use of org.keycloak.testsuite.broker.BrokerTestConstants.USER_PASSWORD in project keycloak by keycloak.
the class KcSamlBrokerFrontendUrlTest method testFrontendUrlInDestinationExpected.
@Test
public void testFrontendUrlInDestinationExpected() throws URISyntaxException {
SAMLDocumentHolder samlResponse = clientBuilderTrustingAllCertificates().idpInitiatedLogin(new URI(proxy.getUrl() + "/realms/" + bc.consumerRealmName() + "/protocol/saml"), "sales-post").build().login().idp(IDP_SAML_ALIAS).build().processSamlResponse(// AuthnRequest to producer IdP
SamlClient.Binding.POST).targetAttributeSamlRequest().build().login().user(USER_LOGIN, USER_PASSWORD).build().processSamlResponse(SamlClient.Binding.POST).transformObject(saml2Object -> {
assertThat(saml2Object, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType response = (ResponseType) saml2Object;
assertThat(response.getDestination(), startsWith(proxy.getUrl()));
return saml2Object;
}).build().updateProfile().username(USER_LOGIN).email(USER_EMAIL).firstName("Firstname").lastName("Lastname").build().followOneRedirect().getSamlResponse(SamlClient.Binding.POST);
assertThat(samlResponse.getSamlObject(), Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
}
use of org.keycloak.testsuite.broker.BrokerTestConstants.USER_PASSWORD in project keycloak by keycloak.
the class KcSamlBrokerSessionNotOnOrAfterTest method testConsumerIdpInitiatedLoginContainsSessionNotOnOrAfter.
@Test
public void testConsumerIdpInitiatedLoginContainsSessionNotOnOrAfter() throws Exception {
SAMLDocumentHolder samlResponse = new SamlClientBuilder().idpInitiatedLogin(getConsumerSamlEndpoint(REALM_CONS_NAME), "sales-post").build().login().idp(IDP_SAML_ALIAS).build().processSamlResponse(// AuthnRequest to producer IdP
SamlClient.Binding.POST).targetAttributeSamlRequest().build().login().user(USER_LOGIN, USER_PASSWORD).build().processSamlResponse(SamlClient.Binding.POST).build().updateProfile().username(USER_LOGIN).email(USER_EMAIL).firstName("Firstname").lastName("Lastname").build().followOneRedirect().getSamlResponse(SamlClient.Binding.POST);
assertThat(samlResponse.getSamlObject(), Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) samlResponse.getSamlObject();
Set<StatementAbstractType> statements = resp.getAssertions().get(0).getAssertion().getStatements();
AuthnStatementType authType = statements.stream().filter(statement -> statement instanceof AuthnStatementType).map(s -> (AuthnStatementType) s).findFirst().orElse(null);
assertThat(authType, notNullValue());
assertThat(authType.getSessionNotOnOrAfter(), notNullValue());
assertThat(authType.getSessionNotOnOrAfter(), is(XMLTimeUtil.add(authType.getAuthnInstant(), adminClient.realm(REALM_CONS_NAME).toRepresentation().getSsoSessionMaxLifespan() * 1000)));
}
Aggregations