use of org.keycloak.testsuite.updaters.IdentityProviderAttributeUpdater in project keycloak by keycloak.
the class KcSamlSpDescriptorTest method testAttributeConsumingServiceAttributeRoleMapperInSpMetadataWithServiceName.
@Test
public void testAttributeConsumingServiceAttributeRoleMapperInSpMetadataWithServiceName() throws IOException, ParsingException, URISyntaxException {
try (Closeable idpUpdater = new IdentityProviderAttributeUpdater(identityProviderResource).setAttribute(SAMLIdentityProviderConfig.ATTRIBUTE_CONSUMING_SERVICE_INDEX, "9").setAttribute(SAMLIdentityProviderConfig.ATTRIBUTE_CONSUMING_SERVICE_NAME, "My Attribute Set").update()) {
IdentityProviderMapperRepresentation attrMapperRole = new IdentityProviderMapperRepresentation();
attrMapperRole.setName("attribute-mapper-someroleattribute");
attrMapperRole.setIdentityProviderMapper(AttributeToRoleMapper.PROVIDER_ID);
attrMapperRole.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, IdentityProviderMapperSyncMode.INHERIT.toString()).put(AttributeToRoleMapper.ATTRIBUTE_NAME, "role_attr_name").put(AttributeToRoleMapper.ATTRIBUTE_FRIENDLY_NAME, "role_attr_friendlyname").put(ConfigConstants.ROLE, "somerole").build());
attrMapperRole.setIdentityProviderAlias(bc.getIDPAlias());
identityProviderResource.addMapper(attrMapperRole);
String spDescriptorString = identityProviderResource.export(null).readEntity(String.class);
SAMLParser parser = SAMLParser.getInstance();
EntityDescriptorType o = (EntityDescriptorType) parser.parse(new StringInputStream(spDescriptorString));
SPSSODescriptorType spDescriptor = o.getChoiceType().get(0).getDescriptors().get(0).getSpDescriptor();
assertThat(spDescriptor.getAttributeConsumingService(), not(empty()));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getIndex(), is(9));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute(), notNullValue());
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute(), not(empty()));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute().get(0).getName(), is("role_attr_name"));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute().get(0).getFriendlyName(), is("role_attr_friendlyname"));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getServiceName(), notNullValue());
assertThat(spDescriptor.getAttributeConsumingService().get(0).getServiceName().get(0).getValue(), is("My Attribute Set"));
}
}
use of org.keycloak.testsuite.updaters.IdentityProviderAttributeUpdater in project keycloak by keycloak.
the class KcSamlSpDescriptorTest method testAttributeConsumingServiceMappersInSpMetadataWithServiceName.
@Test
public void testAttributeConsumingServiceMappersInSpMetadataWithServiceName() throws IOException, ParsingException, URISyntaxException {
try (Closeable idpUpdater = new IdentityProviderAttributeUpdater(identityProviderResource).setAttribute(SAMLIdentityProviderConfig.ATTRIBUTE_CONSUMING_SERVICE_INDEX, "12").setAttribute(SAMLIdentityProviderConfig.ATTRIBUTE_CONSUMING_SERVICE_NAME, "My Attribute Set").update()) {
IdentityProviderMapperRepresentation attrMapperEmail = new IdentityProviderMapperRepresentation();
attrMapperEmail.setName("attribute-mapper-email");
attrMapperEmail.setIdentityProviderMapper(UserAttributeMapper.PROVIDER_ID);
attrMapperEmail.setConfig(ImmutableMap.<String, String>builder().put(IdentityProviderMapperModel.SYNC_MODE, IdentityProviderMapperSyncMode.INHERIT.toString()).put(UserAttributeMapper.ATTRIBUTE_NAME, "email_attr_name").put(UserAttributeMapper.ATTRIBUTE_FRIENDLY_NAME, "email_attr_friendlyname").put(UserAttributeMapper.USER_ATTRIBUTE, "email").build());
attrMapperEmail.setIdentityProviderAlias(bc.getIDPAlias());
identityProviderResource.addMapper(attrMapperEmail);
String spDescriptorString = identityProviderResource.export(null).readEntity(String.class);
SAMLParser parser = SAMLParser.getInstance();
EntityDescriptorType o = (EntityDescriptorType) parser.parse(new StringInputStream(spDescriptorString));
SPSSODescriptorType spDescriptor = o.getChoiceType().get(0).getDescriptors().get(0).getSpDescriptor();
assertThat(spDescriptor.getAttributeConsumingService(), not(empty()));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getIndex(), is(12));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute(), notNullValue());
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute(), not(empty()));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute().get(0).getName(), is("email_attr_name"));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getRequestedAttribute().get(0).getFriendlyName(), is("email_attr_friendlyname"));
assertThat(spDescriptor.getAttributeConsumingService().get(0).getServiceName(), notNullValue());
assertThat(spDescriptor.getAttributeConsumingService().get(0).getServiceName().get(0).getValue(), is("My Attribute Set"));
}
}
use of org.keycloak.testsuite.updaters.IdentityProviderAttributeUpdater in project keycloak by keycloak.
the class KcSamlAttributeConsumingServiceIndexTest method testAttributeConsumingServiceIndexNotSet.
@Test
public void testAttributeConsumingServiceIndexNotSet() throws Exception {
// No Attribute Consuming Service Index set -> No attribute added to AuthnRequest
try (Closeable idpUpdater = new IdentityProviderAttributeUpdater(identityProviderResource).update()) {
// Build the login request document
AuthnRequestType loginRep = SamlClient.createLoginRequestDocument(AbstractSamlTest.SAML_CLIENT_ID_SALES_POST + ".dot/ted", getConsumerRoot() + "/sales-post/saml", null);
Document doc = SAML2Request.convert(loginRep);
new SamlClientBuilder().authnRequest(getConsumerSamlEndpoint(bc.consumerRealmName()), doc, Binding.POST).build().login().idp(bc.getIDPAlias()).build().processSamlResponse(// AuthnRequest to producer IdP
Binding.POST).targetAttributeSamlRequest().transformDocument((document) -> {
try {
log.infof("Document: %s", DocumentUtil.asString(document));
// Find the AuthnRequest AttributeConsumingServiceIndex attribute
Node attrNode = document.getDocumentElement().getAttributes().getNamedItem("AttributeConsumingServiceIndex");
Assert.assertEquals("Unexpected AttributeConsumingServiceIndex attribute value", null, attrNode);
} catch (Exception ex) {
throw new RuntimeException(ex);
}
}).build().execute();
}
}
use of org.keycloak.testsuite.updaters.IdentityProviderAttributeUpdater in project keycloak by keycloak.
the class KcSamlAttributeConsumingServiceIndexTest method testAttributeConsumingServiceIndexSet.
@Test
public void testAttributeConsumingServiceIndexSet() throws Exception {
// Attribute Consuming Service Index set -> Attribute added to AuthnRequest
try (Closeable idpUpdater = new IdentityProviderAttributeUpdater(identityProviderResource).setAttribute(SAMLIdentityProviderConfig.ATTRIBUTE_CONSUMING_SERVICE_INDEX, "15").update()) {
// Build the login request document
AuthnRequestType loginRep = SamlClient.createLoginRequestDocument(AbstractSamlTest.SAML_CLIENT_ID_SALES_POST + ".dot/ted", getConsumerRoot() + "/sales-post/saml", null);
Document doc = SAML2Request.convert(loginRep);
new SamlClientBuilder().authnRequest(getConsumerSamlEndpoint(bc.consumerRealmName()), doc, Binding.POST).build().login().idp(bc.getIDPAlias()).build().processSamlResponse(// AuthnRequest to producer IdP
Binding.POST).targetAttributeSamlRequest().transformDocument((document) -> {
try {
log.infof("Document: %s", DocumentUtil.asString(document));
// Find the AuthnRequest AttributeConsumingServiceIndex attribute
String attrValue = document.getDocumentElement().getAttributes().getNamedItem("AttributeConsumingServiceIndex").getNodeValue();
Assert.assertEquals("Unexpected AttributeConsumingServiceIndex attribute value", "15", attrValue);
} catch (Exception ex) {
throw new RuntimeException(ex);
}
}).build().execute();
}
}
use of org.keycloak.testsuite.updaters.IdentityProviderAttributeUpdater in project keycloak by keycloak.
the class KcSamlCustomEntityIdBrokerTest method testCustomEntityIdSet.
@Test
public void testCustomEntityIdSet() throws Exception {
// Comparison type set, no classrefs, no declrefs -> No RequestedAuthnContext
try (Closeable idpUpdater = new IdentityProviderAttributeUpdater(identityProviderResource).setAttribute(SAMLIdentityProviderConfig.ENTITY_ID, "http://my.custom.entity.id").update()) {
// Build the login request document
AuthnRequestType loginRep = SamlClient.createLoginRequestDocument(AbstractSamlTest.SAML_CLIENT_ID_SALES_POST + ".dot/ted", getConsumerRoot() + "/sales-post/saml", null);
Document doc = SAML2Request.convert(loginRep);
new SamlClientBuilder().authnRequest(getConsumerSamlEndpoint(bc.consumerRealmName()), doc, Binding.POST).build().login().idp(bc.getIDPAlias()).build().processSamlResponse(// AuthnRequest to producer IdP
Binding.POST).targetAttributeSamlRequest().transformDocument((document) -> {
try {
log.infof("Document: %s", DocumentUtil.asString(document));
// Find the Issuer element
Element issuerElement = DocumentUtil.getDirectChildElement(document.getDocumentElement(), ASSERTION_NSURI.get(), "Issuer");
Assert.assertEquals("Unexpected Issuer element value", "http://my.custom.entity.id", issuerElement.getTextContent());
} catch (Exception ex) {
throw new RuntimeException(ex);
}
}).build().execute();
}
}
Aggregations