Example 11 with ConfigurationException
use of org.keycloak.saml.common.exceptions.ConfigurationException in project keycloak by keycloak.
the class SAML2ErrorResponseBuilder method buildDocument.
public Document buildDocument() throws ProcessingException {
try {
StatusResponseType statusResponse = new ResponseType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant());
statusResponse.setStatus(JBossSAMLAuthnResponseFactory.createStatusTypeForResponder(status));
statusResponse.setIssuer(issuer);
statusResponse.setDestination(destination);
if (!this.extensions.isEmpty()) {
ExtensionsType extensionsType = new ExtensionsType();
for (NodeGenerator extension : this.extensions) {
extensionsType.addExtension(extension);
}
statusResponse.setExtensions(extensionsType);
}
SAML2Response saml2Response = new SAML2Response();
return saml2Response.convert(statusResponse);
} catch (ConfigurationException e) {
throw new ProcessingException(e);
} catch (ParsingException e) {
throw new ProcessingException(e);
}
}
Also used :
ConfigurationException(org.keycloak.saml.common.exceptions.ConfigurationException)
ExtensionsType(org.keycloak.dom.saml.v2.protocol.ExtensionsType)
ParsingException(org.keycloak.saml.common.exceptions.ParsingException)
SAML2Response(org.keycloak.saml.processing.api.saml.v2.response.SAML2Response)
StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
Example 12 with ConfigurationException
use of org.keycloak.saml.common.exceptions.ConfigurationException in project keycloak by keycloak.
the class BrokerTest method createAuthnResponse.
private SAML2Object createAuthnResponse(SAML2Object so) {
AuthnRequestType req = (AuthnRequestType) so;
try {
final ResponseType res = new SAML2LoginResponseBuilder().requestID(req.getID()).destination(req.getAssertionConsumerServiceURL().toString()).issuer("https://saml.idp/saml").assertionExpiration(1000000).subjectExpiration(1000000).requestIssuer(getAuthServerRealmBase(REALM_NAME).toString()).sessionIndex("idp:" + UUID.randomUUID()).buildModel();
AttributeStatementType attrStatement = new AttributeStatementType();
AttributeType attribute = new AttributeType("mail");
attribute.addAttributeValue("v@w.x");
attrStatement.addAttribute(new ASTChoiceType(attribute));
res.getAssertions().get(0).getAssertion().addStatement(attrStatement);
return res;
} catch (ConfigurationException | ProcessingException ex) {
throw new RuntimeException(ex);
}
}
Also used :
AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType)
ConfigurationException(org.keycloak.saml.common.exceptions.ConfigurationException)
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
ASTChoiceType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType.ASTChoiceType)
SAML2LoginResponseBuilder(org.keycloak.saml.SAML2LoginResponseBuilder)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
Example 13 with ConfigurationException
use of org.keycloak.saml.common.exceptions.ConfigurationException in project keycloak by keycloak.
the class BasicSamlTest method testPropertyValueInAssertion.
// KEYCLOAK-4160
@Test
public void testPropertyValueInAssertion() throws ParsingException, ConfigurationException, ProcessingException {
SAMLDocumentHolder document = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, Binding.POST).transformDocument(doc -> {
setDocElementAttributeValue(doc, "samlp:AuthnRequest", "ID", "${java.version}");
return doc;
}).build().login().user(bburkeUser).build().getSamlResponse(Binding.POST);
assertThat(documentToString(document.getSamlDocument()), not(containsString("InResponseTo=\"" + System.getProperty("java.version") + "\"")));
}
Also used :
Matchers.statusCodeIsHC(org.keycloak.testsuite.util.Matchers.statusCodeIsHC)
EntityUtils(org.apache.http.util.EntityUtils)
Document(org.w3c.dom.Document)
Matchers.nullValue(org.hamcrest.Matchers.nullValue)
SamlClient(org.keycloak.testsuite.util.SamlClient)
RedirectStrategyWithSwitchableFollowRedirect(org.keycloak.testsuite.util.SamlClient.RedirectStrategyWithSwitchableFollowRedirect)
UriBuilder(javax.ws.rs.core.UriBuilder)
URI(java.net.URI)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
NAMEID_FORMAT_TRANSIENT(org.keycloak.saml.common.constants.JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT)
Matchers.notNullValue(org.hamcrest.Matchers.notNullValue)
Matchers(org.keycloak.testsuite.util.Matchers)
Signature(java.security.Signature)
SamlProtocol(org.keycloak.protocol.saml.SamlProtocol)
Logger(java.util.logging.Logger)
DocumentUtil(org.keycloak.saml.common.util.DocumentUtil)
Objects(java.util.Objects)
ParsingException(org.keycloak.saml.common.exceptions.ParsingException)
List(java.util.List)
Response(javax.ws.rs.core.Response)
Matchers.is(org.hamcrest.Matchers.is)
Matchers.containsString(org.hamcrest.Matchers.containsString)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
PROTOCOL_NSURI(org.keycloak.saml.common.constants.JBossSAMLURIConstants.PROTOCOL_NSURI)
RealmsResource(org.keycloak.services.resources.RealmsResource)
Encode(org.jboss.resteasy.util.Encode)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
SAML2Request(org.keycloak.saml.processing.api.saml.v2.request.SAML2Request)
GeneralConstants(org.keycloak.saml.common.constants.GeneralConstants)
CoreMatchers.not(org.hamcrest.CoreMatchers.not)
IOUtil.setDocElementAttributeValue(org.keycloak.testsuite.utils.io.IOUtil.setDocElementAttributeValue)
HttpUriRequest(org.apache.http.client.methods.HttpUriRequest)
Attr(org.w3c.dom.Attr)
Level(java.util.logging.Level)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse)
MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat)
SignatureAlgorithm(org.keycloak.saml.SignatureAlgorithm)
AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer)
Status(javax.ws.rs.core.Response.Status)
ConfigurationException(org.keycloak.saml.common.exceptions.ConfigurationException)
RedirectBindingUtil(org.keycloak.saml.processing.web.util.RedirectBindingUtil)
CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient)
AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType)
JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants)
Test(org.junit.Test)
IOException(java.io.IOException)
KeyUtils(org.keycloak.testsuite.util.KeyUtils)
AUTH_SERVER_PORT(org.keycloak.testsuite.util.ServerURLs.AUTH_SERVER_PORT)
Element(org.w3c.dom.Element)
Step(org.keycloak.testsuite.util.SamlClient.Step)
Matcher(org.hamcrest.Matcher)
Binding(org.keycloak.testsuite.util.SamlClient.Binding)
HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder)
IOUtil.documentToString(org.keycloak.testsuite.utils.io.IOUtil.documentToString)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
Test(org.junit.Test)
Example 14 with ConfigurationException
use of org.keycloak.saml.common.exceptions.ConfigurationException in project keycloak by keycloak.
the class AbstractSamlAuthenticationHandler method getAssertionDocumentFromElement.
private Document getAssertionDocumentFromElement(final Element assertionElement) {
if (assertionElement == null) {
return null;
}
try {
Document assertionDoc = DocumentUtil.createDocument();
assertionDoc.adoptNode(assertionElement);
assertionDoc.appendChild(assertionElement);
return assertionDoc;
} catch (ConfigurationException e) {
log.warn("Cannot obtain DOM assertion document", e);
return null;
}
}
Also used :
ConfigurationException(org.keycloak.saml.common.exceptions.ConfigurationException)
Document(org.w3c.dom.Document)
Example 15 with ConfigurationException
use of org.keycloak.saml.common.exceptions.ConfigurationException in project keycloak by keycloak.
the class SamlSPFacade method getSamlAuthnRequest.
/*
* https://idp.ssocircle.com/sso/toolbox/samlEncode.jsp
*
* returns (https instead of http in case ssl is required)
*
* <samlp:AuthnRequest
* xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
* xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
* AssertionConsumerServiceURL="http://localhost:8280/employee/"
* Destination="http://localhost:8180/auth/realms/demo/protocol/saml"
* ForceAuthn="false"
* ID="ID_4d8e5ce2-7206-472b-a897-2d837090c005"
* IsPassive="false"
* IssueInstant="2015-03-06T22:22:17.854Z"
* ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
* Version="2.0">
* <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">saml-employee</saml:Issuer>
* <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"/>
* </samlp:AuthnRequest>
*/
private URI getSamlAuthnRequest(HttpServletRequest req) {
try {
BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder();
SAML2Request samlReq = new SAML2Request();
String appServerUrl = ServletTestUtils.getUrlBase() + "/employee/";
String authServerUrl = ServletTestUtils.getAuthServerUrlBase() + "/auth/realms/demo/protocol/saml";
AuthnRequestType loginReq;
loginReq = samlReq.createAuthnRequestType(UUID.randomUUID().toString(), appServerUrl, authServerUrl, "http://localhost:8280/employee/");
loginReq.getNameIDPolicy().setFormat(JBossSAMLURIConstants.NAMEID_FORMAT_UNSPECIFIED.getUri());
return binding.redirectBinding(SAML2Request.convert(loginReq)).requestURI(authServerUrl);
} catch (IOException | ConfigurationException | ParsingException | ProcessingException ex) {
throw new RuntimeException(ex);
}
}
Also used :
AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType)
ConfigurationException(org.keycloak.saml.common.exceptions.ConfigurationException)
ParsingException(org.keycloak.saml.common.exceptions.ParsingException)
BaseSAML2BindingBuilder(org.keycloak.saml.BaseSAML2BindingBuilder)
IOException(java.io.IOException)
SAML2Request(org.keycloak.saml.processing.api.saml.v2.request.SAML2Request)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
Aggregations
ConfigurationException (org.keycloak.saml.common.exceptions.ConfigurationException)24
ProcessingException (org.keycloak.saml.common.exceptions.ProcessingException)20
ParsingException (org.keycloak.saml.common.exceptions.ParsingException)14
Document (org.w3c.dom.Document)14
AuthnRequestType (org.keycloak.dom.saml.v2.protocol.AuthnRequestType)8
IOException (java.io.IOException)7
Element (org.w3c.dom.Element)6
ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)5
StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)5
SAML2Request (org.keycloak.saml.processing.api.saml.v2.request.SAML2Request)5
SAMLDocumentHolder (org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)5
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)4
Response (javax.ws.rs.core.Response)3
Test (org.junit.Test)3
VerificationException (org.keycloak.common.VerificationException)3
ClientModel (org.keycloak.models.ClientModel)3
SignatureAlgorithm (org.keycloak.saml.SignatureAlgorithm)3
JBossSAMLURIConstants (org.keycloak.saml.common.constants.JBossSAMLURIConstants)3
SAML2Response (org.keycloak.saml.processing.api.saml.v2.response.SAML2Response)3
ByteArrayInputStream (java.io.ByteArrayInputStream)2
