Search in sources :

Example 1 with RTChoiceType

use of org.keycloak.dom.saml.v2.protocol.ResponseType.RTChoiceType in project keycloak by keycloak.

the class SAMLResponseParser method processSubElement.

@Override
protected void processSubElement(XMLEventReader xmlEventReader, ResponseType target, SAMLProtocolQNames element, StartElement elementDetail) throws ParsingException {
    switch(element) {
        case ISSUER:
            target.setIssuer(SAMLParserUtil.parseNameIDType(xmlEventReader));
            break;
        case SIGNATURE:
            Element sig = StaxParserUtil.getDOMElement(xmlEventReader);
            target.setSignature(sig);
            break;
        case ASSERTION:
            target.addAssertion(new RTChoiceType(SAMLAssertionParser.getInstance().parse(xmlEventReader)));
            break;
        case EXTENSIONS:
            target.setExtensions(SAMLExtensionsParser.getInstance().parse(xmlEventReader));
            break;
        case STATUS:
            target.setStatus(SAMLStatusParser.getInstance().parse(xmlEventReader));
            break;
        case ENCRYPTED_ASSERTION:
            target.addAssertion(new RTChoiceType(SAMLEncryptedAssertionParser.getInstance().parse(xmlEventReader)));
            break;
        default:
            throw LOGGER.parserUnknownTag(StaxParserUtil.getElementName(elementDetail), elementDetail.getLocation());
    }
}
Also used : RTChoiceType(org.keycloak.dom.saml.v2.protocol.ResponseType.RTChoiceType) Element(org.w3c.dom.Element) StartElement(javax.xml.stream.events.StartElement)

Example 2 with RTChoiceType

use of org.keycloak.dom.saml.v2.protocol.ResponseType.RTChoiceType in project keycloak by keycloak.

the class JBossSAMLAuthnResponseFactory method createResponseType.

/**
 * Create a Response Type
 *
 * @param ID
 * @param issuerInfo
 * @param encryptedAssertion a DOM {@link Element} that represents an encrypted assertion
 *
 * @return
 *
 * @throws ConfigurationException
 */
public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo, Element encryptedAssertion) {
    ResponseType responseType = new ResponseType(ID, XMLTimeUtil.getIssueInstant());
    // Issuer
    NameIDType issuer = issuerInfo.getIssuer();
    responseType.setIssuer(issuer);
    // Status
    String statusCode = issuerInfo.getStatusCode();
    if (statusCode == null)
        throw logger.issuerInfoMissingStatusCodeError();
    responseType.setStatus(createStatusType(statusCode));
    responseType.addAssertion(new RTChoiceType(new EncryptedAssertionType(encryptedAssertion)));
    return responseType;
}
Also used : RTChoiceType(org.keycloak.dom.saml.v2.protocol.ResponseType.RTChoiceType) EncryptedAssertionType(org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType) NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)

Example 3 with RTChoiceType

use of org.keycloak.dom.saml.v2.protocol.ResponseType.RTChoiceType in project keycloak by keycloak.

the class JBossSAMLAuthnResponseFactory method createResponseType.

/**
 * Create a Response Type
 *
 * @param ID
 * @param issuerInfo
 * @param assertionType
 *
 * @return
 *
 * @throws ConfigurationException
 */
public static ResponseType createResponseType(String ID, IssuerInfoHolder issuerInfo, AssertionType assertionType) {
    XMLGregorianCalendar issueInstant = XMLTimeUtil.getIssueInstant();
    ResponseType responseType = new ResponseType(ID, issueInstant);
    // Issuer
    NameIDType issuer = issuerInfo.getIssuer();
    responseType.setIssuer(issuer);
    // Status
    String statusCode = issuerInfo.getStatusCode();
    if (statusCode == null)
        throw logger.issuerInfoMissingStatusCodeError();
    responseType.setStatus(createStatusType(statusCode));
    responseType.addAssertion(new RTChoiceType(assertionType));
    return responseType;
}
Also used : XMLGregorianCalendar(javax.xml.datatype.XMLGregorianCalendar) RTChoiceType(org.keycloak.dom.saml.v2.protocol.ResponseType.RTChoiceType) NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)

Example 4 with RTChoiceType

use of org.keycloak.dom.saml.v2.protocol.ResponseType.RTChoiceType in project keycloak by keycloak.

the class AssertionUtil method getAssertion.

public static AssertionType getAssertion(SAMLDocumentHolder holder, ResponseType responseType, PrivateKey privateKey) throws ParsingException, ProcessingException, ConfigurationException {
    List<ResponseType.RTChoiceType> assertions = responseType.getAssertions();
    if (assertions.isEmpty()) {
        throw new ProcessingException("No assertion from response.");
    }
    ResponseType.RTChoiceType rtChoiceType = assertions.get(0);
    EncryptedAssertionType encryptedAssertion = rtChoiceType.getEncryptedAssertion();
    if (encryptedAssertion != null) {
        if (privateKey == null) {
            throw new ProcessingException("Encryptd assertion and decrypt private key is null");
        }
        decryptAssertion(holder, responseType, privateKey);
    }
    return responseType.getAssertions().get(0).getAssertion();
}
Also used : EncryptedAssertionType(org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType) ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)

Example 5 with RTChoiceType

use of org.keycloak.dom.saml.v2.protocol.ResponseType.RTChoiceType in project keycloak by keycloak.

the class SAMLParserTest method testSaml20EncryptedAssertionWithNewlines.

@Test
public void testSaml20EncryptedAssertionWithNewlines() throws Exception {
    SAMLDocumentHolder holder = assertParsed("KEYCLOAK-4489-encrypted-assertion-with-newlines.xml", SAMLDocumentHolder.class);
    assertThat(holder.getSamlObject(), instanceOf(ResponseType.class));
    ResponseType resp = (ResponseType) holder.getSamlObject();
    assertThat(resp.getAssertions().size(), is(1));
    ResponseType.RTChoiceType rtChoiceType = resp.getAssertions().get(0);
    assertNull(rtChoiceType.getAssertion());
    assertNotNull(rtChoiceType.getEncryptedAssertion());
    PrivateKey privateKey = DerUtils.decodePrivateKey(Base64.decode(PRIVATE_KEY));
    AssertionUtil.decryptAssertion(holder, resp, privateKey);
    rtChoiceType = resp.getAssertions().get(0);
    assertNotNull(rtChoiceType.getAssertion());
    assertNull(rtChoiceType.getEncryptedAssertion());
}
Also used : SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) PrivateKey(java.security.PrivateKey) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType) Test(org.junit.Test)

Aggregations

ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)4 RTChoiceType (org.keycloak.dom.saml.v2.protocol.ResponseType.RTChoiceType)3 EncryptedAssertionType (org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType)2 NameIDType (org.keycloak.dom.saml.v2.assertion.NameIDType)2 PrivateKey (java.security.PrivateKey)1 XMLGregorianCalendar (javax.xml.datatype.XMLGregorianCalendar)1 StartElement (javax.xml.stream.events.StartElement)1 Test (org.junit.Test)1 StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)1 ProcessingException (org.keycloak.saml.common.exceptions.ProcessingException)1 SAMLDocumentHolder (org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)1 Element (org.w3c.dom.Element)1