Examples with ResponseType org.keycloak.dom.saml.v2.protocol.ResponseType used on opensource projects

Example 31 with ResponseType

use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.

the class ArtifactBindingWithResolutionServiceTest method testReceiveArtifactLoginFullWithRedirect.

@Test
public void testReceiveArtifactLoginFullWithRedirect() throws ParsingException, ConfigurationException, ProcessingException, InterruptedException {
    getCleanup().addCleanup(ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_SALES_POST).setAttribute(SamlProtocol.SAML_ARTIFACT_RESOLUTION_SERVICE_URL_ATTRIBUTE, "http://127.0.0.1:8082/").update());
    AuthnRequestType loginReq = SamlClient.createLoginRequestDocument(SAML_CLIENT_ID_SALES_POST, AbstractSamlTest.SAML_ASSERTION_CONSUMER_URL_SALES_POST, null);
    loginReq.setProtocolBinding(JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.getUri());
    Document doc = SAML2Request.convert(loginReq);
    SamlClientBuilder builder = new SamlClientBuilder();
    CreateArtifactMessageStepBuilder camb = new CreateArtifactMessageStepBuilder(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SamlClient.Binding.REDIRECT, builder);
    ArtifactResolutionService ars = new ArtifactResolutionService("http://127.0.0.1:8082/").setResponseDocument(doc);
    Thread arsThread = new Thread(ars);
    try {
        arsThread.start();
        synchronized (ars) {
            ars.wait();
            SAMLDocumentHolder response = builder.artifactMessage(camb).build().login().user(bburkeUser).build().getSamlResponse(REDIRECT);
            assertThat(response.getSamlObject(), instanceOf(ResponseType.class));
            ResponseType rt = (ResponseType) response.getSamlObject();
            assertThat(rt.getAssertions(), not(empty()));
            assertThat(ars.getLastArtifactResolve(), notNullValue());
            assertThat(camb.getLastArtifact(), is(ars.getLastArtifactResolve().getArtifact()));
        }
    } finally {
        ars.stop();
        arsThread.join();
    }
}

Example 32 with ResponseType

use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.

the class AuthnRequestNameIdFormatTest method testLoginWithNameIdPolicy.

private void testLoginWithNameIdPolicy(Binding requestBinding, Binding responseBinding, NameIDPolicyType nameIDPolicy, Matcher<String> nameIdMatcher) throws Exception {
    SAMLDocumentHolder res = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, requestBinding).transformObject(so -> {
        so.setProtocolBinding(requestBinding.getBindingUri());
        so.setNameIDPolicy(nameIDPolicy);
        return so;
    }).build().login().user(bburkeUser).build().getSamlResponse(responseBinding);
    assertThat(res.getSamlObject(), notNullValue());
    assertThat(res.getSamlObject(), instanceOf(ResponseType.class));
    ResponseType rt = (ResponseType) res.getSamlObject();
    assertThat(rt.getAssertions(), not(empty()));
    assertThat(rt.getAssertions().get(0).getAssertion().getSubject().getSubType().getBaseID(), instanceOf(NameIDType.class));
    NameIDType nameId = (NameIDType) rt.getAssertions().get(0).getAssertion().getSubject().getSubType().getBaseID();
    assertThat(nameId.getValue(), nameIdMatcher);
}

Example 33 with ResponseType

use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.

the class IncludeOneTimeUseConditionTest method testOneTimeUseConditionIncluded.

private void testOneTimeUseConditionIncluded(Boolean oneTimeUseConditionShouldBeIncluded) throws IOException {
    try (Closeable c = ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_SALES_POST).setAttribute(SamlConfigAttributes.SAML_ONETIMEUSE_CONDITION, oneTimeUseConditionShouldBeIncluded.toString()).update()) {
        SAMLDocumentHolder res = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, Binding.POST).build().login().user(bburkeUser).build().getSamlResponse(Binding.POST);
        assertThat(res.getSamlObject(), notNullValue());
        assertThat(res.getSamlObject(), instanceOf(ResponseType.class));
        ResponseType rt = (ResponseType) res.getSamlObject();
        assertThat(rt.getAssertions(), not(empty()));
        final ConditionsType conditionsType = rt.getAssertions().get(0).getAssertion().getConditions();
        assertThat(conditionsType, notNullValue());
        assertThat(conditionsType.getConditions(), not(empty()));
        final List<ConditionAbstractType> conditions = conditionsType.getConditions();
        final Collection<ConditionAbstractType> oneTimeUseConditions = Collections2.filter(conditions, input -> input instanceof OneTimeUseType);
        final boolean oneTimeUseConditionAdded = !oneTimeUseConditions.isEmpty();
        assertThat(oneTimeUseConditionAdded, is(oneTimeUseConditionShouldBeIncluded));
    }
}

Example 34 with ResponseType

use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.

the class SOAPBindingTest method soapBindingAuthnWithSignatureTest.

@Test
public void soapBindingAuthnWithSignatureTest() {
    SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_ECP_SP, SAML_ASSERTION_CONSUMER_URL_ECP_SP, SOAP).signWith(SAML_CLIENT_SALES_POST_SIG_PRIVATE_KEY, SAML_CLIENT_SALES_POST_SIG_PUBLIC_KEY).basicAuthentication(bburkeUser).build().executeAndTransform(SOAP::extractResponse);
    assertThat(response.getSamlObject(), instanceOf(ResponseType.class));
    ResponseType rt = (ResponseType) response.getSamlObject();
    assertThat(rt.getAssertions(), not(empty()));
}

Example 35 with ResponseType

use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.

the class SOAPBindingTest method soapBindingAuthnWithoutSignatureTest.

@Test
public void soapBindingAuthnWithoutSignatureTest() {
    getCleanup().addCleanup(ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_ECP_SP).setAttribute(SamlConfigAttributes.SAML_SERVER_SIGNATURE, "false").setAttribute(SamlConfigAttributes.SAML_CLIENT_SIGNATURE_ATTRIBUTE, "false").update());
    SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_ECP_SP, SAML_ASSERTION_CONSUMER_URL_ECP_SP, SOAP).basicAuthentication(bburkeUser).build().executeAndTransform(SOAP::extractResponse);
    assertThat(response.getSamlObject(), instanceOf(ResponseType.class));
    ResponseType rt = (ResponseType) response.getSamlObject();
    assertThat(rt.getAssertions(), not(empty()));
}