Example 1 with AuthnRequestType
use of org.keycloak.dom.saml.v2.protocol.AuthnRequestType in project keycloak by keycloak.
the class SAMLServletAdapterTest method employeeAcsTest.
@Test
public void employeeAcsTest() {
SAMLDocumentHolder samlResponse = new SamlClientBuilder().navigateTo(employeeAcsServletPage.buildUri()).getSamlResponse(Binding.POST);
Assert.assertThat(samlResponse.getSamlObject(), instanceOf(AuthnRequestType.class));
Assert.assertThat(((AuthnRequestType) samlResponse.getSamlObject()).getAssertionConsumerServiceURL(), notNullValue());
Assert.assertThat(((AuthnRequestType) samlResponse.getSamlObject()).getAssertionConsumerServiceURL().getPath(), is("/employee-acs/a/different/endpoint/for/saml"));
assertSuccessfulLogin(employeeAcsServletPage, bburkeUser, testRealmSAMLPostLoginPage, "principal=bburke");
}
Also used :
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
AbstractSamlTest(org.keycloak.testsuite.saml.AbstractSamlTest)
Test(org.junit.Test)
Example 2 with AuthnRequestType
use of org.keycloak.dom.saml.v2.protocol.AuthnRequestType in project keycloak by keycloak.
the class SAMLParserTest method testAuthnRequestInvalidPerXsdWithValidationEnabled.
@Test
public void testAuthnRequestInvalidPerXsdWithValidationEnabled() throws Exception {
try {
thrown.expect(ProcessingException.class);
System.setProperty("picketlink.schema.validate", "true");
AuthnRequestType req = assertParsed("saml20-authnrequest-invalid-per-xsd.xml", AuthnRequestType.class);
} finally {
System.clearProperty("picketlink.schema.validate");
}
}
Also used :
AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType)
Test(org.junit.Test)
Example 3 with AuthnRequestType
use of org.keycloak.dom.saml.v2.protocol.AuthnRequestType in project keycloak by keycloak.
the class SAMLAuthNRequestParserTest method testSaml20AttributeQuery.
@Test(timeout = 2000)
public void testSaml20AttributeQuery() throws Exception {
try (InputStream is = SAMLAuthNRequestParserTest.class.getResourceAsStream("saml20-authnrequest.xml")) {
Object parsedObject = parser.parse(is);
assertThat(parsedObject, instanceOf(AuthnRequestType.class));
AuthnRequestType req = (AuthnRequestType) parsedObject;
assertThat(req.getSignature(), nullValue());
assertThat(req.getConsent(), nullValue());
assertThat(req.getIssuer(), not(nullValue()));
assertThat(req.getIssuer().getValue(), is("https://sp/"));
assertThat(req.getNameIDPolicy().getFormat().toString(), is("urn:oasis:names:tc:SAML:2.0:nameid-format:transient"));
}
}
Also used :
AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType)
InputStream(java.io.InputStream)
Test(org.junit.Test)
Example 4 with AuthnRequestType
use of org.keycloak.dom.saml.v2.protocol.AuthnRequestType in project keycloak by keycloak.
the class SAML2Request method convert.
/**
* Return the DOM object
*
* @param rat
*
* @return
*
* @throws ProcessingException
* @throws ParsingException
* @throws ConfigurationException
*/
public static Document convert(RequestAbstractType rat) throws ProcessingException, ConfigurationException, ParsingException {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
SAMLRequestWriter writer = new SAMLRequestWriter(StaxUtil.getXMLStreamWriter(bos));
if (rat instanceof AuthnRequestType) {
writer.write((AuthnRequestType) rat);
} else if (rat instanceof LogoutRequestType) {
writer.write((LogoutRequestType) rat);
}
return DocumentUtil.getDocument(new String(bos.toByteArray(), GeneralConstants.SAML_CHARSET));
}
Also used :
AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType)
SAMLRequestWriter(org.keycloak.saml.processing.core.saml.v2.writers.SAMLRequestWriter)
LogoutRequestType(org.keycloak.dom.saml.v2.protocol.LogoutRequestType)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Example 5 with AuthnRequestType
use of org.keycloak.dom.saml.v2.protocol.AuthnRequestType in project keycloak by keycloak.
the class SAMLAuthNRequestParser method instantiateElement.
/**
* Parse the attributes at the authnrequesttype element
*
* @param startElement
*
* @return
*
* @throws ParsingException
*/
@Override
protected AuthnRequestType instantiateElement(XMLEventReader xmlEventReader, StartElement startElement) throws ParsingException {
SAMLParserUtil.validateAttributeValue(startElement, SAMLProtocolQNames.ATTR_VERSION, VERSION_2_0);
String id = StaxParserUtil.getRequiredAttributeValue(startElement, SAMLProtocolQNames.ATTR_ID);
XMLGregorianCalendar issueInstant = XMLTimeUtil.parse(StaxParserUtil.getRequiredAttributeValue(startElement, SAMLProtocolQNames.ATTR_ISSUE_INSTANT));
AuthnRequestType authnRequest = new AuthnRequestType(id, issueInstant);
super.parseBaseAttributes(startElement, authnRequest);
authnRequest.setAssertionConsumerServiceURL(StaxParserUtil.getUriAttributeValue(startElement, SAMLProtocolQNames.ATTR_ASSERTION_CONSUMER_SERVICE_URL));
authnRequest.setAssertionConsumerServiceIndex(StaxParserUtil.getIntegerAttributeValue(startElement, SAMLProtocolQNames.ATTR_ASSERTION_CONSUMER_SERVICE_INDEX));
authnRequest.setAttributeConsumingServiceIndex(StaxParserUtil.getIntegerAttributeValue(startElement, SAMLProtocolQNames.ATTR_ATTRIBUTE_CONSUMING_SERVICE_INDEX));
authnRequest.setForceAuthn(StaxParserUtil.getBooleanAttributeValue(startElement, SAMLProtocolQNames.ATTR_FORCE_AUTHN));
authnRequest.setIsPassive(StaxParserUtil.getBooleanAttributeValue(startElement, SAMLProtocolQNames.ATTR_IS_PASSIVE));
authnRequest.setProtocolBinding(StaxParserUtil.getUriAttributeValue(startElement, SAMLProtocolQNames.ATTR_PROTOCOL_BINDING));
authnRequest.setProviderName(StaxParserUtil.getAttributeValue(startElement, SAMLProtocolQNames.ATTR_PROVIDER_NAME));
return authnRequest;
}
Also used :
XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar)
AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType)
Aggregations
AuthnRequestType (org.keycloak.dom.saml.v2.protocol.AuthnRequestType)56
Test (org.junit.Test)41
Document (org.w3c.dom.Document)36
SamlClientBuilder (org.keycloak.testsuite.util.SamlClientBuilder)30
AbstractSamlTest (org.keycloak.testsuite.saml.AbstractSamlTest)21
Element (org.w3c.dom.Element)16
Closeable (java.io.Closeable)13
SAMLDocumentHolder (org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)13
IdentityProviderAttributeUpdater (org.keycloak.testsuite.updaters.IdentityProviderAttributeUpdater)13
ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)10
ConfigurationException (org.keycloak.saml.common.exceptions.ConfigurationException)8
HttpUriRequest (org.apache.http.client.methods.HttpUriRequest)7
StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)7
ProcessingException (org.keycloak.saml.common.exceptions.ProcessingException)7
CloseableHttpResponse (org.apache.http.client.methods.CloseableHttpResponse)6
CloseableHttpClient (org.apache.http.impl.client.CloseableHttpClient)6
Matchers.containsString (org.hamcrest.Matchers.containsString)5
NameIDType (org.keycloak.dom.saml.v2.assertion.NameIDType)5
SAML2Request (org.keycloak.saml.processing.api.saml.v2.request.SAML2Request)4
URI (java.net.URI)3
