use of org.keycloak.dom.xmlsec.w3.xmlenc.EncryptionMethodType in project keycloak by keycloak.
the class SAMLParserTest method testSaml20MetadataEntityDescriptorSP.
@Test
public void testSaml20MetadataEntityDescriptorSP() throws Exception {
EntityDescriptorType entityDescriptor = assertParsed("saml20-entity-descriptor-sp.xml", EntityDescriptorType.class);
assertThat(entityDescriptor.getEntityID(), is("https://ServiceProvider.com/SAML"));
assertThat(entityDescriptor.getValidUntil(), is(nullValue()));
assertThat(entityDescriptor.getCacheDuration(), is(nullValue()));
assertThat(entityDescriptor.getID(), is(nullValue()));
assertThat(entityDescriptor.getExtensions(), is(nullValue()));
List<EntityDescriptorType.EDTChoiceType> descriptors = entityDescriptor.getChoiceType();
assertThat(descriptors, hasSize(1));
// SP Descriptor
SPSSODescriptorType spDescriptor = descriptors.get(0).getDescriptors().get(0).getSpDescriptor();
assertThat(spDescriptor, is(notNullValue()));
assertThat(spDescriptor.isAuthnRequestsSigned(), is(true));
assertThat(spDescriptor.isWantAssertionsSigned(), is(false));
assertThat(spDescriptor.getProtocolSupportEnumeration(), contains("urn:oasis:names:tc:SAML:2.0:protocol"));
// Key descriptor
List<KeyDescriptorType> keyDescriptors = spDescriptor.getKeyDescriptor();
assertThat(keyDescriptors, hasSize(2));
KeyDescriptorType signingKey = keyDescriptors.get(0);
assertThat(signingKey.getUse(), is(KeyTypes.SIGNING));
assertThat(signingKey.getEncryptionMethod(), is(emptyCollectionOf(EncryptionMethodType.class)));
assertThat(signingKey.getKeyInfo().getElementsByTagName("ds:KeyName").item(0).getTextContent(), is("ServiceProvider.com SSO Key"));
KeyDescriptorType encryptionKey = keyDescriptors.get(1);
assertThat(encryptionKey.getUse(), is(KeyTypes.ENCRYPTION));
assertThat(encryptionKey.getKeyInfo().getElementsByTagName("ds:KeyName").item(0).getTextContent(), is("ServiceProvider.com Encrypt Key"));
List<EncryptionMethodType> encryptionMethods = encryptionKey.getEncryptionMethod();
assertThat(encryptionMethods, Matchers.<EncryptionMethodType>hasSize(1));
assertThat(encryptionMethods.get(0).getAlgorithm(), is("http://www.w3.org/2001/04/xmlenc#rsa-1_5"));
assertThat(encryptionMethods.get(0).getEncryptionMethod(), is(nullValue()));
// Single logout services
assertThat(spDescriptor.getSingleLogoutService(), hasSize(2));
EndpointType singleLS1 = spDescriptor.getSingleLogoutService().get(0);
assertThat(singleLS1.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:SOAP")));
assertThat(singleLS1.getLocation(), is(URI.create("https://ServiceProvider.com/SAML/SLO/SOAP")));
assertThat(singleLS1.getResponseLocation(), is(nullValue()));
assertThat(singleLS1.getAny(), is(emptyCollectionOf(Object.class)));
assertThat(singleLS1.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
EndpointType singleLS2 = spDescriptor.getSingleLogoutService().get(1);
assertThat(singleLS2.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect")));
assertThat(singleLS2.getLocation(), is(URI.create("https://ServiceProvider.com/SAML/SLO/Browser")));
assertThat(singleLS2.getResponseLocation(), is(URI.create("https://ServiceProvider.com/SAML/SLO/Response")));
assertThat(singleLS2.getAny(), is(emptyCollectionOf(Object.class)));
assertThat(singleLS2.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
// NameID
assertThat(spDescriptor.getNameIDFormat(), contains("urn:oasis:names:tc:SAML:2.0:nameid-format:transient"));
// Assertion consumer services
List<IndexedEndpointType> assertionConsumerServices = spDescriptor.getAssertionConsumerService();
assertThat(assertionConsumerServices, hasSize(2));
IndexedEndpointType assertionCS1 = assertionConsumerServices.get(0);
assertThat(assertionCS1.getIndex(), is(0));
assertThat(assertionCS1.isIsDefault(), is(true));
assertThat(assertionCS1.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact")));
assertThat(assertionCS1.getLocation(), is(URI.create("https://ServiceProvider.com/SAML/SSO/Artifact")));
assertThat(assertionCS1.getResponseLocation(), is(nullValue()));
assertThat(assertionCS1.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
IndexedEndpointType assertionCS2 = assertionConsumerServices.get(1);
assertThat(assertionCS2.getIndex(), is(1));
assertThat(assertionCS2.isIsDefault(), is(nullValue()));
assertThat(assertionCS2.getBinding(), is(URI.create("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST")));
assertThat(assertionCS2.getLocation(), is(URI.create("https://ServiceProvider.com/SAML/SSO/POST")));
assertThat(assertionCS2.getResponseLocation(), is(nullValue()));
assertThat(assertionCS2.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
// Attribute consuming services
List<AttributeConsumingServiceType> attributeConsumingServices = spDescriptor.getAttributeConsumingService();
assertThat(attributeConsumingServices, hasSize(1));
AttributeConsumingServiceType attributeConsumingService = attributeConsumingServices.get(0);
assertThat(attributeConsumingService.getIndex(), is(0));
assertThat(attributeConsumingService.getServiceName(), hasSize(1));
LocalizedNameType servName = attributeConsumingService.getServiceName().get(0);
assertThat(servName.getLang(), is("en"));
assertThat(servName.getValue(), is("Academic Journals R US"));
assertThat(attributeConsumingService.getServiceDescription(), is(emptyCollectionOf(LocalizedNameType.class)));
List<RequestedAttributeType> requestedAttributes = attributeConsumingService.getRequestedAttribute();
assertThat(requestedAttributes, hasSize(1));
// Requested attribute
RequestedAttributeType requestedAttribute = requestedAttributes.get(0);
assertThat(requestedAttribute.getNameFormat(), is("urn:oasis:names:tc:SAML:2.0:attrname-format:uri"));
assertThat(requestedAttribute.getName(), is("urn:oid:1.3.6.1.4.1.5923.1.1.1.7"));
assertThat(requestedAttribute.getFriendlyName(), is("eduPersonEntitlement"));
assertThat(requestedAttribute.getAttributeValue(), hasSize(1));
assertThat((String) requestedAttribute.getAttributeValue().get(0), is("https://ServiceProvider.com/entitlements/123456789"));
assertThat(requestedAttribute.getOtherAttributes(), is(Collections.<QName, String>emptyMap()));
// Organization
assertThat(entityDescriptor.getOrganization().getOrganizationName(), hasSize(1));
LocalizedNameType orgName = entityDescriptor.getOrganization().getOrganizationName().get(0);
assertThat(orgName.getLang(), is("en"));
assertThat(orgName.getValue(), is("Academic Journals R\n US"));
assertThat(entityDescriptor.getOrganization().getOrganizationDisplayName(), hasSize(1));
LocalizedNameType orgDispName = entityDescriptor.getOrganization().getOrganizationDisplayName().get(0);
assertThat(orgDispName.getLang(), is("en"));
assertThat(orgDispName.getValue(), is("Academic Journals R US, a Division of Dirk Corp."));
assertThat(entityDescriptor.getOrganization().getOrganizationURL(), hasSize(1));
LocalizedURIType orgURL = entityDescriptor.getOrganization().getOrganizationURL().get(0);
assertThat(orgURL.getLang(), is("en"));
assertThat(orgURL.getValue(), is(URI.create("https://ServiceProvider.com")));
}
use of org.keycloak.dom.xmlsec.w3.xmlenc.EncryptionMethodType in project keycloak by keycloak.
the class SAMLParserTest method testSaml20MetadataEntityDescriptorPDP.
@Test
public void testSaml20MetadataEntityDescriptorPDP() throws Exception {
EntityDescriptorType descriptor = assertParsed("saml20-entity-descriptor-pdp.xml", EntityDescriptorType.class);
assertThat(descriptor.getChoiceType(), Matchers.<EntityDescriptorType.EDTChoiceType>hasSize(1));
assertThat(descriptor.getChoiceType().get(0).getDescriptors().get(0).getPdpDescriptor(), is(notNullValue()));
PDPDescriptorType pdpDescriptor = descriptor.getChoiceType().get(0).getDescriptors().get(0).getPdpDescriptor();
assertThat(pdpDescriptor.getKeyDescriptor(), Matchers.<KeyDescriptorType>hasSize(1));
KeyDescriptorType keyDescriptorType = pdpDescriptor.getKeyDescriptor().get(0);
assertThat(keyDescriptorType.getEncryptionMethod(), Matchers.<EncryptionMethodType>hasSize(1));
EncryptionMethodType encryptionMethodType = keyDescriptorType.getEncryptionMethod().get(0);
assertThat(encryptionMethodType.getAlgorithm(), is("http://www.example.com/"));
EncryptionMethodType.EncryptionMethod encryptionMethod = encryptionMethodType.getEncryptionMethod();
assertThat(encryptionMethod.getKeySize(), is(BigInteger.ONE));
assertThat(encryptionMethod.getOAEPparams(), is("GpM7".getBytes()));
// EndpointType parser already tested so we are not checking further
assertThat(pdpDescriptor.getAuthzService(), Matchers.<EndpointType>hasSize(1));
assertThat(pdpDescriptor.getAssertionIDRequestService(), Matchers.<EndpointType>hasSize(1));
}
Aggregations