Example 6 with ResponseType
use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.
the class SAMLParserTest method testSaml20EncryptedAssertionsSignedReceivedWithRedirectBinding.
@Test
public void testSaml20EncryptedAssertionsSignedReceivedWithRedirectBinding() throws Exception {
ResponseType resp = assertParsed("saml20-encrypted-signed-redirect-response.xml", ResponseType.class);
assertThat(resp.getSignature(), nullValue());
assertThat(resp.getConsent(), nullValue());
assertThat(resp.getIssuer(), not(nullValue()));
assertThat(resp.getIssuer().getValue(), is("http://localhost:8081/auth/realms/saml-demo"));
assertThat(resp.getIssuer().getFormat(), is(JBossSAMLURIConstants.NAMEID_FORMAT_ENTITY.getUri()));
assertThat(resp.getExtensions(), not(nullValue()));
assertThat(resp.getExtensions().getAny().size(), is(1));
assertThat(resp.getExtensions().getAny().get(0), instanceOf(Element.class));
Element el = (Element) resp.getExtensions().getAny().get(0);
assertThat(el.getLocalName(), is("KeyInfo"));
assertThat(el.getNamespaceURI(), is("urn:keycloak:ext:key:1.0"));
assertThat(el.hasAttribute("MessageSigningKeyId"), is(true));
assertThat(el.getAttribute("MessageSigningKeyId"), is("FJ86GcF3jTbNLOco4NvZkUCIUmfYCqoqtOQeMfbhNlE"));
assertThat(resp.getAssertions(), not(nullValue()));
assertThat(resp.getAssertions().size(), is(1));
final EncryptedAssertionType ea = resp.getAssertions().get(0).getEncryptedAssertion();
assertThat(ea, notNullValue());
assertThat(ea.getEncryptedElement(), notNullValue());
assertThat(ea.getEncryptedElement().getLocalName(), is("EncryptedAssertion"));
}
Also used :
Element(org.w3c.dom.Element)
EncryptedAssertionType(org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType)
Test(org.junit.Test)
Example 7 with ResponseType
use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.
the class SamlProtocolUtilsTest method testBuildArtifactResponse.
@Test
public void testBuildArtifactResponse() throws ConfigurationException, ProcessingException, ParsingException {
ResponseType response = new SAML2LoginResponseBuilder().requestID(IDGenerator.create("ID_")).destination("http://localhost:8180/auth/realms/demo/broker/saml-broker/endpoint").issuer("http://saml.idp/saml").assertionExpiration(1000000).subjectExpiration(1000000).requestIssuer("http://localhost:8180/auth/realms/demo").nameIdentifier(JBossSAMLURIConstants.NAMEID_FORMAT_EMAIL.get(), "a@b.c").authMethod(JBossSAMLURIConstants.AC_UNSPECIFIED.get()).sessionIndex("idp:" + UUID.randomUUID()).buildModel();
ByteArrayOutputStream bos = new ByteArrayOutputStream();
SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(bos));
writer.write(response);
Document responseDoc = DocumentUtil.getDocument(new ByteArrayInputStream(bos.toByteArray()));
ArtifactResponseType artifactResponseType = SamlProtocolUtils.buildArtifactResponse(responseDoc);
Document doc = SamlProtocolUtils.convert(artifactResponseType);
String artifactResponse = DocumentUtil.asString(doc);
assertThat(artifactResponse, containsString("samlp:ArtifactResponse"));
assertThat(artifactResponse, containsString("samlp:Response"));
assertThat(artifactResponse, containsString("saml:Assertion"));
assertThat(artifactResponse.indexOf("samlp:ArtifactResponse"), lessThan(artifactResponse.indexOf("samlp:Response")));
assertThat(artifactResponse.indexOf("samlp:Response"), lessThan(artifactResponse.indexOf("saml:Assertion")));
assertThat(artifactResponse.split("\\Q<saml:Issuer>http://saml.idp/saml</saml:Issuer>\\E").length, is(4));
assertThat(artifactResponse.split("\\Q<samlp:StatusCode Value=\"urn:oasis:names:tc:SAML:2.0:status:Success\"/>\\E").length, is(3));
}
Also used :
SAMLResponseWriter(org.keycloak.saml.processing.core.saml.v2.writers.SAMLResponseWriter)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Matchers.containsString(org.hamcrest.Matchers.containsString)
SAML2LoginResponseBuilder(org.keycloak.saml.SAML2LoginResponseBuilder)
Document(org.w3c.dom.Document)
ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
Test(org.junit.Test)
Example 8 with ResponseType
use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.
the class SAMLDataMarshallerTest method testSerializeWithNamespaceInSignatureElement.
@Test
public void testSerializeWithNamespaceInSignatureElement() throws Exception {
SAMLParser parser = SAMLParser.getInstance();
try (InputStream st = SAMLDataMarshallerTest.class.getResourceAsStream("saml-response-ds-ns-in-signature.xml")) {
Object parsedObject = parser.parse(st);
assertThat(parsedObject, instanceOf(ResponseType.class));
ResponseType response = (ResponseType) parsedObject;
SAMLDataMarshaller serializer = new SAMLDataMarshaller();
String serialized = serializer.serialize(response.getAssertions().get(0).getAssertion());
AssertionType deserialized = serializer.deserialize(serialized, AssertionType.class);
assertThat(deserialized, CoreMatchers.notNullValue());
assertThat(deserialized.getID(), CoreMatchers.is("id-4r-Xj702KQsM0gJyu3Fqpuwfe-LvDrEcQZpxKrhC"));
}
}
Also used :
InputStream(java.io.InputStream)
SAMLParser(org.keycloak.saml.processing.core.parsers.saml.SAMLParser)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
SAMLDataMarshaller(org.keycloak.broker.saml.SAMLDataMarshaller)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
Test(org.junit.Test)
Example 9 with ResponseType
use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.
the class SAML2Response method getResponseType.
/**
* Read a ResponseType from an input stream
*
* @param is
*
* @return
*
* @throws ParsingException
* @throws ConfigurationException
*/
public ResponseType getResponseType(InputStream is) throws ParsingException, ConfigurationException, ProcessingException {
if (is == null)
throw logger.nullArgumentError("InputStream");
Document samlResponseDocument = DocumentUtil.getDocument(is);
SAMLParser samlParser = SAMLParser.getInstance();
JAXPValidationUtil.checkSchemaValidation(samlResponseDocument);
ResponseType responseType = (ResponseType) samlParser.parse(samlResponseDocument);
samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument);
return responseType;
}
Also used :
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
SAMLParser(org.keycloak.saml.processing.core.parsers.saml.SAMLParser)
Document(org.w3c.dom.Document)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType)
Example 10 with ResponseType
use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.
the class SAML2Response method convert.
/**
* Convert a SAML2 Response into a Document
*
* @param responseType
*
* @return
*
* @throws ParsingException
* @throws ConfigurationException
* @throws ProcessingException
*/
public Document convert(StatusResponseType responseType) throws ProcessingException, ConfigurationException, ParsingException {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
SAMLResponseWriter writer = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(bos));
if (responseType instanceof ResponseType) {
ResponseType response = (ResponseType) responseType;
writer.write(response);
} else {
writer.write(responseType, new QName(PROTOCOL_NSURI.get(), JBossSAMLConstants.LOGOUT_RESPONSE.get(), "samlp"));
}
return DocumentUtil.getDocument(new ByteArrayInputStream(bos.toByteArray()));
}
Also used :
SAMLResponseWriter(org.keycloak.saml.processing.core.saml.v2.writers.SAMLResponseWriter)
ByteArrayInputStream(java.io.ByteArrayInputStream)
QName(javax.xml.namespace.QName)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType)
Aggregations
ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)75
Test (org.junit.Test)50
SamlClientBuilder (org.keycloak.testsuite.util.SamlClientBuilder)38
SAMLDocumentHolder (org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)34
StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)33
AssertionType (org.keycloak.dom.saml.v2.assertion.AssertionType)26
NameIDType (org.keycloak.dom.saml.v2.assertion.NameIDType)25
JBossSAMLURIConstants (org.keycloak.saml.common.constants.JBossSAMLURIConstants)16
Document (org.w3c.dom.Document)15
URI (java.net.URI)13
List (java.util.List)12
Matchers.containsString (org.hamcrest.Matchers.containsString)12
Assert.assertThat (org.junit.Assert.assertThat)12
AttributeStatementType (org.keycloak.dom.saml.v2.assertion.AttributeStatementType)12
AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)12
StatementAbstractType (org.keycloak.dom.saml.v2.assertion.StatementAbstractType)12
ProcessingException (org.keycloak.saml.common.exceptions.ProcessingException)12
IOException (java.io.IOException)11
Response (javax.ws.rs.core.Response)11
Matchers (org.keycloak.testsuite.util.Matchers)11
