Search in sources :

Example 31 with ResponseType

use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.

the class ArtifactBindingWithResolutionServiceTest method testReceiveArtifactLoginFullWithRedirect.

@Test
public void testReceiveArtifactLoginFullWithRedirect() throws ParsingException, ConfigurationException, ProcessingException, InterruptedException {
    getCleanup().addCleanup(ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_SALES_POST).setAttribute(SamlProtocol.SAML_ARTIFACT_RESOLUTION_SERVICE_URL_ATTRIBUTE, "http://127.0.0.1:8082/").update());
    AuthnRequestType loginReq = SamlClient.createLoginRequestDocument(SAML_CLIENT_ID_SALES_POST, AbstractSamlTest.SAML_ASSERTION_CONSUMER_URL_SALES_POST, null);
    loginReq.setProtocolBinding(JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.getUri());
    Document doc = SAML2Request.convert(loginReq);
    SamlClientBuilder builder = new SamlClientBuilder();
    CreateArtifactMessageStepBuilder camb = new CreateArtifactMessageStepBuilder(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SamlClient.Binding.REDIRECT, builder);
    ArtifactResolutionService ars = new ArtifactResolutionService("http://127.0.0.1:8082/").setResponseDocument(doc);
    Thread arsThread = new Thread(ars);
    try {
        arsThread.start();
        synchronized (ars) {
            ars.wait();
            SAMLDocumentHolder response = builder.artifactMessage(camb).build().login().user(bburkeUser).build().getSamlResponse(REDIRECT);
            assertThat(response.getSamlObject(), instanceOf(ResponseType.class));
            ResponseType rt = (ResponseType) response.getSamlObject();
            assertThat(rt.getAssertions(), not(empty()));
            assertThat(ars.getLastArtifactResolve(), notNullValue());
            assertThat(camb.getLastArtifact(), is(ars.getLastArtifactResolve().getArtifact()));
        }
    } finally {
        ars.stop();
        arsThread.join();
    }
}
Also used : SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) ArtifactResolutionService(org.keycloak.testsuite.util.ArtifactResolutionService) Document(org.w3c.dom.Document) CreateArtifactMessageStepBuilder(org.keycloak.testsuite.util.saml.CreateArtifactMessageStepBuilder) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType) Test(org.junit.Test)

Example 32 with ResponseType

use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.

the class AuthnRequestNameIdFormatTest method testLoginWithNameIdPolicy.

private void testLoginWithNameIdPolicy(Binding requestBinding, Binding responseBinding, NameIDPolicyType nameIDPolicy, Matcher<String> nameIdMatcher) throws Exception {
    SAMLDocumentHolder res = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, requestBinding).transformObject(so -> {
        so.setProtocolBinding(requestBinding.getBindingUri());
        so.setNameIDPolicy(nameIDPolicy);
        return so;
    }).build().login().user(bburkeUser).build().getSamlResponse(responseBinding);
    assertThat(res.getSamlObject(), notNullValue());
    assertThat(res.getSamlObject(), instanceOf(ResponseType.class));
    ResponseType rt = (ResponseType) res.getSamlObject();
    assertThat(rt.getAssertions(), not(empty()));
    assertThat(rt.getAssertions().get(0).getAssertion().getSubject().getSubType().getBaseID(), instanceOf(NameIDType.class));
    NameIDType nameId = (NameIDType) rt.getAssertions().get(0).getAssertion().getSubject().getSubType().getBaseID();
    assertThat(nameId.getValue(), nameIdMatcher);
}
Also used : JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants) Matchers(org.hamcrest.Matchers) Test(org.junit.Test) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) SamlConfigAttributes(org.keycloak.protocol.saml.SamlConfigAttributes) NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Assert.assertThat(org.junit.Assert.assertThat) List(java.util.List) ClientsResource(org.keycloak.admin.client.resource.ClientsResource) Matcher(org.hamcrest.Matcher) SamlClient(org.keycloak.testsuite.util.SamlClient) NameIDPolicyType(org.keycloak.dom.saml.v2.protocol.NameIDPolicyType) ClientResource(org.keycloak.admin.client.resource.ClientResource) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)

Example 33 with ResponseType

use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.

the class IncludeOneTimeUseConditionTest method testOneTimeUseConditionIncluded.

private void testOneTimeUseConditionIncluded(Boolean oneTimeUseConditionShouldBeIncluded) throws IOException {
    try (Closeable c = ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_SALES_POST).setAttribute(SamlConfigAttributes.SAML_ONETIMEUSE_CONDITION, oneTimeUseConditionShouldBeIncluded.toString()).update()) {
        SAMLDocumentHolder res = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, Binding.POST).build().login().user(bburkeUser).build().getSamlResponse(Binding.POST);
        assertThat(res.getSamlObject(), notNullValue());
        assertThat(res.getSamlObject(), instanceOf(ResponseType.class));
        ResponseType rt = (ResponseType) res.getSamlObject();
        assertThat(rt.getAssertions(), not(empty()));
        final ConditionsType conditionsType = rt.getAssertions().get(0).getAssertion().getConditions();
        assertThat(conditionsType, notNullValue());
        assertThat(conditionsType.getConditions(), not(empty()));
        final List<ConditionAbstractType> conditions = conditionsType.getConditions();
        final Collection<ConditionAbstractType> oneTimeUseConditions = Collections2.filter(conditions, input -> input instanceof OneTimeUseType);
        final boolean oneTimeUseConditionAdded = !oneTimeUseConditions.isEmpty();
        assertThat(oneTimeUseConditionAdded, is(oneTimeUseConditionShouldBeIncluded));
    }
}
Also used : OneTimeUseType(org.keycloak.dom.saml.v2.assertion.OneTimeUseType) ConditionAbstractType(org.keycloak.dom.saml.v2.assertion.ConditionAbstractType) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) Closeable(java.io.Closeable) ConditionsType(org.keycloak.dom.saml.v2.assertion.ConditionsType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)

Example 34 with ResponseType

use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.

the class SOAPBindingTest method soapBindingAuthnWithSignatureTest.

@Test
public void soapBindingAuthnWithSignatureTest() {
    SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_ECP_SP, SAML_ASSERTION_CONSUMER_URL_ECP_SP, SOAP).signWith(SAML_CLIENT_SALES_POST_SIG_PRIVATE_KEY, SAML_CLIENT_SALES_POST_SIG_PUBLIC_KEY).basicAuthentication(bburkeUser).build().executeAndTransform(SOAP::extractResponse);
    assertThat(response.getSamlObject(), instanceOf(ResponseType.class));
    ResponseType rt = (ResponseType) response.getSamlObject();
    assertThat(rt.getAssertions(), not(empty()));
}
Also used : SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) SOAP(org.keycloak.testsuite.util.SamlClient.Binding.SOAP) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType) Test(org.junit.Test)

Example 35 with ResponseType

use of org.keycloak.dom.saml.v2.protocol.ResponseType in project keycloak by keycloak.

the class SOAPBindingTest method soapBindingAuthnWithoutSignatureTest.

@Test
public void soapBindingAuthnWithoutSignatureTest() {
    getCleanup().addCleanup(ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_ECP_SP).setAttribute(SamlConfigAttributes.SAML_SERVER_SIGNATURE, "false").setAttribute(SamlConfigAttributes.SAML_CLIENT_SIGNATURE_ATTRIBUTE, "false").update());
    SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_ECP_SP, SAML_ASSERTION_CONSUMER_URL_ECP_SP, SOAP).basicAuthentication(bburkeUser).build().executeAndTransform(SOAP::extractResponse);
    assertThat(response.getSamlObject(), instanceOf(ResponseType.class));
    ResponseType rt = (ResponseType) response.getSamlObject();
    assertThat(rt.getAssertions(), not(empty()));
}
Also used : SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) SOAP(org.keycloak.testsuite.util.SamlClient.Binding.SOAP) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType) Test(org.junit.Test)

Aggregations

ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)75 Test (org.junit.Test)50 SamlClientBuilder (org.keycloak.testsuite.util.SamlClientBuilder)38 SAMLDocumentHolder (org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)34 StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)33 AssertionType (org.keycloak.dom.saml.v2.assertion.AssertionType)26 NameIDType (org.keycloak.dom.saml.v2.assertion.NameIDType)25 JBossSAMLURIConstants (org.keycloak.saml.common.constants.JBossSAMLURIConstants)16 Document (org.w3c.dom.Document)15 URI (java.net.URI)13 List (java.util.List)12 Matchers.containsString (org.hamcrest.Matchers.containsString)12 Assert.assertThat (org.junit.Assert.assertThat)12 AttributeStatementType (org.keycloak.dom.saml.v2.assertion.AttributeStatementType)12 AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)12 StatementAbstractType (org.keycloak.dom.saml.v2.assertion.StatementAbstractType)12 ProcessingException (org.keycloak.saml.common.exceptions.ProcessingException)12 IOException (java.io.IOException)11 Response (javax.ws.rs.core.Response)11 Matchers (org.keycloak.testsuite.util.Matchers)11