Examples with ArtifactResolveType org.keycloak.dom.saml.v2.protocol.ArtifactResolveType used on opensource projects

Example 6 with ArtifactResolveType

use of org.keycloak.dom.saml.v2.protocol.ArtifactResolveType in project keycloak by keycloak.

the class SamlDocumentStepBuilder method saml2Object2String.

public static String saml2Object2String(final SAML2Object transformed) {
    try {
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(bos);
        if (transformed instanceof AuthnRequestType) {
            new SAMLRequestWriter(xmlStreamWriter).write((AuthnRequestType) transformed);
        } else if (transformed instanceof LogoutRequestType) {
            new SAMLRequestWriter(xmlStreamWriter).write((LogoutRequestType) transformed);
        } else if (transformed instanceof ArtifactResolveType) {
            new SAMLRequestWriter(xmlStreamWriter).write((ArtifactResolveType) transformed);
        } else if (transformed instanceof AttributeQueryType) {
            new SAMLRequestWriter(xmlStreamWriter).write((AttributeQueryType) transformed);
        } else if (transformed instanceof ResponseType) {
            new SAMLResponseWriter(xmlStreamWriter).write((ResponseType) transformed);
        } else if (transformed instanceof ArtifactResponseType) {
            new SAMLResponseWriter(xmlStreamWriter).write((ArtifactResponseType) transformed);
        } else if (transformed instanceof StatusResponseType) {
            new SAMLResponseWriter(xmlStreamWriter).write((StatusResponseType) transformed, SAMLProtocolQNames.LOGOUT_RESPONSE.getQName("samlp"));
        } else {
            Assert.assertNotNull("Unknown type: <null>", transformed);
            Assert.fail("Unknown type: " + transformed.getClass().getName());
        }
        return new String(bos.toByteArray(), GeneralConstants.SAML_CHARSET);
    } catch (ProcessingException ex) {
        throw new RuntimeException(ex);
    }
}

Example 7 with ArtifactResolveType

use of org.keycloak.dom.saml.v2.protocol.ArtifactResolveType in project keycloak by keycloak.

the class SAMLArtifactResolveParser method instantiateElement.

/**
 * Parse the attributes at the authnrequesttype element
 *
 * @param startElement
 *
 * @return
 *
 * @throws ParsingException
 */
@Override
protected ArtifactResolveType instantiateElement(XMLEventReader xmlEventReader, StartElement startElement) throws ParsingException {
    SAMLParserUtil.validateAttributeValue(startElement, SAMLProtocolQNames.ATTR_VERSION, VERSION_2_0);
    String id = StaxParserUtil.getRequiredAttributeValue(startElement, SAMLProtocolQNames.ATTR_ID);
    XMLGregorianCalendar issueInstant = XMLTimeUtil.parse(StaxParserUtil.getRequiredAttributeValue(startElement, SAMLProtocolQNames.ATTR_ISSUE_INSTANT));
    ArtifactResolveType authnRequest = new ArtifactResolveType(id, issueInstant);
    super.parseBaseAttributes(startElement, authnRequest);
    return authnRequest;
}

Example 8 with ArtifactResolveType

use of org.keycloak.dom.saml.v2.protocol.ArtifactResolveType in project keycloak by keycloak.

the class HandleArtifactStepBuilder method perform.

/**
 * Main method. Can read a response with an artifact (redirect or post) and return a POSTed SOAP message containing
 * the ArtifactResolve message. The behaviour changes depending on what builder methods were called.
 *
 * @param client The current http client
 * @param currentURI the current uri
 * @param currentResponse the current response from the IdP
 * @param context the current http context
 * @return a POSTed SOAP message containing the ArtifactResolve message
 * @throws Exception
 */
@Override
public HttpUriRequest perform(CloseableHttpClient client, URI currentURI, CloseableHttpResponse currentResponse, HttpClientContext context) throws Exception {
    if (replayPost && replayPostMessage != null) {
        return replayPostMessage;
    }
    ArtifactResolveType artifactResolve = new ArtifactResolveType(id, XMLTimeUtil.getIssueInstant());
    NameIDType nameIDType = new NameIDType();
    nameIDType.setValue(issuer);
    artifactResolve.setIssuer(nameIDType);
    String artifact = getArtifactFromResponse(currentResponse);
    if (storeArtifact != null)
        storeArtifact.set(artifact);
    artifactResolve.setArtifact(artifact);
    ByteArrayOutputStream bos = new ByteArrayOutputStream();
    XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(bos);
    new SAMLRequestWriter(xmlStreamWriter).write(artifactResolve);
    Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(bos.toByteArray()));
    BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder();
    if (signingPrivateKeyPem != null && signingPublicKeyPem != null) {
        PrivateKey privateKey = org.keycloak.testsuite.util.KeyUtils.privateKeyFromString(signingPrivateKeyPem);
        PublicKey publicKey = org.keycloak.testsuite.util.KeyUtils.publicKeyFromString(signingPublicKeyPem);
        binding.signatureAlgorithm(SignatureAlgorithm.RSA_SHA256).signWith(KeyUtils.createKeyId(privateKey), privateKey, publicKey).signDocument(doc);
    }
    String documentAsString = DocumentUtil.getDocumentAsString(doc);
    String transformed = getTransformer().transform(documentAsString);
    if (transformed == null)
        return null;
    if (beforeStepChecker != null && beforeStepChecker instanceof SessionStateChecker) {
        SessionStateChecker sessionStateChecker = (SessionStateChecker) beforeStepChecker;
        sessionStateChecker.setUserSessionProvider(session -> session.getProvider(SamlArtifactSessionMappingStoreProvider.class).get(artifact).getUserSessionId());
        sessionStateChecker.setClientSessionProvider(session -> session.getProvider(SamlArtifactSessionMappingStoreProvider.class).get(artifact).getClientSessionId());
    }
    HttpPost post = Soap.createMessage().addToBody(DocumentUtil.getDocument(transformed)).buildHttpPost(authServerSamlUrl);
    replayPostMessage = post;
    return post;
}

Example 9 with ArtifactResolveType

use of org.keycloak.dom.saml.v2.protocol.ArtifactResolveType in project keycloak by keycloak.

the class ArtifactResolutionService method invoke.

/**
 * This is the method called when a message is received by the endpoint.
 * It gets the message, extracts the ArtifactResolve message from the SOAP, creates a SOAP message containing
 * an ArtifactResponse message with the configured SAML message, and returns it.
 * @param msg The SOAP message received by the endpoint, in Source format
 * @return A StreamSource containing the ArtifactResponse
 */
@Override
public Source invoke(Source msg) {
    byte[] response;
    try (StringWriter w = new StringWriter()) {
        Transformer trans = TransformerFactory.newInstance().newTransformer();
        trans.transform(msg, new StreamResult(w));
        String s = w.toString();
        Document doc = Soap.extractSoapMessage(new ByteArrayInputStream(s.getBytes(StandardCharsets.UTF_8)));
        SAMLDocumentHolder samlDoc = SAML2Request.getSAML2ObjectFromDocument(doc);
        if (samlDoc.getSamlObject() instanceof ArtifactResolveType) {
            lastArtifactResolve = (ArtifactResolveType) samlDoc.getSamlObject();
        } else {
            lastArtifactResolve = null;
        }
        Document artifactResponse = SamlProtocolUtils.convert(artifactResponseType);
        response = Soap.createMessage().addToBody(artifactResponse).getBytes();
    } catch (ProcessingException | ConfigurationException | TransformerException | ParsingException | IOException e) {
        throw new RuntimeException(e);
    }
    return new StreamSource(new ByteArrayInputStream(response));
}