throw logger.notImplementedYet("AuthnAuthorityDescriptorType");
PDPDescriptorType pdpDesc = edtDescChoice.getPdpDescriptor();
if (pdpDesc != null)
throw logger.notImplementedYet("PDPDescriptorType");
}
}
OrganizationType organization = entityDescriptor.getOrganization();
if (organization != null) {
writeOrganization(organization);
}
List<ContactType> contactPersons = entityDescriptor.getContactPerson();
for (ContactType contact : contactPersons) {
write(contact);
}
List<AdditionalMetadataLocationType> addl = entityDescriptor.getAdditionalMetadataLocation();
if (addl.size() > 0)
throw logger.notImplementedYet("AdditionalMetadataLocationType");
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
use of org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType in project keycloak by keycloak.
the class SAMLAttributeAuthorityDescriptorParser method instantiateElement.
@Override
protected AttributeAuthorityDescriptorType instantiateElement(XMLEventReader xmlEventReader, StartElement element) throws ParsingException {
List<String> protocolEnum = StaxParserUtil.getRequiredStringListAttributeValue(element, SAMLMetadataQNames.ATTR_PROTOCOL_SUPPORT_ENUMERATION);
AttributeAuthorityDescriptorType descriptor = new AttributeAuthorityDescriptorType(protocolEnum);
parseOptionalArguments(element, descriptor);
return descriptor;
}
use of org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType in project keycloak by keycloak.
the class SAMLMetadataWriter method writeAttributeAuthorityDescriptor.
public void writeAttributeAuthorityDescriptor(AttributeAuthorityDescriptorType attributeAuthority) throws ProcessingException {
StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.ATTRIBUTE_AUTHORITY_DESCRIPTOR.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
writeProtocolSupportEnumeration(attributeAuthority.getProtocolSupportEnumeration());
Element signature = attributeAuthority.getSignature();
if (signature != null) {
StaxUtil.writeDOMElement(writer, signature);
}
ExtensionsType extensions = attributeAuthority.getExtensions();
if (extensions != null) {
write(extensions);
}
List<KeyDescriptorType> keyDescriptorList = attributeAuthority.getKeyDescriptor();
for (KeyDescriptorType keyDescriptor : keyDescriptorList) {
writeKeyDescriptor(keyDescriptor);
}
List<EndpointType> attributeServices = attributeAuthority.getAttributeService();
for (EndpointType endpoint : attributeServices) {
writeAttributeService(endpoint);
}
List<String> nameIDFormats = attributeAuthority.getNameIDFormat();
for (String nameIDFormat : nameIDFormats) {
writeNameIDFormat(nameIDFormat);
}
List<AttributeType> attributes = attributeAuthority.getAttribute();
for (AttributeType attributeType : attributes) {
write(attributeType);
}
StaxUtil.writeEndElement(writer);
StaxUtil.flush(writer);
}
Aggregations