Examples with SamlClientBuilder org.keycloak.testsuite.util.SamlClientBuilder used on opensource projects

Search in sources :

Example 61 with SamlClientBuilder

use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.

the class SamlClientCertificateExpirationTest method testValidCertificate.

@Test
public void testValidCertificate() throws Exception {
    // Unsigned request should fail
    new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST_SIG, SAML_ASSERTION_CONSUMER_URL_SALES_POST_SIG, Binding.POST).build().assertResponse(Matchers.statusCodeIsHC(Status.BAD_REQUEST));
    // Signed request should succeed
    new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST_SIG, SAML_ASSERTION_CONSUMER_URL_SALES_POST_SIG, Binding.POST).signWith(SAML_CLIENT_SALES_POST_SIG_PRIVATE_KEY, SAML_CLIENT_SALES_POST_SIG_PUBLIC_KEY).build().assertResponse(Matchers.statusCodeIsHC(Status.OK));
}
Also used : SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) Test(org.junit.Test)

Example 62 with SamlClientBuilder

use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.

the class FixedHostnameTest method assertSamlLogin.

private void assertSamlLogin(Keycloak testAdminClient, String realm, String expectedBaseUrl) throws Exception {
    final String realmUrl = expectedBaseUrl + "/auth/realms/" + realm;
    final String baseSamlEndpointUrl = realmUrl + "/protocol/saml";
    String entityDescriptor = null;
    RealmResource realmResource = testAdminClient.realm(realm);
    ClientRepresentation clientRep = ClientBuilder.create().protocol(SamlProtocol.LOGIN_PROTOCOL).clientId(SAML_CLIENT_ID).enabled(true).attribute(SamlConfigAttributes.SAML_CLIENT_SIGNATURE_ATTRIBUTE, "false").redirectUris("http://foo.bar/").build();
    try (Creator<ClientResource> c = Creator.create(realmResource, clientRep);
        Creator<UserResource> u = Creator.create(realmResource, UserBuilder.create().username("bicycle").password("race").enabled(true).build())) {
        SAMLDocumentHolder samlResponse = new SamlClientBuilder().authnRequest(new URI(baseSamlEndpointUrl), SAML_CLIENT_ID, "http://foo.bar/", Binding.POST).build().login().user("bicycle", "race").build().getSamlResponse(Binding.POST);
        assertThat(samlResponse.getSamlObject(), org.keycloak.testsuite.util.Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
        ResponseType response = (ResponseType) samlResponse.getSamlObject();
        assertThat(response.getAssertions(), hasSize(1));
        assertThat(response.getAssertions().get(0).getAssertion().getIssuer().getValue(), is(realmUrl));
    } catch (Exception e) {
        log.errorf("Caught exception while parsing SAML descriptor %s", entityDescriptor);
    }
}
Also used : SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) RealmResource(org.keycloak.admin.client.resource.RealmResource) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) UserResource(org.keycloak.admin.client.resource.UserResource) ClientResource(org.keycloak.admin.client.resource.ClientResource) URI(java.net.URI) ClientRegistrationException(org.keycloak.client.registration.ClientRegistrationException) JWSInputException(org.keycloak.jose.jws.JWSInputException) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType)

Example 63 with SamlClientBuilder

use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.

the class SAMLServletAdapterTest method salesPostSigChangeContents.

@Test
public void salesPostSigChangeContents() {
    UserRepresentation user = createUserRepresentation("bburke-additional-domain", "bburke@redhat.com.additional.domain", "Bill", "Burke", true);
    setPasswordFor(user, PASSWORD);
    String resultPage = new SamlClientBuilder().navigateTo(salesPostSigEmailServletPage.buildUri()).processSamlResponse(Binding.POST).build().login().user(user).build().processSamlResponse(Binding.POST).transformString(s -> {
        Assert.assertThat(s, containsString(">bburke@redhat.com.additional.domain<"));
        s = s.replaceAll("bburke@redhat.com.additional.domain", "bburke@redhat.com");
        return s;
    }).build().executeAndTransform(resp -> EntityUtils.toString(resp.getEntity()));
    Assert.assertThat(resultPage, anyOf(containsString("INVALID_SIGNATURE"), // WAS
    containsString("Error 403: SRVE0295E: Error reported: 403")));
}
Also used : SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) AbstractSamlTest(org.keycloak.testsuite.saml.AbstractSamlTest) Test(org.junit.Test)

Example 64 with SamlClientBuilder

use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.

the class SAMLServletAdapterTest method testNameIDUnset.

@Test
public void testNameIDUnset() throws Exception {
    new SamlClientBuilder().navigateTo(employee2ServletPage.toString()).processSamlResponse(Binding.POST).build().login().user(bburkeUser).build().processSamlResponse(Binding.POST).transformDocument(responseDoc -> {
        XPathFactory xPathfactory = XPathFactory.newInstance();
        XPath xpath = xPathfactory.newXPath();
        XPathExpression expr = xpath.compile("//*[local-name()='NameID']");
        NodeList nodeList = (NodeList) expr.evaluate(responseDoc, XPathConstants.NODESET);
        Assert.assertThat(nodeList.getLength(), is(1));
        final Node nameIdNode = nodeList.item(0);
        nameIdNode.getParentNode().removeChild(nameIdNode);
        return responseDoc;
    }).build().navigateTo(employee2ServletPage.toString()).execute(r -> {
        Assert.assertThat(r, statusCodeIsHC(Response.Status.OK));
        Assert.assertThat(r, bodyHC(containsString("principal=")));
    });
}
Also used : KeyPair(java.security.KeyPair) AbstractSamlTest(org.keycloak.testsuite.saml.AbstractSamlTest) Arrays(java.util.Arrays) AssertionUtil(org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil) ClientAttributeUpdater(org.keycloak.testsuite.updaters.ClientAttributeUpdater) Matchers.statusCodeIsHC(org.keycloak.testsuite.util.Matchers.statusCodeIsHC) StreamResult(javax.xml.transform.stream.StreamResult) org.keycloak.testsuite.adapter.page(org.keycloak.testsuite.adapter.page) Page(org.jboss.arquillian.graphene.page.Page) DEMO(org.keycloak.testsuite.auth.page.AuthRealm.DEMO) Matcher(java.util.regex.Matcher) AdminClientUtil(org.keycloak.testsuite.util.AdminClientUtil) Document(org.w3c.dom.Document) Map(java.util.Map) UriBuilder(javax.ws.rs.core.UriBuilder) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) OK(javax.ws.rs.core.Response.Status.OK) UriBuilderException(javax.ws.rs.core.UriBuilderException) SamlProtocol(org.keycloak.protocol.saml.SamlProtocol) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) QName(javax.xml.namespace.QName) SAMLSERVLETDEMO(org.keycloak.testsuite.auth.page.AuthRealm.SAMLSERVLETDEMO) WaitUtils.waitUntilElement(org.keycloak.testsuite.util.WaitUtils.waitUntilElement) ByteArrayOutputStream(java.io.ByteArrayOutputStream) TransformerException(javax.xml.transform.TransformerException) XPath(javax.xml.xpath.XPath) Attributes(org.keycloak.keys.Attributes) StreamSource(javax.xml.transform.stream.StreamSource) GeneralConstants(org.keycloak.saml.common.constants.GeneralConstants) Source(javax.xml.transform.Source) HttpUriRequest(org.apache.http.client.methods.HttpUriRequest) PemUtils(org.keycloak.common.util.PemUtils) Schema(javax.xml.validation.Schema) LinkedHashMap(java.util.LinkedHashMap) MessageFactory(javax.xml.soap.MessageFactory) UserBuilder(org.keycloak.testsuite.util.UserBuilder) Users.setPasswordFor(org.keycloak.testsuite.admin.Users.setPasswordFor) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) ContainerConstants(org.keycloak.testsuite.utils.arquillian.ContainerConstants) ApiUtil(org.keycloak.testsuite.admin.ApiUtil) SchemaFactory(javax.xml.validation.SchemaFactory) IOException(java.io.IOException) Validator(javax.xml.validation.Validator) Test(org.junit.Test) RoleScopeResource(org.keycloak.admin.client.resource.RoleScopeResource) Users.getPasswordOf(org.keycloak.testsuite.admin.Users.getPasswordOf) StringReader(java.io.StringReader) Deployment(org.jboss.arquillian.container.test.api.Deployment) Binding(org.keycloak.testsuite.util.SamlClient.Binding) TransformerFactory(javax.xml.transform.TransformerFactory) HttpClientBuilder(org.apache.http.impl.client.HttpClientBuilder) MultivaluedHashMap(org.keycloak.common.util.MultivaluedHashMap) SOAPMessage(javax.xml.soap.SOAPMessage) Assert(org.junit.Assert) Transformer(javax.xml.transform.Transformer) CertificateFactory(java.security.cert.CertificateFactory) ImportedRsaKeyProviderFactory(org.keycloak.keys.ImportedRsaKeyProviderFactory) URL(java.net.URL) SOAPHeaderElement(javax.xml.soap.SOAPHeaderElement) HttpClientContext(org.apache.http.client.protocol.HttpClientContext) GroupRepresentation(org.keycloak.representations.idm.GroupRepresentation) NewCookie(javax.ws.rs.core.NewCookie) XmlKeyInfoKeyNameTransformer(org.keycloak.saml.common.util.XmlKeyInfoKeyNameTransformer) EntityUtils(org.apache.http.util.EntityUtils) Base64(org.keycloak.common.util.Base64) ByteArrayInputStream(java.io.ByteArrayInputStream) SAMLPostLoginTenant1(org.keycloak.testsuite.auth.page.login.SAMLPostLoginTenant1) SOAPHeader(javax.xml.soap.SOAPHeader) SAMLPostLoginTenant2(org.keycloak.testsuite.auth.page.login.SAMLPostLoginTenant2) SamlClient(org.keycloak.testsuite.util.SamlClient) URI(java.net.URI) SAMLIDPInitiatedLogin(org.keycloak.testsuite.auth.page.login.SAMLIDPInitiatedLogin) ClientResource(org.keycloak.admin.client.resource.ClientResource) Invocation(javax.ws.rs.client.Invocation) StatusCodeType(org.keycloak.dom.saml.v2.protocol.StatusCodeType) Collectors(java.util.stream.Collectors) Entity(javax.ws.rs.client.Entity) RealmRepresentation(org.keycloak.representations.idm.RealmRepresentation) DocumentUtil(org.keycloak.saml.common.util.DocumentUtil) IOUtil(org.keycloak.testsuite.utils.io.IOUtil) PASSWORD(org.keycloak.OAuth2Constants.PASSWORD) URLAssert.assertCurrentUrlStartsWith(org.keycloak.testsuite.util.URLAssert.assertCurrentUrlStartsWith) List(java.util.List) Certificate(java.security.cert.Certificate) HttpHeaders(javax.ws.rs.core.HttpHeaders) Response(javax.ws.rs.core.Response) HttpGet(org.apache.http.client.methods.HttpGet) SAXException(org.xml.sax.SAXException) Pattern(java.util.regex.Pattern) UIUtils.getRawPageSource(org.keycloak.testsuite.util.UIUtils.getRawPageSource) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) SAMLParser(org.keycloak.saml.processing.core.parsers.saml.SAMLParser) RealmsResource(org.keycloak.services.resources.RealmsResource) Login(org.keycloak.testsuite.auth.page.login.Login) Form(javax.ws.rs.core.Form) XPathConstants(javax.xml.xpath.XPathConstants) Client(javax.ws.rs.client.Client) HashMap(java.util.HashMap) Matchers.bodyHC(org.keycloak.testsuite.util.Matchers.bodyHC) XPathExpression(javax.xml.xpath.XPathExpression) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) SamlConfigAttributes(org.keycloak.protocol.saml.SamlConfigAttributes) ComponentRepresentation(org.keycloak.representations.idm.ComponentRepresentation) CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse) Node(org.w3c.dom.Node) KeyProvider(org.keycloak.keys.KeyProvider) OutputStreamWriter(java.io.OutputStreamWriter) NamedNodeMap(org.w3c.dom.NamedNodeMap) XMLConstants(javax.xml.XMLConstants) UserResource(org.keycloak.admin.client.resource.UserResource) KeyUtils(org.keycloak.common.util.KeyUtils) RoleRepresentation(org.keycloak.representations.idm.RoleRepresentation) JBossSAMLConstants(org.keycloak.saml.common.constants.JBossSAMLConstants) OutputStream(java.io.OutputStream) WaitUtils(org.keycloak.testsuite.util.WaitUtils) CloseableHttpClient(org.apache.http.impl.client.CloseableHttpClient) WebArchive(org.jboss.shrinkwrap.api.spec.WebArchive) UserRepresentation(org.keycloak.representations.idm.UserRepresentation) NodeList(org.w3c.dom.NodeList) Iterator(java.util.Iterator) EntityDescriptorType(org.keycloak.dom.saml.v2.metadata.EntityDescriptorType) ProtocolMappersResource(org.keycloak.admin.client.resource.ProtocolMappersResource) AuthnRequestType(org.keycloak.dom.saml.v2.protocol.AuthnRequestType) JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants) By(org.openqa.selenium.By) Matchers(org.hamcrest.Matchers) PublicKey(java.security.PublicKey) OutputKeys(javax.xml.transform.OutputKeys) WaitUtils.waitForPageToLoad(org.keycloak.testsuite.util.WaitUtils.waitForPageToLoad) StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType) StringAsset(org.jboss.shrinkwrap.api.asset.StringAsset) ServerURLs(org.keycloak.testsuite.util.ServerURLs) XPathFactory(javax.xml.xpath.XPathFactory) Creator(org.keycloak.testsuite.updaters.Creator) Element(org.w3c.dom.Element) AppServerContainer(org.keycloak.testsuite.arquillian.annotation.AppServerContainer) UserAttributeUpdater(org.keycloak.testsuite.updaters.UserAttributeUpdater) Closeable(java.io.Closeable) WebTarget(javax.ws.rs.client.WebTarget) AbstractPage(org.keycloak.testsuite.page.AbstractPage) Collections(java.util.Collections) XPath(javax.xml.xpath.XPath) XPathExpression(javax.xml.xpath.XPathExpression) XPathFactory(javax.xml.xpath.XPathFactory) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) NodeList(org.w3c.dom.NodeList) Node(org.w3c.dom.Node) AbstractSamlTest(org.keycloak.testsuite.saml.AbstractSamlTest) Test(org.junit.Test)

Example 65 with SamlClientBuilder

use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.

the class SAMLClockSkewAdapterTest method assertOutcome.

private void assertOutcome(int timeOffset, Matcher matcher) throws Exception {
    try {
        String resultPage = new SamlClientBuilder().navigateTo(salesPostClockSkewServletPage.toString()).processSamlResponse(POST).build().login().user(bburkeUser).build().processSamlResponse(POST).transformDocument(doc -> {
            setAdapterAndServerTimeOffset(timeOffset, salesPostClockSkewServletPage.toString());
            return doc;
        }).build().executeAndTransform(resp -> EntityUtils.toString(resp.getEntity()));
        Assert.assertThat(resultPage, matcher);
    } finally {
        setAdapterAndServerTimeOffset(0, salesPostClockSkewServletPage.toString());
    }
}
Also used : SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) Matchers.containsString(org.hamcrest.Matchers.containsString)

Aggregations

SamlClientBuilder (org.keycloak.testsuite.util.SamlClientBuilder)108 Test (org.junit.Test)99 SAMLDocumentHolder (org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)65 ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)42 Document (org.w3c.dom.Document)38 AuthnRequestType (org.keycloak.dom.saml.v2.protocol.AuthnRequestType)35 AbstractSamlTest (org.keycloak.testsuite.saml.AbstractSamlTest)30 StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)28 Matchers.containsString (org.hamcrest.Matchers.containsString)26 JBossSAMLURIConstants (org.keycloak.saml.common.constants.JBossSAMLURIConstants)23 Closeable (java.io.Closeable)21 URI (java.net.URI)20 IOException (java.io.IOException)19 SamlClient (org.keycloak.testsuite.util.SamlClient)18 ArtifactResponseType (org.keycloak.dom.saml.v2.protocol.ArtifactResponseType)17 Element (org.w3c.dom.Element)17 List (java.util.List)16 Response (javax.ws.rs.core.Response)15 Matchers.is (org.hamcrest.Matchers.is)14 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)14
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial