Examples with StatusCodeType org.keycloak.dom.saml.v2.protocol.StatusCodeType used on opensource projects

Example 6 with StatusCodeType

use of org.keycloak.dom.saml.v2.protocol.StatusCodeType in project keycloak by keycloak.

the class JBossSAMLAuthnResponseFactory method createStatusType.

/**
 * Create a StatusType given the status code uri
 *
 * @param statusCodeURI
 *
 * @return
 */
public static StatusType createStatusType(String statusCodeURI) {
    StatusCodeType sct = new StatusCodeType();
    sct.setValue(URI.create(statusCodeURI));
    StatusType statusType = new StatusType();
    statusType.setStatusCode(sct);
    return statusType;
}

Example 7 with StatusCodeType

use of org.keycloak.dom.saml.v2.protocol.StatusCodeType in project keycloak by keycloak.

the class SAMLServletAdapterTest method testInvalidCredentialsEcpFlow.

@Test
public void testInvalidCredentialsEcpFlow() throws Exception {
    Response authnRequestResponse = AdminClientUtil.createResteasyClient().target(ecpSPPage.toString()).request().header("Accept", "text/html; application/vnd.paos+xml").header("PAOS", "ver='urn:liberty:paos:2003-08' ;'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'").get();
    SOAPMessage authnRequestMessage = MessageFactory.newInstance().createMessage(null, new ByteArrayInputStream(authnRequestResponse.readEntity(byte[].class)));
    Iterator<javax.xml.soap.Node> it = authnRequestMessage.getSOAPHeader().<SOAPHeaderElement>getChildElements(new QName("urn:liberty:paos:2003-08", "Request"));
    it.next();
    it = authnRequestMessage.getSOAPHeader().<SOAPHeaderElement>getChildElements(new QName("urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp", "Request"));
    javax.xml.soap.Node ecpRequestHeader = it.next();
    NodeList idpList = ((SOAPHeaderElement) ecpRequestHeader).getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:protocol", "IDPList");
    Assert.assertThat("No IDPList returned from Service Provider", idpList.getLength(), is(1));
    NodeList idpEntries = idpList.item(0).getChildNodes();
    Assert.assertThat("No IDPEntry returned from Service Provider", idpEntries.getLength(), is(1));
    String singleSignOnService = null;
    for (int i = 0; i < idpEntries.getLength(); i++) {
        Node item = idpEntries.item(i);
        NamedNodeMap attributes = item.getAttributes();
        Node location = attributes.getNamedItem("Loc");
        singleSignOnService = location.getNodeValue();
    }
    Assert.assertThat("Could not obtain SSO Service URL", singleSignOnService, notNullValue());
    Document authenticationRequest = authnRequestMessage.getSOAPBody().getFirstChild().getOwnerDocument();
    String username = "pedroigor";
    String password = "baspassword";
    String pair = username + ":" + password;
    String authHeader = "Basic " + Base64.encodeBytes(pair.getBytes());
    Response authenticationResponse = AdminClientUtil.createResteasyClient().target(singleSignOnService).request().header(HttpHeaders.AUTHORIZATION, authHeader).post(Entity.entity(DocumentUtil.asString(authenticationRequest), "application/soap+xml"));
    Assert.assertThat(authenticationResponse.getStatus(), is(OK.getStatusCode()));
    SOAPMessage responseMessage = MessageFactory.newInstance().createMessage(null, new ByteArrayInputStream(authenticationResponse.readEntity(byte[].class)));
    Node samlResponse = responseMessage.getSOAPBody().getFirstChild();
    Assert.assertThat(samlResponse, notNullValue());
    StatusResponseType responseType = (StatusResponseType) SAMLParser.getInstance().parse(samlResponse);
    StatusCodeType statusCode = responseType.getStatus().getStatusCode();
    Assert.assertThat(statusCode.getStatusCode().getValue().toString(), is(not(JBossSAMLURIConstants.STATUS_SUCCESS.get())));
}

Example 8 with StatusCodeType

use of org.keycloak.dom.saml.v2.protocol.StatusCodeType in project keycloak by keycloak.

the class SAMLServletAdapterTest method testSuccessfulEcpFlow.

@Test
public void testSuccessfulEcpFlow() throws Exception {
    Response authnRequestResponse = AdminClientUtil.createResteasyClient().target(ecpSPPage.toString()).request().header("Accept", "text/html; application/vnd.paos+xml").header("PAOS", "ver='urn:liberty:paos:2003-08' ;'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp'").get();
    SOAPMessage authnRequestMessage = MessageFactory.newInstance().createMessage(null, new ByteArrayInputStream(authnRequestResponse.readEntity(byte[].class)));
    // printDocument(authnRequestMessage.getSOAPPart().getContent(), System.out);
    Iterator<javax.xml.soap.Node> it = authnRequestMessage.getSOAPHeader().<SOAPHeaderElement>getChildElements(new QName("urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp", "Request"));
    SOAPHeaderElement ecpRequestHeader = (SOAPHeaderElement) it.next();
    NodeList idpList = ecpRequestHeader.getElementsByTagNameNS("urn:oasis:names:tc:SAML:2.0:protocol", "IDPList");
    Assert.assertThat("No IDPList returned from Service Provider", idpList.getLength(), is(1));
    NodeList idpEntries = idpList.item(0).getChildNodes();
    Assert.assertThat("No IDPEntry returned from Service Provider", idpEntries.getLength(), is(1));
    String singleSignOnService = null;
    for (int i = 0; i < idpEntries.getLength(); i++) {
        Node item = idpEntries.item(i);
        NamedNodeMap attributes = item.getAttributes();
        Node location = attributes.getNamedItem("Loc");
        singleSignOnService = location.getNodeValue();
    }
    Assert.assertThat("Could not obtain SSO Service URL", singleSignOnService, notNullValue());
    Document authenticationRequest = authnRequestMessage.getSOAPBody().getFirstChild().getOwnerDocument();
    String username = "pedroigor";
    String password = "password";
    String pair = username + ":" + password;
    String authHeader = "Basic " + Base64.encodeBytes(pair.getBytes());
    Response authenticationResponse = AdminClientUtil.createResteasyClient().target(singleSignOnService).request().header(HttpHeaders.AUTHORIZATION, authHeader).post(Entity.entity(DocumentUtil.asString(authenticationRequest), "text/xml"));
    Assert.assertThat(authenticationResponse.getStatus(), is(OK.getStatusCode()));
    SOAPMessage responseMessage = MessageFactory.newInstance().createMessage(null, new ByteArrayInputStream(authenticationResponse.readEntity(byte[].class)));
    // printDocument(responseMessage.getSOAPPart().getContent(), System.out);
    SOAPHeader responseMessageHeaders = responseMessage.getSOAPHeader();
    NodeList ecpResponse = responseMessageHeaders.getElementsByTagNameNS(JBossSAMLURIConstants.ECP_PROFILE.get(), JBossSAMLConstants.RESPONSE__ECP.get());
    Assert.assertThat("No ECP Response", ecpResponse.getLength(), is(1));
    Node samlResponse = responseMessage.getSOAPBody().getFirstChild();
    Assert.assertThat(samlResponse, notNullValue());
    ResponseType responseType = (ResponseType) SAMLParser.getInstance().parse(samlResponse);
    StatusCodeType statusCode = responseType.getStatus().getStatusCode();
    Assert.assertThat(statusCode.getValue().toString(), is(JBossSAMLURIConstants.STATUS_SUCCESS.get()));
    Assert.assertThat(responseType.getDestination(), is(ecpSPPage.toString()));
    Assert.assertThat(responseType.getSignature(), notNullValue());
    Assert.assertThat(responseType.getAssertions().size(), is(1));
    SOAPMessage samlResponseRequest = MessageFactory.newInstance().createMessage();
    samlResponseRequest.getSOAPBody().addDocument(responseMessage.getSOAPBody().extractContentAsDocument());
    ByteArrayOutputStream os = new ByteArrayOutputStream();
    samlResponseRequest.writeTo(os);
    Response serviceProviderFinalResponse = AdminClientUtil.createResteasyClient().target(responseType.getDestination()).request().post(Entity.entity(os.toByteArray(), "application/vnd.paos+xml"));
    Map<String, NewCookie> cookies = serviceProviderFinalResponse.getCookies();
    Invocation.Builder resourceRequest = AdminClientUtil.createResteasyClient().target(responseType.getDestination()).request();
    for (NewCookie cookie : cookies.values()) {
        resourceRequest.cookie(cookie);
    }
    Response resourceResponse = resourceRequest.get();
    Assert.assertThat(resourceResponse.readEntity(String.class), containsString("pedroigor"));
}

Example 9 with StatusCodeType

use of org.keycloak.dom.saml.v2.protocol.StatusCodeType in project keycloak by keycloak.

the class SamlProtocolUtils method buildArtifactResponse.

/**
 * Takes a saml object (an object that will be part of resulting ArtifactResponse), and inserts it as the body of
 * an ArtifactResponse. The ArtifactResponse is returned as ArtifactResponseType
 *
 * @param samlObject a Saml object
 * @param issuer issuer of the resulting ArtifactResponse, should be the same as issuer of the samlObject
 * @param statusCode status code of the resulting response
 * @return An ArtifactResponse containing the saml object.
 */
public static ArtifactResponseType buildArtifactResponse(SAML2Object samlObject, NameIDType issuer, URI statusCode) throws ConfigurationException, ProcessingException {
    ArtifactResponseType artifactResponse = new ArtifactResponseType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant());
    // Status
    StatusType statusType = new StatusType();
    StatusCodeType statusCodeType = new StatusCodeType();
    statusCodeType.setValue(statusCode);
    statusType.setStatusCode(statusCodeType);
    artifactResponse.setStatus(statusType);
    artifactResponse.setIssuer(issuer);
    artifactResponse.setAny(samlObject);
    return artifactResponse;
}

Example 10 with StatusCodeType

use of org.keycloak.dom.saml.v2.protocol.StatusCodeType in project keycloak by keycloak.

the class SamlStatusResponseTypeMatcher method describeMismatch.

@Override
public void describeMismatch(Object item, Description description) {
    StatusCodeType statusCode = ((StatusResponseType) item).getStatus().getStatusCode();
    description.appendText("was ");
    while (statusCode != null) {
        description.appendText("/").appendValue(statusCode.getValue());
        statusCode = statusCode.getStatusCode();
    }
}