Examples with ProcessingException org.keycloak.saml.common.exceptions.ProcessingException used on opensource projects

Example 21 with ProcessingException

use of org.keycloak.saml.common.exceptions.ProcessingException in project keycloak by keycloak.

the class BrokerTest method createAuthnResponse.

private SAML2Object createAuthnResponse(SAML2Object so) {
    AuthnRequestType req = (AuthnRequestType) so;
    try {
        final ResponseType res = new SAML2LoginResponseBuilder().requestID(req.getID()).destination(req.getAssertionConsumerServiceURL().toString()).issuer("https://saml.idp/saml").assertionExpiration(1000000).subjectExpiration(1000000).requestIssuer(getAuthServerRealmBase(REALM_NAME).toString()).sessionIndex("idp:" + UUID.randomUUID()).buildModel();
        AttributeStatementType attrStatement = new AttributeStatementType();
        AttributeType attribute = new AttributeType("mail");
        attribute.addAttributeValue("v@w.x");
        attrStatement.addAttribute(new ASTChoiceType(attribute));
        res.getAssertions().get(0).getAssertion().addStatement(attrStatement);
        return res;
    } catch (ConfigurationException | ProcessingException ex) {
        throw new RuntimeException(ex);
    }
}

Example 22 with ProcessingException

use of org.keycloak.saml.common.exceptions.ProcessingException in project keycloak by keycloak.

the class BrokerTest method signAndAddCustomNamespaceElementToSignature.

private static void signAndAddCustomNamespaceElementToSignature(Document doc) {
    doc.getDocumentElement().setAttribute("xmlns:" + XMLNS_VETINARI, NS_VETINARI);
    BaseSAML2BindingBuilder<BaseSAML2BindingBuilder> sb = new BaseSAML2BindingBuilder();
    try {
        KeyPair keyPair = new KeyPair(SAML_CLIENT_SALES_POST_SIG_PUBLIC_KEY_PK, SAML_CLIENT_SALES_POST_SIG_PRIVATE_KEY_PK);
        sb.signWith("kn", keyPair).signatureAlgorithm(RSA_SHA1).signAssertions().signAssertion(doc);
    } catch (ProcessingException ex) {
        throw new RuntimeException(ex);
    }
    // KeyInfo has lax and can contain custom elements, see https://www.w3.org/TR/xmldsig-core1/#sec-KeyInfo
    Element el = findFirstElement(doc, XmlDSigQNames.KEY_INFO);
    appendNewElement(el, new QName(NS_VETINARI, "Patrician"), XMLNS_VETINARI);
}

Example 23 with ProcessingException

use of org.keycloak.saml.common.exceptions.ProcessingException in project keycloak by keycloak.

the class BasicSamlTest method testPropertyValueInAssertion.

// KEYCLOAK-4160
@Test
public void testPropertyValueInAssertion() throws ParsingException, ConfigurationException, ProcessingException {
    SAMLDocumentHolder document = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, Binding.POST).transformDocument(doc -> {
        setDocElementAttributeValue(doc, "samlp:AuthnRequest", "ID", "${java.version}");
        return doc;
    }).build().login().user(bburkeUser).build().getSamlResponse(Binding.POST);
    assertThat(documentToString(document.getSamlDocument()), not(containsString("InResponseTo=\"" + System.getProperty("java.version") + "\"")));
}

Example 24 with ProcessingException

use of org.keycloak.saml.common.exceptions.ProcessingException in project keycloak by keycloak.

the class SAMLDataMarshaller method serialize.

@Override
public String serialize(Object obj) {
    // Lame impl, but hopefully sufficient for now. See if something better is needed...
    if (obj.getClass().getName().startsWith("org.keycloak.dom.saml")) {
        ByteArrayOutputStream bos = new ByteArrayOutputStream();
        try {
            if (obj instanceof ResponseType) {
                ResponseType responseType = (ResponseType) obj;
                SAMLResponseWriter samlWriter = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(bos));
                samlWriter.write(responseType);
            } else if (obj instanceof AssertionType) {
                AssertionType assertion = (AssertionType) obj;
                SAMLAssertionWriter samlWriter = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(bos));
                samlWriter.write(assertion);
            } else if (obj instanceof AuthnStatementType) {
                AuthnStatementType authnStatement = (AuthnStatementType) obj;
                SAMLAssertionWriter samlWriter = new SAMLAssertionWriter(StaxUtil.getXMLStreamWriter(bos));
                samlWriter.write(authnStatement, true);
            } else if (obj instanceof ArtifactResponseType) {
                ArtifactResponseType artifactResponseType = (ArtifactResponseType) obj;
                SAMLResponseWriter samlWriter = new SAMLResponseWriter(StaxUtil.getXMLStreamWriter(bos));
                samlWriter.write(artifactResponseType);
            } else {
                throw new IllegalArgumentException("Don't know how to serialize object of type " + obj.getClass().getName());
            }
        } catch (ProcessingException pe) {
            throw new RuntimeException(pe);
        }
        return new String(bos.toByteArray(), GeneralConstants.SAML_CHARSET);
    } else {
        return super.serialize(obj);
    }
}

Example 25 with ProcessingException

use of org.keycloak.saml.common.exceptions.ProcessingException in project keycloak by keycloak.

the class SamlSPFacade method getSamlAuthnRequest.

/*
    * https://idp.ssocircle.com/sso/toolbox/samlEncode.jsp
    *
    * returns (https instead of http in case ssl is required)
    * 
    * <samlp:AuthnRequest 
    *     xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" 
    *     xmlns="urn:oasis:names:tc:SAML:2.0:assertion" 
    *     AssertionConsumerServiceURL="http://localhost:8280/employee/" 
    *     Destination="http://localhost:8180/auth/realms/demo/protocol/saml" 
    *     ForceAuthn="false" 
    *     ID="ID_4d8e5ce2-7206-472b-a897-2d837090c005" 
    *     IsPassive="false" 
    *     IssueInstant="2015-03-06T22:22:17.854Z" 
    *     ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" 
    *     Version="2.0"> 
    *         <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">saml-employee</saml:Issuer> 
    *         <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"/> 
    * </samlp:AuthnRequest> 
    */
private URI getSamlAuthnRequest(HttpServletRequest req) {
    try {
        BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder();
        SAML2Request samlReq = new SAML2Request();
        String appServerUrl = ServletTestUtils.getUrlBase() + "/employee/";
        String authServerUrl = ServletTestUtils.getAuthServerUrlBase() + "/auth/realms/demo/protocol/saml";
        AuthnRequestType loginReq;
        loginReq = samlReq.createAuthnRequestType(UUID.randomUUID().toString(), appServerUrl, authServerUrl, "http://localhost:8280/employee/");
        loginReq.getNameIDPolicy().setFormat(JBossSAMLURIConstants.NAMEID_FORMAT_UNSPECIFIED.getUri());
        return binding.redirectBinding(SAML2Request.convert(loginReq)).requestURI(authServerUrl);
    } catch (IOException | ConfigurationException | ParsingException | ProcessingException ex) {
        throw new RuntimeException(ex);
    }
}