Examples with SAMLParser org.keycloak.saml.processing.core.parsers.saml.SAMLParser used on opensource projects

Search in sources :

Example 11 with SAMLParser

use of org.keycloak.saml.processing.core.parsers.saml.SAMLParser in project keycloak by keycloak.

the class SAML2Response method getEncryptedAssertion.

/**
 * Get an encrypted assertion from the stream
 *
 * @param is
 *
 * @return
 *
 * @throws org.keycloak.saml.common.exceptions.ParsingException
 * @throws ProcessingException
 * @throws ConfigurationException
 */
public EncryptedAssertionType getEncryptedAssertion(InputStream is) throws ParsingException, ConfigurationException, ProcessingException {
    if (is == null)
        throw logger.nullArgumentError("InputStream");
    Document samlDocument = DocumentUtil.getDocument(is);
    SAMLParser samlParser = SAMLParser.getInstance();
    JAXPValidationUtil.checkSchemaValidation(samlDocument);
    return (EncryptedAssertionType) samlParser.parse(samlDocument);
}
Also used : SAMLParser(org.keycloak.saml.processing.core.parsers.saml.SAMLParser) EncryptedAssertionType(org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType) Document(org.w3c.dom.Document)

Example 12 with SAMLParser

use of org.keycloak.saml.processing.core.parsers.saml.SAMLParser in project keycloak by keycloak.

the class SAML2Response method getSAML2ObjectFromStream.

/**
 * Read a {@code SAML2Object} from an input stream
 *
 * @param is
 *
 * @return
 *
 * @throws ParsingException
 * @throws ConfigurationException
 * @throws ProcessingException
 */
public SAML2Object getSAML2ObjectFromStream(InputStream is) throws ParsingException, ConfigurationException, ProcessingException {
    if (is == null)
        throw logger.nullArgumentError("InputStream");
    Document samlResponseDocument = DocumentUtil.getDocument(is);
    if (logger.isTraceEnabled()) {
        logger.trace("SAML Response Document: " + DocumentUtil.asString(samlResponseDocument));
    }
    SAMLParser samlParser = SAMLParser.getInstance();
    JAXPValidationUtil.checkSchemaValidation(samlResponseDocument);
    SAML2Object responseType = (SAML2Object) samlParser.parse(samlResponseDocument);
    samlDocumentHolder = new SAMLDocumentHolder(responseType, samlResponseDocument);
    return responseType;
}
Also used : SAML2Object(org.keycloak.dom.saml.v2.SAML2Object) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) SAMLParser(org.keycloak.saml.processing.core.parsers.saml.SAMLParser) Document(org.w3c.dom.Document)

Example 13 with SAMLParser

use of org.keycloak.saml.processing.core.parsers.saml.SAMLParser in project keycloak by keycloak.

the class SAMLDataMarshallerTest method testSerializeWithNamespaceNotInSignatureElement.

@Test
public void testSerializeWithNamespaceNotInSignatureElement() throws Exception {
    SAMLParser parser = SAMLParser.getInstance();
    try (InputStream st = SAMLDataMarshallerTest.class.getResourceAsStream("saml-response-ds-ns-above-signature.xml")) {
        Object parsedObject = parser.parse(st);
        assertThat(parsedObject, instanceOf(ResponseType.class));
        ResponseType response = (ResponseType) parsedObject;
        SAMLDataMarshaller serializer = new SAMLDataMarshaller();
        String serializedResponse = serializer.serialize(response);
        String serializedAssertion = serializer.serialize(response.getAssertions().get(0).getAssertion());
        ResponseType deserializedResponse = serializer.deserialize(serializedResponse, ResponseType.class);
        assertThat(deserializedResponse, CoreMatchers.notNullValue());
        assertThat(deserializedResponse.getID(), CoreMatchers.is("id-EYgqtumZ-P-Ph7t37f-brUKMwB5MKix0sNjr-0YV"));
        AssertionType deserializedAssertion = serializer.deserialize(serializedAssertion, AssertionType.class);
        assertThat(deserializedAssertion, CoreMatchers.notNullValue());
        assertThat(deserializedAssertion.getID(), CoreMatchers.is("id-4r-Xj702KQsM0gJyu3Fqpuwfe-LvDrEcQZpxKrhC"));
    }
}
Also used : InputStream(java.io.InputStream) SAMLParser(org.keycloak.saml.processing.core.parsers.saml.SAMLParser) AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType) SAMLDataMarshaller(org.keycloak.broker.saml.SAMLDataMarshaller) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) Test(org.junit.Test)

Example 14 with SAMLParser

use of org.keycloak.saml.processing.core.parsers.saml.SAMLParser in project keycloak by keycloak.

the class AssertionUtil method decryptAssertion.

/**
 * This method modifies the given responseType, and replaces the encrypted assertion with a decrypted version.
 * @param responseType a response containg an encrypted assertion
 * @return the assertion element as it was decrypted. This can be used in signature verification.
 */
public static Element decryptAssertion(SAMLDocumentHolder holder, ResponseType responseType, PrivateKey privateKey) throws ParsingException, ProcessingException, ConfigurationException {
    Document doc = holder.getSamlDocument();
    Element enc = DocumentUtil.getElement(doc, new QName(JBossSAMLConstants.ENCRYPTED_ASSERTION.get()));
    if (enc == null) {
        throw new ProcessingException("No encrypted assertion found.");
    }
    String oldID = enc.getAttribute(JBossSAMLConstants.ID.get());
    Document newDoc = DocumentUtil.createDocument();
    Node importedNode = newDoc.importNode(enc, true);
    newDoc.appendChild(importedNode);
    Element decryptedDocumentElement = XMLEncryptionUtil.decryptElementInDocument(newDoc, privateKey);
    SAMLParser parser = SAMLParser.getInstance();
    JAXPValidationUtil.checkSchemaValidation(decryptedDocumentElement);
    AssertionType assertion = (AssertionType) parser.parse(parser.createEventReader(DocumentUtil.getNodeAsStream(decryptedDocumentElement)));
    responseType.replaceAssertion(oldID, new ResponseType.RTChoiceType(assertion));
    return decryptedDocumentElement;
}
Also used : QName(javax.xml.namespace.QName) Element(org.w3c.dom.Element) Node(org.w3c.dom.Node) SAMLParser(org.keycloak.saml.processing.core.parsers.saml.SAMLParser) EncryptedAssertionType(org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType) SAML11AssertionType(org.keycloak.dom.saml.v1.assertion.SAML11AssertionType) AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType) Document(org.w3c.dom.Document) ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)

Example 15 with SAMLParser

use of org.keycloak.saml.processing.core.parsers.saml.SAMLParser in project keycloak by keycloak.

the class KcSamlSpDescriptorTest method testAttributeConsumingServiceMappersInSpMetadataWithoutServiceName.

@Test
public void testAttributeConsumingServiceMappersInSpMetadataWithoutServiceName() throws IOException, ParsingException, URISyntaxException {
    try (Closeable idpUpdater = new IdentityProviderAttributeUpdater(identityProviderResource).setAttribute(SAMLIdentityProviderConfig.ATTRIBUTE_CONSUMING_SERVICE_INDEX, "12").update()) {
        IdentityProviderMapperRepresentation attrMapperEmail = new IdentityProviderMapperRepresentation();
        attrMapperEmail.setName("attribute-mapper-email");
        attrMapperEmail.setIdentityProviderMapper(UserAttributeMapper.PROVIDER_ID);
        attrMapperEmail.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, IdentityProviderMapperSyncMode.INHERIT.toString()).put(UserAttributeMapper.ATTRIBUTE_NAME, "email_attr_name").put(UserAttributeMapper.ATTRIBUTE_FRIENDLY_NAME, "email_attr_friendlyname").put(UserAttributeMapper.USER_ATTRIBUTE, "email").build());
        attrMapperEmail.setIdentityProviderAlias(bc.getIDPAlias());
        identityProviderResource.addMapper(attrMapperEmail);
        String spDescriptorString = identityProviderResource.export(null).readEntity(String.class);
        SAMLParser parser = SAMLParser.getInstance();
        EntityDescriptorType o = (EntityDescriptorType) parser.parse(new StringInputStream(spDescriptorString));
        SPSSODescriptorType spDescriptor = o.getChoiceType().get(0).getDescriptors().get(0).getSpDescriptor();
        assertThat(spDescriptor.getAttributeConsumingService(), not(empty()));
        assertThat(spDescriptor.getAttributeConsumingService().get(0).getIndex(), is(12));
        assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute(), notNullValue());
        assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute(), not(empty()));
        assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute().get(0).getName(), is("email_attr_name"));
        assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute().get(0).getFriendlyName(), is("email_attr_friendlyname"));
        assertThat(spDescriptor.getAttributeConsumingService().get(0).getServiceName(), notNullValue());
        assertThat(spDescriptor.getAttributeConsumingService().get(0).getServiceName().get(0).getValue(), is(bc.consumerRealmName()));
    }
}
Also used : IdentityProviderMapperRepresentation(org.keycloak.representations.idm.IdentityProviderMapperRepresentation) StringInputStream(org.apache.tools.ant.filters.StringInputStream) Closeable(java.io.Closeable) IdentityProviderAttributeUpdater(org.keycloak.testsuite.updaters.IdentityProviderAttributeUpdater) SAMLParser(org.keycloak.saml.processing.core.parsers.saml.SAMLParser) EntityDescriptorType(org.keycloak.dom.saml.v2.metadata.EntityDescriptorType) SPSSODescriptorType(org.keycloak.dom.saml.v2.metadata.SPSSODescriptorType) Test(org.junit.Test)

Aggregations

SAMLParser (org.keycloak.saml.processing.core.parsers.saml.SAMLParser)15 Document (org.w3c.dom.Document)8 Test (org.junit.Test)6 StringInputStream (org.apache.tools.ant.filters.StringInputStream)5 EntityDescriptorType (org.keycloak.dom.saml.v2.metadata.EntityDescriptorType)5 SPSSODescriptorType (org.keycloak.dom.saml.v2.metadata.SPSSODescriptorType)5 SAMLDocumentHolder (org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)5 Closeable (java.io.Closeable)4 AssertionType (org.keycloak.dom.saml.v2.assertion.AssertionType)4 ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)4 IdentityProviderAttributeUpdater (org.keycloak.testsuite.updaters.IdentityProviderAttributeUpdater)4 InputStream (java.io.InputStream)3 EncryptedAssertionType (org.keycloak.dom.saml.v2.assertion.EncryptedAssertionType)3 IdentityProviderMapperRepresentation (org.keycloak.representations.idm.IdentityProviderMapperRepresentation)3 SAMLDataMarshaller (org.keycloak.broker.saml.SAMLDataMarshaller)2 SAML2Object (org.keycloak.dom.saml.v2.SAML2Object)2 QName (javax.xml.namespace.QName)1 SamlDeployment (org.keycloak.adapters.saml.SamlDeployment)1 DeploymentBuilder (org.keycloak.adapters.saml.config.parsers.DeploymentBuilder)1 ResourceLoader (org.keycloak.adapters.saml.config.parsers.ResourceLoader)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial