Examples with EndpointType org.keycloak.dom.saml.v2.metadata.EndpointType used on opensource projects

Example 11 with EndpointType

use of org.keycloak.dom.saml.v2.metadata.EndpointType in project keycloak by keycloak.

the class EntityDescriptorDescriptionConverter method getLogoutLocation.

private static String getLogoutLocation(SPSSODescriptorType idp, String bindingURI) {
    String logoutResponseLocation = null;
    List<EndpointType> endpoints = idp.getSingleLogoutService();
    for (EndpointType endpoint : endpoints) {
        if (endpoint.getBinding().toString().equals(bindingURI)) {
            if (endpoint.getLocation() != null) {
                logoutResponseLocation = endpoint.getLocation().toString();
            } else {
                logoutResponseLocation = null;
            }
            break;
        }
    }
    return logoutResponseLocation;
}

Example 12 with EndpointType

use of org.keycloak.dom.saml.v2.metadata.EndpointType in project keycloak by keycloak.

the class SAMLParserTest method testSaml20MetadataEntityDescriptorIdP.

@Test
public void testSaml20MetadataEntityDescriptorIdP() throws Exception {
    EntityDescriptorType entityDescriptor = assertParsed("saml20-entity-descriptor-idp.xml", EntityDescriptorType.class);
    List<EntityDescriptorType.EDTChoiceType> descriptors = entityDescriptor.getChoiceType();
    assertThat(descriptors, hasSize(2));
    // IDPSSO descriptor
    IDPSSODescriptorType idpDescriptor = descriptors.get(0).getDescriptors().get(0).getIdpDescriptor();
    assertThat(idpDescriptor, is(notNullValue()));
    assertThat(idpDescriptor.isWantAuthnRequestsSigned(), is(true));
    assertThat(idpDescriptor.getProtocolSupportEnumeration(), contains("urn:oasis:names:tc:SAML:2.0:protocol"));
    // Key descriptor
    List<KeyDescriptorType> keyDescriptors = idpDescriptor.getKeyDescriptor();
    assertThat(keyDescriptors, hasSize(1));
    KeyDescriptorType signingKey = keyDescriptors.get(0);
    assertThat(signingKey.getUse(), is(KeyTypes.SIGNING));
    assertThat(signingKey.getEncryptionMethod(), is(emptyCollectionOf(EncryptionMethodType.class)));
    assertThat(signingKey.getKeyInfo().getElementsByTagName("ds:KeyName").item(0).getTextContent(), is("IdentityProvider.com SSO Key"));
    // Single logout services
    assertThat(idpDescriptor.getSingleLogoutService(), hasSize(2));
    EndpointType singleLS1 = idpDescriptor.getSingleLogoutService().get(0);
    assertThat(singleLS1.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:SOAP")));
    assertThat(singleLS1.getLocation(), is(URI.create("https://IdentityProvider.com/SAML/SLO/SOAP")));
    assertThat(singleLS1.getResponseLocation(), is(nullValue()));
    assertThat(singleLS1.getAny(), is(emptyCollectionOf(Object.class)));
    assertThat(singleLS1.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
    EndpointType singleLS2 = idpDescriptor.getSingleLogoutService().get(1);
    assertThat(singleLS2.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect")));
    assertThat(singleLS2.getLocation(), is(URI.create("https://IdentityProvider.com/SAML/SLO/Browser")));
    assertThat(singleLS2.getResponseLocation(), is(URI.create("https://IdentityProvider.com/SAML/SLO/Response")));
    assertThat(singleLS2.getAny(), is(emptyCollectionOf(Object.class)));
    assertThat(singleLS2.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
    // NameID
    assertThat(idpDescriptor.getNameIDFormat(), containsInAnyOrder("urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName", "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"));
    // Single sign on services
    assertThat(idpDescriptor.getSingleSignOnService(), hasSize(2));
    EndpointType singleSO1 = idpDescriptor.getSingleSignOnService().get(0);
    assertThat(singleSO1.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect")));
    assertThat(singleSO1.getLocation(), is(URI.create("https://IdentityProvider.com/SAML/SSO/Browser")));
    assertThat(singleSO1.getResponseLocation(), is(nullValue()));
    assertThat(singleSO1.getAny(), is(emptyCollectionOf(Object.class)));
    assertThat(singleSO1.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
    EndpointType singleSO2 = idpDescriptor.getSingleSignOnService().get(1);
    assertThat(singleSO2.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST")));
    assertThat(singleSO2.getLocation(), is(URI.create("https://IdentityProvider.com/SAML/SSO/Browser")));
    assertThat(singleSO2.getResponseLocation(), is(nullValue()));
    assertThat(singleSO2.getAny(), is(emptyCollectionOf(Object.class)));
    assertThat(singleSO2.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
    // Attributes
    assertThat(idpDescriptor.getAttribute(), hasSize(2));
    AttributeType attr1 = idpDescriptor.getAttribute().get(0);
    assertThat(attr1.getNameFormat(), is("urn:oasis:names:tc:SAML:2.0:attrname-format:uri"));
    assertThat(attr1.getName(), is("urn:oid:1.3.6.1.4.1.5923.1.1.1.6"));
    assertThat(attr1.getFriendlyName(), is("eduPersonPrincipalName"));
    assertThat(attr1.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
    assertThat(attr1.getAttributeValue(), is(emptyCollectionOf(Object.class)));
    AttributeType attr2 = idpDescriptor.getAttribute().get(1);
    assertThat(attr2.getNameFormat(), is("urn:oasis:names:tc:SAML:2.0:attrname-format:uri"));
    assertThat(attr2.getName(), is("urn:oid:1.3.6.1.4.1.5923.1.1.1.1"));
    assertThat(attr2.getFriendlyName(), is("eduPersonAffiliation"));
    assertThat(attr2.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
    assertThat(attr2.getAttributeValue(), containsInAnyOrder((Object) "member", "student", "faculty", "employee", "staff"));
    // Organization
    assertThat(entityDescriptor.getOrganization().getOrganizationName(), hasSize(1));
    LocalizedNameType orgName = entityDescriptor.getOrganization().getOrganizationName().get(0);
    assertThat(orgName.getLang(), is("en"));
    assertThat(orgName.getValue(), is("Identity Providers R\n            US"));
    assertThat(entityDescriptor.getOrganization().getOrganizationDisplayName(), hasSize(1));
    LocalizedNameType orgDispName = entityDescriptor.getOrganization().getOrganizationDisplayName().get(0);
    assertThat(orgDispName.getLang(), is("en"));
    assertThat(orgDispName.getValue(), is("Identity Providers R US, a Division of Lerxst Corp."));
    assertThat(entityDescriptor.getOrganization().getOrganizationURL(), hasSize(1));
    LocalizedURIType orgURL = entityDescriptor.getOrganization().getOrganizationURL().get(0);
    assertThat(orgURL.getLang(), is("en"));
    assertThat(orgURL.getValue(), is(URI.create("https://IdentityProvider.com")));
}

Example 13 with EndpointType

use of org.keycloak.dom.saml.v2.metadata.EndpointType in project keycloak by keycloak.

the class SAMLMetadataWriter method writeAttributeAuthorityDescriptor.

public void writeAttributeAuthorityDescriptor(AttributeAuthorityDescriptorType attributeAuthority) throws ProcessingException {
    StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.ATTRIBUTE_AUTHORITY_DESCRIPTOR.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
    writeProtocolSupportEnumeration(attributeAuthority.getProtocolSupportEnumeration());
    Element signature = attributeAuthority.getSignature();
    if (signature != null) {
        StaxUtil.writeDOMElement(writer, signature);
    }
    ExtensionsType extensions = attributeAuthority.getExtensions();
    if (extensions != null) {
        write(extensions);
    }
    List<KeyDescriptorType> keyDescriptorList = attributeAuthority.getKeyDescriptor();
    for (KeyDescriptorType keyDescriptor : keyDescriptorList) {
        writeKeyDescriptor(keyDescriptor);
    }
    List<EndpointType> attributeServices = attributeAuthority.getAttributeService();
    for (EndpointType endpoint : attributeServices) {
        writeAttributeService(endpoint);
    }
    List<String> nameIDFormats = attributeAuthority.getNameIDFormat();
    for (String nameIDFormat : nameIDFormats) {
        writeNameIDFormat(nameIDFormat);
    }
    List<AttributeType> attributes = attributeAuthority.getAttribute();
    for (AttributeType attributeType : attributes) {
        write(attributeType);
    }
    StaxUtil.writeEndElement(writer);
    StaxUtil.flush(writer);
}

Example 14 with EndpointType

use of org.keycloak.dom.saml.v2.metadata.EndpointType in project keycloak by keycloak.

the class SAMLMetadataWriter method write.

public void write(SPSSODescriptorType spSSODescriptor) throws ProcessingException {
    StaxUtil.writeStartElement(writer, METADATA_PREFIX, JBossSAMLConstants.SP_SSO_DESCRIPTOR.get(), JBossSAMLURIConstants.METADATA_NSURI.get());
    writeProtocolSupportEnumeration(spSSODescriptor.getProtocolSupportEnumeration());
    // Write the attributes
    Boolean authnSigned = spSSODescriptor.isAuthnRequestsSigned();
    if (authnSigned != null) {
        StaxUtil.writeAttribute(writer, new QName(JBossSAMLConstants.AUTHN_REQUESTS_SIGNED.get()), authnSigned.toString());
    }
    Boolean wantAssertionsSigned = spSSODescriptor.isWantAssertionsSigned();
    if (wantAssertionsSigned != null) {
        StaxUtil.writeAttribute(writer, new QName(JBossSAMLConstants.WANT_ASSERTIONS_SIGNED.get()), wantAssertionsSigned.toString());
    }
    // Get the key descriptors
    List<KeyDescriptorType> keyDescriptors = spSSODescriptor.getKeyDescriptor();
    for (KeyDescriptorType keyDescriptor : keyDescriptors) {
        writeKeyDescriptor(keyDescriptor);
    }
    List<EndpointType> sloServices = spSSODescriptor.getSingleLogoutService();
    for (EndpointType endpoint : sloServices) {
        writeSingleLogoutService(endpoint);
    }
    List<IndexedEndpointType> artifactResolutions = spSSODescriptor.getArtifactResolutionService();
    for (IndexedEndpointType artifactResolution : artifactResolutions) {
        writeArtifactResolutionService(artifactResolution);
    }
    List<String> nameIDFormats = spSSODescriptor.getNameIDFormat();
    for (String nameIDFormat : nameIDFormats) {
        writeNameIDFormat(nameIDFormat);
    }
    List<IndexedEndpointType> assertionConsumers = spSSODescriptor.getAssertionConsumerService();
    for (IndexedEndpointType assertionConsumer : assertionConsumers) {
        writeAssertionConsumerService(assertionConsumer);
    }
    List<AttributeConsumingServiceType> attributeConsumers = spSSODescriptor.getAttributeConsumingService();
    for (AttributeConsumingServiceType attributeConsumer : attributeConsumers) {
        writeAttributeConsumingService(attributeConsumer);
    }
    StaxUtil.writeEndElement(writer);
    StaxUtil.flush(writer);
}

Example 15 with EndpointType

use of org.keycloak.dom.saml.v2.metadata.EndpointType in project keycloak by keycloak.

the class SAMLParserTest method testSaml20MetadataEntityDescriptorPDP.

@Test
public void testSaml20MetadataEntityDescriptorPDP() throws Exception {
    EntityDescriptorType descriptor = assertParsed("saml20-entity-descriptor-pdp.xml", EntityDescriptorType.class);
    assertThat(descriptor.getChoiceType(), Matchers.<EntityDescriptorType.EDTChoiceType>hasSize(1));
    assertThat(descriptor.getChoiceType().get(0).getDescriptors().get(0).getPdpDescriptor(), is(notNullValue()));
    PDPDescriptorType pdpDescriptor = descriptor.getChoiceType().get(0).getDescriptors().get(0).getPdpDescriptor();
    assertThat(pdpDescriptor.getKeyDescriptor(), Matchers.<KeyDescriptorType>hasSize(1));
    KeyDescriptorType keyDescriptorType = pdpDescriptor.getKeyDescriptor().get(0);
    assertThat(keyDescriptorType.getEncryptionMethod(), Matchers.<EncryptionMethodType>hasSize(1));
    EncryptionMethodType encryptionMethodType = keyDescriptorType.getEncryptionMethod().get(0);
    assertThat(encryptionMethodType.getAlgorithm(), is("http://www.example.com/"));
    EncryptionMethodType.EncryptionMethod encryptionMethod = encryptionMethodType.getEncryptionMethod();
    assertThat(encryptionMethod.getKeySize(), is(BigInteger.ONE));
    assertThat(encryptionMethod.getOAEPparams(), is("GpM7".getBytes()));
    // EndpointType parser already tested so we are not checking further
    assertThat(pdpDescriptor.getAuthzService(), Matchers.<EndpointType>hasSize(1));
    assertThat(pdpDescriptor.getAssertionIDRequestService(), Matchers.<EndpointType>hasSize(1));
}