Example 1 with SAMLRequestWriter
use of org.keycloak.saml.processing.core.saml.v2.writers.SAMLRequestWriter in project keycloak by keycloak.
the class SAML2Request method convert.
/**
* Return the DOM object
*
* @param rat
*
* @return
*
* @throws ProcessingException
* @throws ParsingException
* @throws ConfigurationException
*/
public static Document convert(RequestAbstractType rat) throws ProcessingException, ConfigurationException, ParsingException {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
SAMLRequestWriter writer = new SAMLRequestWriter(StaxUtil.getXMLStreamWriter(bos));
if (rat instanceof AuthnRequestType) {
writer.write((AuthnRequestType) rat);
} else if (rat instanceof LogoutRequestType) {
writer.write((LogoutRequestType) rat);
}
return DocumentUtil.getDocument(new String(bos.toByteArray(), GeneralConstants.SAML_CHARSET));
}
Also used :
AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType)
SAMLRequestWriter(org.keycloak.saml.processing.core.saml.v2.writers.SAMLRequestWriter)
LogoutRequestType(org.keycloak.dom.saml.v2.protocol.LogoutRequestType)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Example 2 with SAMLRequestWriter
use of org.keycloak.saml.processing.core.saml.v2.writers.SAMLRequestWriter in project keycloak by keycloak.
the class SamlService method createArtifactResolve.
/**
* Creates an ArtifactResolve document with the given issuer and artifact
* @param issuer the value to set as "issuer"
* @param artifact the value to set as "artifact"
* @return the Document of the created ArtifactResolve message
* @throws ProcessingException
* @throws ParsingException
* @throws ConfigurationException
*/
private Document createArtifactResolve(String issuer, String artifact) throws ProcessingException, ParsingException, ConfigurationException {
ArtifactResolveType artifactResolve = new ArtifactResolveType(IDGenerator.create("ID_"), XMLTimeUtil.getIssueInstant());
NameIDType nameIDType = new NameIDType();
nameIDType.setValue(issuer);
artifactResolve.setIssuer(nameIDType);
artifactResolve.setArtifact(artifact);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(bos);
new SAMLRequestWriter(xmlStreamWriter).write(artifactResolve);
return DocumentUtil.getDocument(new ByteArrayInputStream(bos.toByteArray()));
}
Also used :
ArtifactResolveType(org.keycloak.dom.saml.v2.protocol.ArtifactResolveType)
ByteArrayInputStream(java.io.ByteArrayInputStream)
XMLStreamWriter(javax.xml.stream.XMLStreamWriter)
SAMLRequestWriter(org.keycloak.saml.processing.core.saml.v2.writers.SAMLRequestWriter)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
Example 3 with SAMLRequestWriter
use of org.keycloak.saml.processing.core.saml.v2.writers.SAMLRequestWriter in project keycloak by keycloak.
the class SamlDocumentStepBuilder method saml2Object2String.
public static String saml2Object2String(final SAML2Object transformed) {
try {
ByteArrayOutputStream bos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(bos);
if (transformed instanceof AuthnRequestType) {
new SAMLRequestWriter(xmlStreamWriter).write((AuthnRequestType) transformed);
} else if (transformed instanceof LogoutRequestType) {
new SAMLRequestWriter(xmlStreamWriter).write((LogoutRequestType) transformed);
} else if (transformed instanceof ArtifactResolveType) {
new SAMLRequestWriter(xmlStreamWriter).write((ArtifactResolveType) transformed);
} else if (transformed instanceof AttributeQueryType) {
new SAMLRequestWriter(xmlStreamWriter).write((AttributeQueryType) transformed);
} else if (transformed instanceof ResponseType) {
new SAMLResponseWriter(xmlStreamWriter).write((ResponseType) transformed);
} else if (transformed instanceof ArtifactResponseType) {
new SAMLResponseWriter(xmlStreamWriter).write((ArtifactResponseType) transformed);
} else if (transformed instanceof StatusResponseType) {
new SAMLResponseWriter(xmlStreamWriter).write((StatusResponseType) transformed, SAMLProtocolQNames.LOGOUT_RESPONSE.getQName("samlp"));
} else {
Assert.assertNotNull("Unknown type: <null>", transformed);
Assert.fail("Unknown type: " + transformed.getClass().getName());
}
return new String(bos.toByteArray(), GeneralConstants.SAML_CHARSET);
} catch (ProcessingException ex) {
throw new RuntimeException(ex);
}
}
Also used :
ArtifactResolveType(org.keycloak.dom.saml.v2.protocol.ArtifactResolveType)
LogoutRequestType(org.keycloak.dom.saml.v2.protocol.LogoutRequestType)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType)
StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType)
SAMLResponseWriter(org.keycloak.saml.processing.core.saml.v2.writers.SAMLResponseWriter)
AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType)
XMLStreamWriter(javax.xml.stream.XMLStreamWriter)
SAMLRequestWriter(org.keycloak.saml.processing.core.saml.v2.writers.SAMLRequestWriter)
ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType)
AttributeQueryType(org.keycloak.dom.saml.v2.protocol.AttributeQueryType)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
Example 4 with SAMLRequestWriter
use of org.keycloak.saml.processing.core.saml.v2.writers.SAMLRequestWriter in project keycloak by keycloak.
the class HandleArtifactStepBuilder method perform.
/**
* Main method. Can read a response with an artifact (redirect or post) and return a POSTed SOAP message containing
* the ArtifactResolve message. The behaviour changes depending on what builder methods were called.
*
* @param client The current http client
* @param currentURI the current uri
* @param currentResponse the current response from the IdP
* @param context the current http context
* @return a POSTed SOAP message containing the ArtifactResolve message
* @throws Exception
*/
@Override
public HttpUriRequest perform(CloseableHttpClient client, URI currentURI, CloseableHttpResponse currentResponse, HttpClientContext context) throws Exception {
if (replayPost && replayPostMessage != null) {
return replayPostMessage;
}
ArtifactResolveType artifactResolve = new ArtifactResolveType(id, XMLTimeUtil.getIssueInstant());
NameIDType nameIDType = new NameIDType();
nameIDType.setValue(issuer);
artifactResolve.setIssuer(nameIDType);
String artifact = getArtifactFromResponse(currentResponse);
if (storeArtifact != null)
storeArtifact.set(artifact);
artifactResolve.setArtifact(artifact);
ByteArrayOutputStream bos = new ByteArrayOutputStream();
XMLStreamWriter xmlStreamWriter = StaxUtil.getXMLStreamWriter(bos);
new SAMLRequestWriter(xmlStreamWriter).write(artifactResolve);
Document doc = DocumentUtil.getDocument(new ByteArrayInputStream(bos.toByteArray()));
BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder();
if (signingPrivateKeyPem != null && signingPublicKeyPem != null) {
PrivateKey privateKey = org.keycloak.testsuite.util.KeyUtils.privateKeyFromString(signingPrivateKeyPem);
PublicKey publicKey = org.keycloak.testsuite.util.KeyUtils.publicKeyFromString(signingPublicKeyPem);
binding.signatureAlgorithm(SignatureAlgorithm.RSA_SHA256).signWith(KeyUtils.createKeyId(privateKey), privateKey, publicKey).signDocument(doc);
}
String documentAsString = DocumentUtil.getDocumentAsString(doc);
String transformed = getTransformer().transform(documentAsString);
if (transformed == null)
return null;
if (beforeStepChecker != null && beforeStepChecker instanceof SessionStateChecker) {
SessionStateChecker sessionStateChecker = (SessionStateChecker) beforeStepChecker;
sessionStateChecker.setUserSessionProvider(session -> session.getProvider(SamlArtifactSessionMappingStoreProvider.class).get(artifact).getUserSessionId());
sessionStateChecker.setClientSessionProvider(session -> session.getProvider(SamlArtifactSessionMappingStoreProvider.class).get(artifact).getClientSessionId());
}
HttpPost post = Soap.createMessage().addToBody(DocumentUtil.getDocument(transformed)).buildHttpPost(authServerSamlUrl);
replayPostMessage = post;
return post;
}
Also used :
ArtifactResolveType(org.keycloak.dom.saml.v2.protocol.ArtifactResolveType)
HttpPost(org.apache.http.client.methods.HttpPost)
PrivateKey(java.security.PrivateKey)
PublicKey(java.security.PublicKey)
BaseSAML2BindingBuilder(org.keycloak.saml.BaseSAML2BindingBuilder)
ByteArrayOutputStream(java.io.ByteArrayOutputStream)
Document(org.w3c.dom.Document)
SamlArtifactSessionMappingStoreProvider(org.keycloak.models.SamlArtifactSessionMappingStoreProvider)
ByteArrayInputStream(java.io.ByteArrayInputStream)
XMLStreamWriter(javax.xml.stream.XMLStreamWriter)
SAMLRequestWriter(org.keycloak.saml.processing.core.saml.v2.writers.SAMLRequestWriter)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
Aggregations
ByteArrayOutputStream (java.io.ByteArrayOutputStream)4
SAMLRequestWriter (org.keycloak.saml.processing.core.saml.v2.writers.SAMLRequestWriter)4
XMLStreamWriter (javax.xml.stream.XMLStreamWriter)3
ArtifactResolveType (org.keycloak.dom.saml.v2.protocol.ArtifactResolveType)3
ByteArrayInputStream (java.io.ByteArrayInputStream)2
NameIDType (org.keycloak.dom.saml.v2.assertion.NameIDType)2
AuthnRequestType (org.keycloak.dom.saml.v2.protocol.AuthnRequestType)2
LogoutRequestType (org.keycloak.dom.saml.v2.protocol.LogoutRequestType)2
PrivateKey (java.security.PrivateKey)1
PublicKey (java.security.PublicKey)1
HttpPost (org.apache.http.client.methods.HttpPost)1
ArtifactResponseType (org.keycloak.dom.saml.v2.protocol.ArtifactResponseType)1
AttributeQueryType (org.keycloak.dom.saml.v2.protocol.AttributeQueryType)1
ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)1
StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)1
SamlArtifactSessionMappingStoreProvider (org.keycloak.models.SamlArtifactSessionMappingStoreProvider)1
BaseSAML2BindingBuilder (org.keycloak.saml.BaseSAML2BindingBuilder)1
ProcessingException (org.keycloak.saml.common.exceptions.ProcessingException)1
SAMLResponseWriter (org.keycloak.saml.processing.core.saml.v2.writers.SAMLResponseWriter)1
Document (org.w3c.dom.Document)1
