Example 1 with REALM_CONS_NAME
use of org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME in project keycloak by keycloak.
the class KcSamlIdPInitiatedSsoTest method testProviderTransientIdpInitiatedLogin.
@Test
public void testProviderTransientIdpInitiatedLogin() throws Exception {
IdentityProviderResource idp = adminClient.realm(REALM_CONS_NAME).identityProviders().get("saml-leaf");
IdentityProviderRepresentation rep = idp.toRepresentation();
rep.getConfig().put(SAMLIdentityProviderConfig.NAME_ID_POLICY_FORMAT, JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get());
rep.getConfig().put(SAMLIdentityProviderConfig.PRINCIPAL_TYPE, SamlPrincipalType.ATTRIBUTE.name());
rep.getConfig().put(SAMLIdentityProviderConfig.PRINCIPAL_ATTRIBUTE, X500SAMLProfileConstants.UID.get());
idp.update(rep);
SAMLDocumentHolder samlResponse = new SamlClientBuilder().navigateTo(getSamlIdpInitiatedUrl(REALM_PROV_NAME, "samlbroker")).login().user(PROVIDER_REALM_USER_NAME, PROVIDER_REALM_USER_PASSWORD).build().processSamlResponse(Binding.POST).transformObject(ob -> {
assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) ob;
assertThat(resp.getDestination(), is(getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales")));
assertAudience(resp, getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales"));
NameIDType nameId = new NameIDType();
nameId.setFormat(URI.create(JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get()));
nameId.setValue("subjectId1");
resp.getAssertions().get(0).getAssertion().getSubject().getSubType().addBaseID(nameId);
Set<StatementAbstractType> statements = resp.getAssertions().get(0).getAssertion().getStatements();
AttributeStatementType attributeType = (AttributeStatementType) statements.stream().filter(statement -> statement instanceof AttributeStatementType).findFirst().orElse(new AttributeStatementType());
AttributeType attr = new AttributeType(X500SAMLProfileConstants.UID.get());
attr.addAttributeValue(PROVIDER_REALM_USER_NAME);
attributeType.addAttribute(new AttributeStatementType.ASTChoiceType(attr));
resp.getAssertions().get(0).getAssertion().addStatement(attributeType);
return ob;
}).build().navigateTo(getSamlIdpInitiatedUrl(REALM_PROV_NAME, "samlbroker-2")).login().sso(true).build().processSamlResponse(Binding.POST).transformObject(ob -> {
assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) ob;
assertThat(resp.getDestination(), is(getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales2")));
assertAudience(resp, getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales2"));
NameIDType nameId = new NameIDType();
nameId.setFormat(URI.create(JBossSAMLURIConstants.NAMEID_FORMAT_TRANSIENT.get()));
nameId.setValue("subjectId2");
resp.getAssertions().get(0).getAssertion().getSubject().getSubType().addBaseID(nameId);
Set<StatementAbstractType> statements = resp.getAssertions().get(0).getAssertion().getStatements();
AttributeStatementType attributeType = (AttributeStatementType) statements.stream().filter(statement -> statement instanceof AttributeStatementType).findFirst().orElse(new AttributeStatementType());
AttributeType attr = new AttributeType(X500SAMLProfileConstants.UID.get());
attr.addAttributeValue(PROVIDER_REALM_USER_NAME);
attributeType.addAttribute(new AttributeStatementType.ASTChoiceType(attr));
resp.getAssertions().get(0).getAssertion().addStatement(attributeType);
return ob;
}).build().updateProfile().username(CONSUMER_CHOSEN_USERNAME).email("test@localhost").firstName("Firstname").lastName("Lastname").build().followOneRedirect().getSamlResponse(Binding.POST);
assertThat(samlResponse.getSamlObject(), Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) samlResponse.getSamlObject();
assertThat(resp.getDestination(), is(urlRealmConsumer + "/app/auth2/saml"));
assertAudience(resp, urlRealmConsumer + "/app/auth2");
UsersResource users = adminClient.realm(REALM_CONS_NAME).users();
List<UserRepresentation> userList = users.search(CONSUMER_CHOSEN_USERNAME);
assertEquals(1, userList.size());
String id = userList.get(0).getId();
FederatedIdentityRepresentation fed = users.get(id).getFederatedIdentity().get(0);
assertThat(fed.getUserId(), is(PROVIDER_REALM_USER_NAME));
assertThat(fed.getUserName(), is(PROVIDER_REALM_USER_NAME));
// check that no user with sent subject-id was sent
userList = users.search("subjectId1");
assertTrue(userList.isEmpty());
userList = users.search("subjectId2");
assertTrue(userList.isEmpty());
}
Also used :
AssertionUtil(org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil)
Page(org.jboss.arquillian.graphene.page.Page)
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
Assert.assertThat(org.junit.Assert.assertThat)
SAMLIdentityProviderConfig(org.keycloak.broker.saml.SAMLIdentityProviderConfig)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
Map(java.util.Map)
REALM_PROV_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_PROV_NAME)
URI(java.net.URI)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation)
Matchers.notNullValue(org.hamcrest.Matchers.notNullValue)
Matchers(org.keycloak.testsuite.util.Matchers)
Set(java.util.Set)
Collectors(java.util.stream.Collectors)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
IOUtil(org.keycloak.testsuite.utils.io.IOUtil)
IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Matchers.instanceOf(org.hamcrest.Matchers.instanceOf)
List(java.util.List)
Response(javax.ws.rs.core.Response)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
LoginPage(org.keycloak.testsuite.pages.LoginPage)
Matchers.contains(org.hamcrest.Matchers.contains)
Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder)
Matchers.greaterThan(org.hamcrest.Matchers.greaterThan)
Matchers.is(org.hamcrest.Matchers.is)
Matchers.containsString(org.hamcrest.Matchers.containsString)
SamlPrincipalType(org.keycloak.protocol.saml.SamlPrincipalType)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
WebDriverWait(org.openqa.selenium.support.ui.WebDriverWait)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
UserSessionRepresentation(org.keycloak.representations.idm.UserSessionRepresentation)
Assert(org.keycloak.testsuite.Assert)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
WebDriver(org.openqa.selenium.WebDriver)
X500SAMLProfileConstants(org.keycloak.saml.processing.core.saml.v2.constants.X500SAMLProfileConstants)
ExpectedCondition(org.openqa.selenium.support.ui.ExpectedCondition)
UsersResource(org.keycloak.admin.client.resource.UsersResource)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
AudienceRestrictionType(org.keycloak.dom.saml.v2.assertion.AudienceRestrictionType)
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
StringPropertyReplacer(org.keycloak.common.util.StringPropertyReplacer)
UpdateAccountInformationPage(org.keycloak.testsuite.pages.UpdateAccountInformationPage)
PageUtils(org.keycloak.testsuite.pages.PageUtils)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
StreamUtil(org.keycloak.common.util.StreamUtil)
AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer)
Before(org.junit.Before)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Properties(java.util.Properties)
JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants)
By(org.openqa.selenium.By)
Assert.assertTrue(org.junit.Assert.assertTrue)
IOException(java.io.IOException)
Test(org.junit.Test)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType)
REALM_CONS_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME)
Binding(org.keycloak.testsuite.util.SamlClient.Binding)
Assert.assertEquals(org.junit.Assert.assertEquals)
InputStream(java.io.InputStream)
Set(java.util.Set)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
Matchers.containsString(org.hamcrest.Matchers.containsString)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
UsersResource(org.keycloak.admin.client.resource.UsersResource)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType)
FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
Test(org.junit.Test)
Example 2 with REALM_CONS_NAME
use of org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME in project keycloak by keycloak.
the class KcSamlIdPInitiatedSsoTest method testProviderIdpInitiatedLoginWithPrincipalAttribute.
// KEYCLOAK-7969
@Test
public void testProviderIdpInitiatedLoginWithPrincipalAttribute() throws Exception {
IdentityProviderResource idp = adminClient.realm(REALM_CONS_NAME).identityProviders().get("saml-leaf");
IdentityProviderRepresentation rep = idp.toRepresentation();
rep.getConfig().put(SAMLIdentityProviderConfig.PRINCIPAL_TYPE, SamlPrincipalType.ATTRIBUTE.name());
rep.getConfig().put(SAMLIdentityProviderConfig.PRINCIPAL_ATTRIBUTE, X500SAMLProfileConstants.UID.get());
idp.update(rep);
SAMLDocumentHolder samlResponse = new SamlClientBuilder().navigateTo(getSamlIdpInitiatedUrl(REALM_PROV_NAME, "samlbroker")).login().user(PROVIDER_REALM_USER_NAME, PROVIDER_REALM_USER_PASSWORD).build().processSamlResponse(Binding.POST).transformObject(ob -> {
assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) ob;
assertThat(resp.getDestination(), is(getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales")));
assertAudience(resp, getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales"));
Set<StatementAbstractType> statements = resp.getAssertions().get(0).getAssertion().getStatements();
AttributeStatementType attributeType = (AttributeStatementType) statements.stream().filter(statement -> statement instanceof AttributeStatementType).findFirst().orElse(new AttributeStatementType());
AttributeType attr = new AttributeType(X500SAMLProfileConstants.UID.get());
attr.addAttributeValue(PROVIDER_REALM_USER_NAME);
attributeType.addAttribute(new AttributeStatementType.ASTChoiceType(attr));
resp.getAssertions().get(0).getAssertion().addStatement(attributeType);
return ob;
}).build().updateProfile().username(CONSUMER_CHOSEN_USERNAME).email("test@localhost").firstName("Firstname").lastName("Lastname").build().followOneRedirect().getSamlResponse(Binding.POST);
assertThat(samlResponse.getSamlObject(), Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) samlResponse.getSamlObject();
assertThat(resp.getDestination(), is(urlRealmConsumer + "/app/auth"));
assertAudience(resp, urlRealmConsumer + "/app/auth");
UsersResource users = adminClient.realm(REALM_CONS_NAME).users();
String id = users.search(CONSUMER_CHOSEN_USERNAME).get(0).getId();
FederatedIdentityRepresentation fed = users.get(id).getFederatedIdentity().get(0);
assertThat(fed.getUserId(), is(PROVIDER_REALM_USER_NAME));
assertThat(fed.getUserName(), is(PROVIDER_REALM_USER_NAME));
}
Also used :
AssertionUtil(org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil)
Page(org.jboss.arquillian.graphene.page.Page)
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
Assert.assertThat(org.junit.Assert.assertThat)
SAMLIdentityProviderConfig(org.keycloak.broker.saml.SAMLIdentityProviderConfig)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
Map(java.util.Map)
REALM_PROV_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_PROV_NAME)
URI(java.net.URI)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation)
Matchers.notNullValue(org.hamcrest.Matchers.notNullValue)
Matchers(org.keycloak.testsuite.util.Matchers)
Set(java.util.Set)
Collectors(java.util.stream.Collectors)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
IOUtil(org.keycloak.testsuite.utils.io.IOUtil)
IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Matchers.instanceOf(org.hamcrest.Matchers.instanceOf)
List(java.util.List)
Response(javax.ws.rs.core.Response)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
LoginPage(org.keycloak.testsuite.pages.LoginPage)
Matchers.contains(org.hamcrest.Matchers.contains)
Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder)
Matchers.greaterThan(org.hamcrest.Matchers.greaterThan)
Matchers.is(org.hamcrest.Matchers.is)
Matchers.containsString(org.hamcrest.Matchers.containsString)
SamlPrincipalType(org.keycloak.protocol.saml.SamlPrincipalType)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
WebDriverWait(org.openqa.selenium.support.ui.WebDriverWait)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
UserSessionRepresentation(org.keycloak.representations.idm.UserSessionRepresentation)
Assert(org.keycloak.testsuite.Assert)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
WebDriver(org.openqa.selenium.WebDriver)
X500SAMLProfileConstants(org.keycloak.saml.processing.core.saml.v2.constants.X500SAMLProfileConstants)
ExpectedCondition(org.openqa.selenium.support.ui.ExpectedCondition)
UsersResource(org.keycloak.admin.client.resource.UsersResource)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
AudienceRestrictionType(org.keycloak.dom.saml.v2.assertion.AudienceRestrictionType)
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
StringPropertyReplacer(org.keycloak.common.util.StringPropertyReplacer)
UpdateAccountInformationPage(org.keycloak.testsuite.pages.UpdateAccountInformationPage)
PageUtils(org.keycloak.testsuite.pages.PageUtils)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
StreamUtil(org.keycloak.common.util.StreamUtil)
AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer)
Before(org.junit.Before)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Properties(java.util.Properties)
JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants)
By(org.openqa.selenium.By)
Assert.assertTrue(org.junit.Assert.assertTrue)
IOException(java.io.IOException)
Test(org.junit.Test)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType)
REALM_CONS_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME)
Binding(org.keycloak.testsuite.util.SamlClient.Binding)
Assert.assertEquals(org.junit.Assert.assertEquals)
InputStream(java.io.InputStream)
Set(java.util.Set)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
Matchers.containsString(org.hamcrest.Matchers.containsString)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
UsersResource(org.keycloak.admin.client.resource.UsersResource)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
Test(org.junit.Test)
Example 3 with REALM_CONS_NAME
use of org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME in project keycloak by keycloak.
the class KcSamlIdPInitiatedSsoTest method testProviderIdpInitiatedLoginToApp.
@Test
public void testProviderIdpInitiatedLoginToApp() throws Exception {
SAMLDocumentHolder samlResponse = new SamlClientBuilder().navigateTo(getSamlIdpInitiatedUrl(REALM_PROV_NAME, "samlbroker")).login().user(PROVIDER_REALM_USER_NAME, PROVIDER_REALM_USER_PASSWORD).build().processSamlResponse(Binding.POST).transformObject(ob -> {
assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) ob;
assertThat(resp.getDestination(), is(getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales")));
assertAudience(resp, getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales"));
return ob;
}).build().updateProfile().username(CONSUMER_CHOSEN_USERNAME).email("test@localhost").firstName("Firstname").lastName("Lastname").build().followOneRedirect().getSamlResponse(Binding.POST);
assertThat(samlResponse.getSamlObject(), Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) samlResponse.getSamlObject();
assertThat(resp.getDestination(), is(urlRealmConsumer + "/app/auth"));
assertAudience(resp, urlRealmConsumer + "/app/auth");
}
Also used :
AssertionUtil(org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil)
Page(org.jboss.arquillian.graphene.page.Page)
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
Assert.assertThat(org.junit.Assert.assertThat)
SAMLIdentityProviderConfig(org.keycloak.broker.saml.SAMLIdentityProviderConfig)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
Map(java.util.Map)
REALM_PROV_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_PROV_NAME)
URI(java.net.URI)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation)
Matchers.notNullValue(org.hamcrest.Matchers.notNullValue)
Matchers(org.keycloak.testsuite.util.Matchers)
Set(java.util.Set)
Collectors(java.util.stream.Collectors)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
IOUtil(org.keycloak.testsuite.utils.io.IOUtil)
IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Matchers.instanceOf(org.hamcrest.Matchers.instanceOf)
List(java.util.List)
Response(javax.ws.rs.core.Response)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
LoginPage(org.keycloak.testsuite.pages.LoginPage)
Matchers.contains(org.hamcrest.Matchers.contains)
Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder)
Matchers.greaterThan(org.hamcrest.Matchers.greaterThan)
Matchers.is(org.hamcrest.Matchers.is)
Matchers.containsString(org.hamcrest.Matchers.containsString)
SamlPrincipalType(org.keycloak.protocol.saml.SamlPrincipalType)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
WebDriverWait(org.openqa.selenium.support.ui.WebDriverWait)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
UserSessionRepresentation(org.keycloak.representations.idm.UserSessionRepresentation)
Assert(org.keycloak.testsuite.Assert)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
WebDriver(org.openqa.selenium.WebDriver)
X500SAMLProfileConstants(org.keycloak.saml.processing.core.saml.v2.constants.X500SAMLProfileConstants)
ExpectedCondition(org.openqa.selenium.support.ui.ExpectedCondition)
UsersResource(org.keycloak.admin.client.resource.UsersResource)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
AudienceRestrictionType(org.keycloak.dom.saml.v2.assertion.AudienceRestrictionType)
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
StringPropertyReplacer(org.keycloak.common.util.StringPropertyReplacer)
UpdateAccountInformationPage(org.keycloak.testsuite.pages.UpdateAccountInformationPage)
PageUtils(org.keycloak.testsuite.pages.PageUtils)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
StreamUtil(org.keycloak.common.util.StreamUtil)
AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer)
Before(org.junit.Before)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Properties(java.util.Properties)
JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants)
By(org.openqa.selenium.By)
Assert.assertTrue(org.junit.Assert.assertTrue)
IOException(java.io.IOException)
Test(org.junit.Test)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType)
REALM_CONS_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME)
Binding(org.keycloak.testsuite.util.SamlClient.Binding)
Assert.assertEquals(org.junit.Assert.assertEquals)
InputStream(java.io.InputStream)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
Test(org.junit.Test)
Example 4 with REALM_CONS_NAME
use of org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME in project keycloak by keycloak.
the class KcSamlIdPInitiatedSsoTest method testConsumerIdpInitiatedLoginToApp.
@Test
public void testConsumerIdpInitiatedLoginToApp() throws Exception {
SAMLDocumentHolder samlResponse = new SamlClientBuilder().navigateTo(getSamlIdpInitiatedUrl(REALM_CONS_NAME, "sales")).login().idp("saml-leaf").build().processSamlResponse(// AuthnRequest to producer IdP
Binding.POST).targetAttributeSamlRequest().build().login().user(PROVIDER_REALM_USER_NAME, PROVIDER_REALM_USER_PASSWORD).build().processSamlResponse(Binding.POST).transformObject(ob -> {
assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) ob;
assertThat(resp.getDestination(), is(getSamlBrokerUrl(REALM_CONS_NAME)));
assertAudience(resp, urlRealmConsumer);
return ob;
}).build().updateProfile().username(CONSUMER_CHOSEN_USERNAME).email("test@localhost").firstName("Firstname").lastName("Lastname").build().followOneRedirect().getSamlResponse(Binding.POST);
assertThat(samlResponse.getSamlObject(), Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) samlResponse.getSamlObject();
assertThat(resp.getDestination(), is(urlRealmConsumer + "/app/auth"));
assertAudience(resp, urlRealmConsumer + "/app/auth");
}
Also used :
AssertionUtil(org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil)
Page(org.jboss.arquillian.graphene.page.Page)
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
Assert.assertThat(org.junit.Assert.assertThat)
SAMLIdentityProviderConfig(org.keycloak.broker.saml.SAMLIdentityProviderConfig)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
Map(java.util.Map)
REALM_PROV_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_PROV_NAME)
URI(java.net.URI)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation)
Matchers.notNullValue(org.hamcrest.Matchers.notNullValue)
Matchers(org.keycloak.testsuite.util.Matchers)
Set(java.util.Set)
Collectors(java.util.stream.Collectors)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
IOUtil(org.keycloak.testsuite.utils.io.IOUtil)
IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Matchers.instanceOf(org.hamcrest.Matchers.instanceOf)
List(java.util.List)
Response(javax.ws.rs.core.Response)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
LoginPage(org.keycloak.testsuite.pages.LoginPage)
Matchers.contains(org.hamcrest.Matchers.contains)
Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder)
Matchers.greaterThan(org.hamcrest.Matchers.greaterThan)
Matchers.is(org.hamcrest.Matchers.is)
Matchers.containsString(org.hamcrest.Matchers.containsString)
SamlPrincipalType(org.keycloak.protocol.saml.SamlPrincipalType)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
WebDriverWait(org.openqa.selenium.support.ui.WebDriverWait)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
UserSessionRepresentation(org.keycloak.representations.idm.UserSessionRepresentation)
Assert(org.keycloak.testsuite.Assert)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
WebDriver(org.openqa.selenium.WebDriver)
X500SAMLProfileConstants(org.keycloak.saml.processing.core.saml.v2.constants.X500SAMLProfileConstants)
ExpectedCondition(org.openqa.selenium.support.ui.ExpectedCondition)
UsersResource(org.keycloak.admin.client.resource.UsersResource)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
AudienceRestrictionType(org.keycloak.dom.saml.v2.assertion.AudienceRestrictionType)
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
StringPropertyReplacer(org.keycloak.common.util.StringPropertyReplacer)
UpdateAccountInformationPage(org.keycloak.testsuite.pages.UpdateAccountInformationPage)
PageUtils(org.keycloak.testsuite.pages.PageUtils)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
StreamUtil(org.keycloak.common.util.StreamUtil)
AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer)
Before(org.junit.Before)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Properties(java.util.Properties)
JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants)
By(org.openqa.selenium.By)
Assert.assertTrue(org.junit.Assert.assertTrue)
IOException(java.io.IOException)
Test(org.junit.Test)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType)
REALM_CONS_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME)
Binding(org.keycloak.testsuite.util.SamlClient.Binding)
Assert.assertEquals(org.junit.Assert.assertEquals)
InputStream(java.io.InputStream)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
Test(org.junit.Test)
Example 5 with REALM_CONS_NAME
use of org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME in project keycloak by keycloak.
the class KcSamlIdPInitiatedSsoTest method testTwoConsequentIdpInitiatedLogins.
@Test
public void testTwoConsequentIdpInitiatedLogins() throws Exception {
SAMLDocumentHolder samlResponse = new SamlClientBuilder().navigateTo(getSamlIdpInitiatedUrl(REALM_PROV_NAME, "samlbroker")).login().user(PROVIDER_REALM_USER_NAME, PROVIDER_REALM_USER_PASSWORD).build().processSamlResponse(Binding.POST).transformObject(ob -> {
assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) ob;
assertThat(resp.getDestination(), is(getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales")));
assertAudience(resp, getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales"));
return ob;
}).build().updateProfile().username(CONSUMER_CHOSEN_USERNAME).email("test@localhost").firstName("Firstname").lastName("Lastname").build().followOneRedirect().processSamlResponse(Binding.POST).transformObject(ob -> {
assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) ob;
assertThat(resp.getDestination(), is(urlRealmConsumer + "/app/auth"));
assertAudience(resp, urlRealmConsumer + "/app/auth");
return null;
}).build().navigateTo(getSamlIdpInitiatedUrl(REALM_PROV_NAME, "samlbroker-2")).login().sso(true).build().processSamlResponse(Binding.POST).transformObject(ob -> {
assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) ob;
assertThat(resp.getDestination(), is(getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales2")));
assertAudience(resp, getSamlBrokerIdpInitiatedUrl(REALM_CONS_NAME, "sales2"));
return ob;
}).build().getSamlResponse(Binding.POST);
assertThat(samlResponse.getSamlObject(), Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) samlResponse.getSamlObject();
assertThat(resp.getDestination(), is(urlRealmConsumer + "/app/auth2/saml"));
assertAudience(resp, urlRealmConsumer + "/app/auth2");
assertSingleUserSession(REALM_CONS_NAME, CONSUMER_CHOSEN_USERNAME, urlRealmConsumer + "/app/auth", urlRealmConsumer + "/app/auth2");
assertSingleUserSession(REALM_PROV_NAME, PROVIDER_REALM_USER_NAME, urlRealmConsumer + "/broker/saml-leaf/endpoint/clients/sales", urlRealmConsumer + "/broker/saml-leaf/endpoint/clients/sales2");
}
Also used :
AssertionUtil(org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil)
Page(org.jboss.arquillian.graphene.page.Page)
AttributeStatementType(org.keycloak.dom.saml.v2.assertion.AttributeStatementType)
Assert.assertThat(org.junit.Assert.assertThat)
SAMLIdentityProviderConfig(org.keycloak.broker.saml.SAMLIdentityProviderConfig)
ByteArrayInputStream(java.io.ByteArrayInputStream)
ClientsResource(org.keycloak.admin.client.resource.ClientsResource)
Map(java.util.Map)
REALM_PROV_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_PROV_NAME)
URI(java.net.URI)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
FederatedIdentityRepresentation(org.keycloak.representations.idm.FederatedIdentityRepresentation)
Matchers.notNullValue(org.hamcrest.Matchers.notNullValue)
Matchers(org.keycloak.testsuite.util.Matchers)
Set(java.util.Set)
Collectors(java.util.stream.Collectors)
RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation)
IOUtil(org.keycloak.testsuite.utils.io.IOUtil)
IdentityProviderResource(org.keycloak.admin.client.resource.IdentityProviderResource)
ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation)
Matchers.instanceOf(org.hamcrest.Matchers.instanceOf)
List(java.util.List)
Response(javax.ws.rs.core.Response)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
LoginPage(org.keycloak.testsuite.pages.LoginPage)
Matchers.contains(org.hamcrest.Matchers.contains)
Matchers.containsInAnyOrder(org.hamcrest.Matchers.containsInAnyOrder)
Matchers.greaterThan(org.hamcrest.Matchers.greaterThan)
Matchers.is(org.hamcrest.Matchers.is)
Matchers.containsString(org.hamcrest.Matchers.containsString)
SamlPrincipalType(org.keycloak.protocol.saml.SamlPrincipalType)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
WebDriverWait(org.openqa.selenium.support.ui.WebDriverWait)
IdentityProviderRepresentation(org.keycloak.representations.idm.IdentityProviderRepresentation)
UserSessionRepresentation(org.keycloak.representations.idm.UserSessionRepresentation)
Assert(org.keycloak.testsuite.Assert)
AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude)
WebDriver(org.openqa.selenium.WebDriver)
X500SAMLProfileConstants(org.keycloak.saml.processing.core.saml.v2.constants.X500SAMLProfileConstants)
ExpectedCondition(org.openqa.selenium.support.ui.ExpectedCondition)
UsersResource(org.keycloak.admin.client.resource.UsersResource)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
AudienceRestrictionType(org.keycloak.dom.saml.v2.assertion.AudienceRestrictionType)
AttributeType(org.keycloak.dom.saml.v2.assertion.AttributeType)
StringPropertyReplacer(org.keycloak.common.util.StringPropertyReplacer)
UpdateAccountInformationPage(org.keycloak.testsuite.pages.UpdateAccountInformationPage)
PageUtils(org.keycloak.testsuite.pages.PageUtils)
Matchers.hasSize(org.hamcrest.Matchers.hasSize)
StreamUtil(org.keycloak.common.util.StreamUtil)
AuthServer(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude.AuthServer)
Before(org.junit.Before)
UserRepresentation(org.keycloak.representations.idm.UserRepresentation)
Properties(java.util.Properties)
JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants)
By(org.openqa.selenium.By)
Assert.assertTrue(org.junit.Assert.assertTrue)
IOException(java.io.IOException)
Test(org.junit.Test)
AssertionType(org.keycloak.dom.saml.v2.assertion.AssertionType)
NameIDType(org.keycloak.dom.saml.v2.assertion.NameIDType)
StatementAbstractType(org.keycloak.dom.saml.v2.assertion.StatementAbstractType)
REALM_CONS_NAME(org.keycloak.testsuite.broker.BrokerTestConstants.REALM_CONS_NAME)
Binding(org.keycloak.testsuite.util.SamlClient.Binding)
Assert.assertEquals(org.junit.Assert.assertEquals)
InputStream(java.io.InputStream)
SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)
SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder)
ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)
AbstractKeycloakTest(org.keycloak.testsuite.AbstractKeycloakTest)
Test(org.junit.Test)
Aggregations
Test (org.junit.Test)7
ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)7
List (java.util.List)6
Set (java.util.Set)6
Matchers.is (org.hamcrest.Matchers.is)6
Matchers.notNullValue (org.hamcrest.Matchers.notNullValue)6
Assert.assertThat (org.junit.Assert.assertThat)6
SAMLIdentityProviderConfig (org.keycloak.broker.saml.SAMLIdentityProviderConfig)6
AssertionType (org.keycloak.dom.saml.v2.assertion.AssertionType)6
NameIDType (org.keycloak.dom.saml.v2.assertion.NameIDType)6
StatementAbstractType (org.keycloak.dom.saml.v2.assertion.StatementAbstractType)6
SamlPrincipalType (org.keycloak.protocol.saml.SamlPrincipalType)6
ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)6
ByteArrayInputStream (java.io.ByteArrayInputStream)5
IOException (java.io.IOException)5
InputStream (java.io.InputStream)5
URI (java.net.URI)5
Map (java.util.Map)5
Properties (java.util.Properties)5
Collectors (java.util.stream.Collectors)5
