Search in sources :

Example 1 with AttributeAuthorityDescriptorType

use of org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType in project keycloak by keycloak.

the class SAMLParserTest method testSAML20MetadataEntityDescriptorAttrA.

@Test
public void testSAML20MetadataEntityDescriptorAttrA() throws Exception {
    EntityDescriptorType entityDescriptor = assertParsed("saml20-entity-descriptor-idp.xml", EntityDescriptorType.class);
    List<EntityDescriptorType.EDTChoiceType> descriptors = entityDescriptor.getChoiceType();
    assertThat(descriptors, hasSize(2));
    AttributeAuthorityDescriptorType aaDescriptor = descriptors.get(1).getDescriptors().get(0).getAttribDescriptor();
    assertThat(aaDescriptor, is(notNullValue()));
    assertThat(aaDescriptor.getProtocolSupportEnumeration(), contains("urn:oasis:names:tc:SAML:2.0:protocol"));
    // Key descriptor
    List<KeyDescriptorType> keyDescriptors = aaDescriptor.getKeyDescriptor();
    assertThat(keyDescriptors, hasSize(1));
    KeyDescriptorType signingKey = keyDescriptors.get(0);
    assertThat(signingKey.getUse(), is(KeyTypes.SIGNING));
    assertThat(signingKey.getEncryptionMethod(), is(emptyCollectionOf(EncryptionMethodType.class)));
    assertThat(signingKey.getKeyInfo().getElementsByTagName("ds:KeyName").item(0).getTextContent(), is("IdentityProvider.com AA Key"));
    // Attribute service
    assertThat(aaDescriptor.getAttributeService(), hasSize(1));
    EndpointType attrServ = aaDescriptor.getAttributeService().get(0);
    assertThat(attrServ.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:SOAP")));
    assertThat(attrServ.getLocation(), is(URI.create("https://IdentityProvider.com/SAML/AA/SOAP")));
    assertThat(attrServ.getResponseLocation(), is(nullValue()));
    assertThat(attrServ.getAny(), is(emptyCollectionOf(Object.class)));
    assertThat(attrServ.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
    // AssertionIDRequestService
    assertThat(aaDescriptor.getAssertionIDRequestService(), hasSize(1));
    EndpointType assertIDRServ = aaDescriptor.getAssertionIDRequestService().get(0);
    assertThat(assertIDRServ.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:URI")));
    assertThat(assertIDRServ.getLocation(), is(URI.create("https://IdentityProvider.com/SAML/AA/URI")));
    assertThat(assertIDRServ.getResponseLocation(), is(nullValue()));
    assertThat(assertIDRServ.getAny(), is(emptyCollectionOf(Object.class)));
    assertThat(assertIDRServ.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
    // NameID
    assertThat(aaDescriptor.getNameIDFormat(), containsInAnyOrder("urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName", "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"));
    assertThat(aaDescriptor.getAttribute(), hasSize(2));
    AttributeType attr1 = aaDescriptor.getAttribute().get(0);
    assertThat(attr1.getNameFormat(), is("urn:oasis:names:tc:SAML:2.0:attrname-format:uri"));
    assertThat(attr1.getName(), is("urn:oid:1.3.6.1.4.1.5923.1.1.1.6"));
    assertThat(attr1.getFriendlyName(), is("eduPersonPrincipalName"));
    assertThat(attr1.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
    assertThat(attr1.getAttributeValue(), is(emptyCollectionOf(Object.class)));
    AttributeType attr2 = aaDescriptor.getAttribute().get(1);
    assertThat(attr2.getNameFormat(), is("urn:oasis:names:tc:SAML:2.0:attrname-format:uri"));
    assertThat(attr2.getName(), is("urn:oid:1.3.6.1.4.1.5923.1.1.1.1"));
    assertThat(attr2.getFriendlyName(), is("eduPersonAffiliation"));
    assertThat(attr2.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
    assertThat(attr2.getAttributeValue(), containsInAnyOrder((Object) "member", "student", "faculty", "employee", "staff"));
}
Also used : QName(javax.xml.namespace.QName) RequestedAttributeType(org.keycloak.dom.saml.v2.metadata.RequestedAttributeType) AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) AttributeAuthorityDescriptorType(org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType) EndpointType(org.keycloak.dom.saml.v2.metadata.EndpointType) IndexedEndpointType(org.keycloak.dom.saml.v2.metadata.IndexedEndpointType) SAML2Object(org.keycloak.dom.saml.v2.SAML2Object) EntityDescriptorType(org.keycloak.dom.saml.v2.metadata.EntityDescriptorType) Matchers.containsString(org.hamcrest.Matchers.containsString) KeyDescriptorType(org.keycloak.dom.saml.v2.metadata.KeyDescriptorType) Test(org.junit.Test)

Example 2 with AttributeAuthorityDescriptorType

use of org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType in project keycloak by keycloak.

the class SAMLMetadataWriter method writeEntityDescriptor.

public void writeEntityDescriptor(EntityDescriptorType entityDescriptor) throws ProcessingException {
    StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.ENTITY_DESCRIPTOR.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
    StaxUtil.writeDefaultNameSpace(writer, JBossSAMLURIConstants.METADATA_NSURI.get());
    StaxUtil.writeNameSpace(writer, "md", JBossSAMLURIConstants.METADATA_NSURI.get());
    StaxUtil.writeNameSpace(writer, "saml", JBossSAMLURIConstants.ASSERTION_NSURI.get());
    StaxUtil.writeNameSpace(writer, "ds", JBossSAMLURIConstants.XMLDSIG_NSURI.get());
    StaxUtil.writeAttribute(writer, JBossSAMLConstants.ENTITY_ID.get(), entityDescriptor.getEntityID());
    if (entityDescriptor.getValidUntil() != null) {
        StaxUtil.writeAttribute(writer, JBossSAMLConstants.VALID_UNTIL.get(), entityDescriptor.getValidUntil().toString());
    }
    if (entityDescriptor.getID() != null) {
        StaxUtil.writeAttribute(writer, JBossSAMLConstants.ID.get(), entityDescriptor.getID());
    }
    Element signature = entityDescriptor.getSignature();
    if (signature != null) {
        StaxUtil.writeDOMElement(writer, signature);
    }
    ExtensionsType extensions = entityDescriptor.getExtensions();
    if (extensions != null) {
        write(extensions);
    }
    List<EntityDescriptorType.EDTChoiceType> choiceTypes = entityDescriptor.getChoiceType();
    for (EntityDescriptorType.EDTChoiceType edtChoice : choiceTypes) {
        AffiliationDescriptorType affliationDesc = edtChoice.getAffiliationDescriptor();
        if (affliationDesc != null)
            // TODO: affiliation
            throw logger.notImplementedYet("affliation");
        List<EntityDescriptorType.EDTDescriptorChoiceType> edtDescChoices = edtChoice.getDescriptors();
        for (EntityDescriptorType.EDTDescriptorChoiceType edtDescChoice : edtDescChoices) {
            RoleDescriptorType roleDesc = edtDescChoice.getRoleDescriptor();
            if (roleDesc != null)
                throw logger.notImplementedYet("Role Descriptor type");
            IDPSSODescriptorType idpSSO = edtDescChoice.getIdpDescriptor();
            if (idpSSO != null)
                write(idpSSO);
            SPSSODescriptorType spSSO = edtDescChoice.getSpDescriptor();
            if (spSSO != null)
                write(spSSO);
            AttributeAuthorityDescriptorType attribAuth = edtDescChoice.getAttribDescriptor();
            if (attribAuth != null)
                writeAttributeAuthorityDescriptor(attribAuth);
            AuthnAuthorityDescriptorType authNDesc = edtDescChoice.getAuthnDescriptor();
            if (authNDesc != null)
                throw logger.notImplementedYet("AuthnAuthorityDescriptorType");
            PDPDescriptorType pdpDesc = edtDescChoice.getPdpDescriptor();
            if (pdpDesc != null)
                throw logger.notImplementedYet("PDPDescriptorType");
        }
    }
    OrganizationType organization = entityDescriptor.getOrganization();
    if (organization != null) {
        writeOrganization(organization);
    }
    List<ContactType> contactPersons = entityDescriptor.getContactPerson();
    for (ContactType contact : contactPersons) {
        write(contact);
    }
    List<AdditionalMetadataLocationType> addl = entityDescriptor.getAdditionalMetadataLocation();
    if (addl.size() > 0)
        throw logger.notImplementedYet("AdditionalMetadataLocationType");
    StaxUtil.writeEndElement(writer);
    StaxUtil.flush(writer);
}
Also used : AuthnAuthorityDescriptorType(org.keycloak.dom.saml.v2.metadata.AuthnAuthorityDescriptorType) IDPSSODescriptorType(org.keycloak.dom.saml.v2.metadata.IDPSSODescriptorType) ContactType(org.keycloak.dom.saml.v2.metadata.ContactType) Element(org.w3c.dom.Element) AffiliationDescriptorType(org.keycloak.dom.saml.v2.metadata.AffiliationDescriptorType) OrganizationType(org.keycloak.dom.saml.v2.metadata.OrganizationType) SPSSODescriptorType(org.keycloak.dom.saml.v2.metadata.SPSSODescriptorType) RoleDescriptorType(org.keycloak.dom.saml.v2.metadata.RoleDescriptorType) PDPDescriptorType(org.keycloak.dom.saml.v2.metadata.PDPDescriptorType) ExtensionsType(org.keycloak.dom.saml.v2.metadata.ExtensionsType) AttributeAuthorityDescriptorType(org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType) AdditionalMetadataLocationType(org.keycloak.dom.saml.v2.metadata.AdditionalMetadataLocationType) EntityDescriptorType(org.keycloak.dom.saml.v2.metadata.EntityDescriptorType)

Example 3 with AttributeAuthorityDescriptorType

use of org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType in project keycloak by keycloak.

the class SAMLAttributeAuthorityDescriptorParser method instantiateElement.

@Override
protected AttributeAuthorityDescriptorType instantiateElement(XMLEventReader xmlEventReader, StartElement element) throws ParsingException {
    List<String> protocolEnum = StaxParserUtil.getRequiredStringListAttributeValue(element, SAMLMetadataQNames.ATTR_PROTOCOL_SUPPORT_ENUMERATION);
    AttributeAuthorityDescriptorType descriptor = new AttributeAuthorityDescriptorType(protocolEnum);
    parseOptionalArguments(element, descriptor);
    return descriptor;
}
Also used : AttributeAuthorityDescriptorType(org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType)

Example 4 with AttributeAuthorityDescriptorType

use of org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType in project keycloak by keycloak.

the class SAMLMetadataWriter method writeAttributeAuthorityDescriptor.

public void writeAttributeAuthorityDescriptor(AttributeAuthorityDescriptorType attributeAuthority) throws ProcessingException {
    StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.ATTRIBUTE_AUTHORITY_DESCRIPTOR.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
    writeProtocolSupportEnumeration(attributeAuthority.getProtocolSupportEnumeration());
    Element signature = attributeAuthority.getSignature();
    if (signature != null) {
        StaxUtil.writeDOMElement(writer, signature);
    }
    ExtensionsType extensions = attributeAuthority.getExtensions();
    if (extensions != null) {
        write(extensions);
    }
    List<KeyDescriptorType> keyDescriptorList = attributeAuthority.getKeyDescriptor();
    for (KeyDescriptorType keyDescriptor : keyDescriptorList) {
        writeKeyDescriptor(keyDescriptor);
    }
    List<EndpointType> attributeServices = attributeAuthority.getAttributeService();
    for (EndpointType endpoint : attributeServices) {
        writeAttributeService(endpoint);
    }
    List<String> nameIDFormats = attributeAuthority.getNameIDFormat();
    for (String nameIDFormat : nameIDFormats) {
        writeNameIDFormat(nameIDFormat);
    }
    List<AttributeType> attributes = attributeAuthority.getAttribute();
    for (AttributeType attributeType : attributes) {
        write(attributeType);
    }
    StaxUtil.writeEndElement(writer);
    StaxUtil.flush(writer);
}
Also used : AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType) RequestedAttributeType(org.keycloak.dom.saml.v2.metadata.RequestedAttributeType) Element(org.w3c.dom.Element) ExtensionsType(org.keycloak.dom.saml.v2.metadata.ExtensionsType) EndpointType(org.keycloak.dom.saml.v2.metadata.EndpointType) IndexedEndpointType(org.keycloak.dom.saml.v2.metadata.IndexedEndpointType) KeyDescriptorType(org.keycloak.dom.saml.v2.metadata.KeyDescriptorType)

Aggregations

AttributeAuthorityDescriptorType (org.keycloak.dom.saml.v2.metadata.AttributeAuthorityDescriptorType)3 AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)2 EndpointType (org.keycloak.dom.saml.v2.metadata.EndpointType)2 EntityDescriptorType (org.keycloak.dom.saml.v2.metadata.EntityDescriptorType)2 ExtensionsType (org.keycloak.dom.saml.v2.metadata.ExtensionsType)2 IndexedEndpointType (org.keycloak.dom.saml.v2.metadata.IndexedEndpointType)2 KeyDescriptorType (org.keycloak.dom.saml.v2.metadata.KeyDescriptorType)2 RequestedAttributeType (org.keycloak.dom.saml.v2.metadata.RequestedAttributeType)2 Element (org.w3c.dom.Element)2 QName (javax.xml.namespace.QName)1 Matchers.containsString (org.hamcrest.Matchers.containsString)1 Test (org.junit.Test)1 SAML2Object (org.keycloak.dom.saml.v2.SAML2Object)1 AdditionalMetadataLocationType (org.keycloak.dom.saml.v2.metadata.AdditionalMetadataLocationType)1 AffiliationDescriptorType (org.keycloak.dom.saml.v2.metadata.AffiliationDescriptorType)1 AuthnAuthorityDescriptorType (org.keycloak.dom.saml.v2.metadata.AuthnAuthorityDescriptorType)1 ContactType (org.keycloak.dom.saml.v2.metadata.ContactType)1 IDPSSODescriptorType (org.keycloak.dom.saml.v2.metadata.IDPSSODescriptorType)1 OrganizationType (org.keycloak.dom.saml.v2.metadata.OrganizationType)1 PDPDescriptorType (org.keycloak.dom.saml.v2.metadata.PDPDescriptorType)1