use of org.keycloak.dom.saml.v2.protocol.AuthnRequestType in project keycloak by keycloak.
the class SAMLServletAdapterTest method employeeAcsTest.
@Test
public void employeeAcsTest() {
SAMLDocumentHolder samlResponse = new SamlClientBuilder().navigateTo(employeeAcsServletPage.buildUri()).getSamlResponse(Binding.POST);
Assert.assertThat(samlResponse.getSamlObject(), instanceOf(AuthnRequestType.class));
Assert.assertThat(((AuthnRequestType) samlResponse.getSamlObject()).getAssertionConsumerServiceURL(), notNullValue());
Assert.assertThat(((AuthnRequestType) samlResponse.getSamlObject()).getAssertionConsumerServiceURL().getPath(), is("/employee-acs/a/different/endpoint/for/saml"));
assertSuccessfulLogin(employeeAcsServletPage, bburkeUser, testRealmSAMLPostLoginPage, "principal=bburke");
}
use of org.keycloak.dom.saml.v2.protocol.AuthnRequestType in project keycloak by keycloak.
the class SAMLParserTest method testAuthnRequestInvalidPerXsdWithValidationEnabled.
@Test
public void testAuthnRequestInvalidPerXsdWithValidationEnabled() throws Exception {
try {
thrown.expect(ProcessingException.class);
System.setProperty("picketlink.schema.validate", "true");
AuthnRequestType req = assertParsed("saml20-authnrequest-invalid-per-xsd.xml", AuthnRequestType.class);
} finally {
System.clearProperty("picketlink.schema.validate");
}
}
use of org.keycloak.dom.saml.v2.protocol.AuthnRequestType in project keycloak by keycloak.
the class SAMLAuthNRequestParserTest method testSaml20AttributeQuery.
@Test(timeout = 2000)
public void testSaml20AttributeQuery() throws Exception {
try (InputStream is = SAMLAuthNRequestParserTest.class.getResourceAsStream("saml20-authnrequest.xml")) {
Object parsedObject = parser.parse(is);
assertThat(parsedObject, instanceOf(AuthnRequestType.class));
AuthnRequestType req = (AuthnRequestType) parsedObject;
assertThat(req.getSignature(), nullValue());
assertThat(req.getConsent(), nullValue());
assertThat(req.getIssuer(), not(nullValue()));
assertThat(req.getIssuer().getValue(), is("https://sp/"));
assertThat(req.getNameIDPolicy().getFormat().toString(), is("urn:oasis:names:tc:SAML:2.0:nameid-format:transient"));
}
}
use of org.keycloak.dom.saml.v2.protocol.AuthnRequestType in project keycloak by keycloak.
the class SAML2Request method convert.
/**
* Return the DOM object
*
* @param rat
*
* @return
*
* @throws ProcessingException
* @throws ParsingException
* @throws ConfigurationException
*/
public static Document convert(RequestAbstractType rat) throws ProcessingException, ConfigurationException, ParsingException {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
SAMLRequestWriter writer = new SAMLRequestWriter(StaxUtil.getXMLStreamWriter(bos));
if (rat instanceof AuthnRequestType) {
writer.write((AuthnRequestType) rat);
} else if (rat instanceof LogoutRequestType) {
writer.write((LogoutRequestType) rat);
}
return DocumentUtil.getDocument(new String(bos.toByteArray(), GeneralConstants.SAML_CHARSET));
}
use of org.keycloak.dom.saml.v2.protocol.AuthnRequestType in project keycloak by keycloak.
the class SAMLAuthNRequestParser method instantiateElement.
/**
* Parse the attributes at the authnrequesttype element
*
* @param startElement
*
* @return
*
* @throws ParsingException
*/
@Override
protected AuthnRequestType instantiateElement(XMLEventReader xmlEventReader, StartElement startElement) throws ParsingException {
SAMLParserUtil.validateAttributeValue(startElement, SAMLProtocolQNames.ATTR_VERSION, VERSION_2_0);
String id = StaxParserUtil.getRequiredAttributeValue(startElement, SAMLProtocolQNames.ATTR_ID);
XMLGregorianCalendar issueInstant = XMLTimeUtil.parse(StaxParserUtil.getRequiredAttributeValue(startElement, SAMLProtocolQNames.ATTR_ISSUE_INSTANT));
AuthnRequestType authnRequest = new AuthnRequestType(id, issueInstant);
super.parseBaseAttributes(startElement, authnRequest);
authnRequest.setAssertionConsumerServiceURL(StaxParserUtil.getUriAttributeValue(startElement, SAMLProtocolQNames.ATTR_ASSERTION_CONSUMER_SERVICE_URL));
authnRequest.setAssertionConsumerServiceIndex(StaxParserUtil.getIntegerAttributeValue(startElement, SAMLProtocolQNames.ATTR_ASSERTION_CONSUMER_SERVICE_INDEX));
authnRequest.setAttributeConsumingServiceIndex(StaxParserUtil.getIntegerAttributeValue(startElement, SAMLProtocolQNames.ATTR_ATTRIBUTE_CONSUMING_SERVICE_INDEX));
authnRequest.setForceAuthn(StaxParserUtil.getBooleanAttributeValue(startElement, SAMLProtocolQNames.ATTR_FORCE_AUTHN));
authnRequest.setIsPassive(StaxParserUtil.getBooleanAttributeValue(startElement, SAMLProtocolQNames.ATTR_IS_PASSIVE));
authnRequest.setProtocolBinding(StaxParserUtil.getUriAttributeValue(startElement, SAMLProtocolQNames.ATTR_PROTOCOL_BINDING));
authnRequest.setProviderName(StaxParserUtil.getAttributeValue(startElement, SAMLProtocolQNames.ATTR_PROVIDER_NAME));
return authnRequest;
}
Aggregations