Search in sources :

Example 76 with SamlClientBuilder

use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.

the class ArtifactBindingTest method testArtifactBindingWithResponseAndAssertionSignature.

@Test
public void testArtifactBindingWithResponseAndAssertionSignature() throws Exception {
    SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST_ASSERTION_AND_RESPONSE_SIG, SAML_ASSERTION_CONSUMER_URL_SALES_POST_ASSERTION_AND_RESPONSE_SIG, POST).setProtocolBinding(JBossSAMLURIConstants.SAML_HTTP_ARTIFACT_BINDING.getUri()).signWith(SAML_CLIENT_SALES_POST_SIG_PRIVATE_KEY, SAML_CLIENT_SALES_POST_SIG_PUBLIC_KEY).build().login().user(bburkeUser).build().handleArtifact(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST_ASSERTION_AND_RESPONSE_SIG).signWith(SAML_CLIENT_SALES_POST_SIG_PRIVATE_KEY, SAML_CLIENT_SALES_POST_SIG_PUBLIC_KEY).build().doNotFollowRedirects().executeAndTransform(this::getArtifactResponse);
    assertThat(response.getSamlObject(), instanceOf(ArtifactResponseType.class));
    ArtifactResponseType artifactResponse = (ArtifactResponseType) response.getSamlObject();
    assertThat(artifactResponse, isSamlStatusResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
    assertThat(artifactResponse.getAny(), instanceOf(ResponseType.class));
    ResponseType samlResponse = (ResponseType) artifactResponse.getAny();
    assertThat(samlResponse, isSamlStatusResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
    assertThat(samlResponse.getAssertions().get(0).getAssertion().getSignature(), not(nullValue()));
    SamlDeployment deployment = SamlUtils.getSamlDeploymentForClient("sales-post-assertion-and-response-sig");
    // Checks the signature of the response as well as the signature of the assertion
    SamlProtocolUtils.verifyDocumentSignature(response.getSamlDocument(), deployment.getIDP().getSignatureValidationKeyLocator());
}
Also used : SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType) SamlDeployment(org.keycloak.adapters.saml.SamlDeployment) NameIDMappingResponseType(org.keycloak.dom.saml.v2.protocol.NameIDMappingResponseType) ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType) Test(org.junit.Test)

Example 77 with SamlClientBuilder

use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.

the class ArtifactBindingTest method testArtifactBindingIsNotUsedForLogoutWhenLogoutUrlNotSetPostTest.

@Test
public void testArtifactBindingIsNotUsedForLogoutWhenLogoutUrlNotSetPostTest() {
    getCleanup().addCleanup(ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_SALES_POST).setAttribute(SamlConfigAttributes.SAML_ARTIFACT_BINDING, "true").setAttribute(SamlProtocol.SAML_SINGLE_LOGOUT_SERVICE_URL_POST_ATTRIBUTE, "http://url").setFrontchannelLogout(true).update());
    SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, POST).setProtocolBinding(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.getUri()).build().login().user(bburkeUser).build().handleArtifact(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST).build().logoutRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, POST).build().doNotFollowRedirects().executeAndTransform(POST::extractResponse);
    assertThat(response.getSamlObject(), instanceOf(StatusResponseType.class));
    StatusResponseType logoutResponse = (StatusResponseType) response.getSamlObject();
    assertThat(logoutResponse, isSamlStatusResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
    assertThat(logoutResponse.getSignature(), nullValue());
    assertThat(logoutResponse, not(instanceOf(ResponseType.class)));
    assertThat(logoutResponse, not(instanceOf(ArtifactResponseType.class)));
    assertThat(logoutResponse, not(instanceOf(NameIDMappingResponseType.class)));
    assertThat(logoutResponse, instanceOf(StatusResponseType.class));
}
Also used : SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) POST(org.keycloak.testsuite.util.SamlClient.Binding.POST) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType) Test(org.junit.Test)

Example 78 with SamlClientBuilder

use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.

the class ArtifactBindingTest method testSessionStateDuringArtifactBindingLogoutWithMoreFrontChannelClients.

// Won't work with openshift, because openshift wouldn't see ArtifactResolutionService
@AuthServerContainerExclude(AuthServerContainerExclude.AuthServer.REMOTE)
@Test
public void testSessionStateDuringArtifactBindingLogoutWithMoreFrontChannelClients() {
    getCleanup().addCleanup(ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_SALES_POST).setAttribute(SamlConfigAttributes.SAML_ARTIFACT_BINDING, "true").setAttribute(SamlProtocol.SAML_SINGLE_LOGOUT_SERVICE_URL_ARTIFACT_ATTRIBUTE, "http://url").setFrontchannelLogout(true).update()).addCleanup(ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_SALES_POST2).setAttribute(SamlConfigAttributes.SAML_ARTIFACT_BINDING, "true").setAttribute(SamlProtocol.SAML_SINGLE_LOGOUT_SERVICE_URL_ARTIFACT_ATTRIBUTE, "http://url").setFrontchannelLogout(true).update());
    ClientRepresentation salesRep = adminClient.realm(REALM_NAME).clients().findByClientId(SAML_CLIENT_ID_SALES_POST).get(0);
    final String salesRepId = salesRep.getId();
    ClientRepresentation salesRep2 = adminClient.realm(REALM_NAME).clients().findByClientId(SAML_CLIENT_ID_SALES_POST2).get(0);
    final String salesRep2Id = salesRep2.getId();
    final AtomicReference<String> userSessionId = new AtomicReference<>();
    SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST2, SAML_ASSERTION_CONSUMER_URL_SALES_POST2, REDIRECT).setProtocolBinding(JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.getUri()).build().login().user(bburkeUser).build().handleArtifact(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST2).setBeforeStepChecks(new SessionStateChecker(testingClient.server()).storeUserSessionId(userSessionId).expectedClientSession(salesRep2Id).expectedState(UserSessionModel.State.LOGGED_IN).expectedNumberOfClientSessions(1).consumeUserSession(userSessionModel -> assertThat(userSessionModel, notNullValue())).consumeClientSession(salesRep2Id, clientSession -> assertThat(clientSession, notNullValue()))).verifyRedirect(true).build().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, REDIRECT).setProtocolBinding(JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.getUri()).build().handleArtifact(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST).setBeforeStepChecks(new SessionStateChecker(testingClient.server()).expectedUserSession(userSessionId).expectedState(UserSessionModel.State.LOGGED_IN).expectedClientSession(salesRepId).expectedNumberOfClientSessions(2).expectedAction(salesRep2Id, null).expectedAction(salesRepId, null)).verifyRedirect(true).build().logoutRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST2, REDIRECT).build().handleArtifact(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST).setBeforeStepChecks(new SessionStateChecker(testingClient.server()).expectedUserSession(userSessionId).expectedState(UserSessionModel.State.LOGGING_OUT).expectedClientSession(salesRepId).expectedNumberOfClientSessions(2).expectedAction(salesRepId, CommonClientSessionModel.Action.LOGGING_OUT).expectedAction(salesRep2Id, CommonClientSessionModel.Action.LOGGING_OUT)).setAfterStepChecks(new SessionStateChecker(testingClient.server()).setUserSessionProvider(session -> userSessionId.get()).expectedState(UserSessionModel.State.LOGGING_OUT).expectedNumberOfClientSessions(2).expectedAction(salesRepId, CommonClientSessionModel.Action.LOGGED_OUT).expectedAction(salesRep2Id, CommonClientSessionModel.Action.LOGGING_OUT)).verifyRedirect(true).build().doNotFollowRedirects().processSamlResponse(ARTIFACT_RESPONSE).transformDocument(doc -> {
        // Send LogoutResponse
        SAML2Object so = (SAML2Object) SAMLParser.getInstance().parse(new DOMSource(doc));
        return new SAML2LogoutResponseBuilder().destination(getAuthServerSamlEndpoint(REALM_NAME).toString()).issuer(SAML_CLIENT_ID_SALES_POST).logoutRequestID(((LogoutRequestType) so).getID()).buildDocument();
    }).targetBinding(REDIRECT).targetAttributeSamlResponse().targetUri(getAuthServerSamlEndpoint(REALM_NAME)).build().handleArtifact(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST2).verifyRedirect(true).setBeforeStepChecks(new SessionStateChecker(testingClient.server()).expectedUserSession(userSessionId).expectedClientSession(salesRep2Id).expectedState(UserSessionModel.State.LOGGED_OUT_UNCONFIRMED).expectedNumberOfClientSessions(2).expectedAction(salesRepId, CommonClientSessionModel.Action.LOGGED_OUT).expectedAction(salesRep2Id, CommonClientSessionModel.Action.LOGGING_OUT)).setAfterStepChecks(new SessionStateChecker(testingClient.server()).consumeUserSession(userSessionModel -> assertThat(userSessionModel, nullValue())).setUserSessionProvider(session -> userSessionId.get())).build().executeAndTransform(this::getArtifactResponse);
    assertThat(response.getSamlObject(), instanceOf(ArtifactResponseType.class));
    ArtifactResponseType artifactResponse = (ArtifactResponseType) response.getSamlObject();
    assertThat(artifactResponse.getSignature(), nullValue());
    assertThat(artifactResponse, isSamlStatusResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
    assertThat(artifactResponse.getAny(), instanceOf(StatusResponseType.class));
}
Also used : SamlProtocolUtils(org.keycloak.protocol.saml.SamlProtocolUtils) AssertionUtil(org.keycloak.saml.processing.core.saml.v2.util.AssertionUtil) ClientAttributeUpdater(org.keycloak.testsuite.updaters.ClientAttributeUpdater) Matchers.statusCodeIsHC(org.keycloak.testsuite.util.Matchers.statusCodeIsHC) URISyntaxException(java.net.URISyntaxException) Matchers.not(org.hamcrest.Matchers.not) ARTIFACT_RESPONSE(org.keycloak.testsuite.util.SamlClient.Binding.ARTIFACT_RESPONSE) POST(org.keycloak.testsuite.util.SamlClient.Binding.POST) SAML2LogoutResponseBuilder(org.keycloak.saml.SAML2LogoutResponseBuilder) Matchers.isSamlLogoutRequest(org.keycloak.testsuite.util.Matchers.isSamlLogoutRequest) HandleArtifactStepBuilder(org.keycloak.testsuite.util.saml.HandleArtifactStepBuilder) EntityUtils(org.apache.http.util.EntityUtils) InfinispanTestTimeServiceRule(org.keycloak.testsuite.util.InfinispanTestTimeServiceRule) SAML2Object(org.keycloak.dom.saml.v2.SAML2Object) Matcher(java.util.regex.Matcher) ByteArrayInputStream(java.io.ByteArrayInputStream) Document(org.w3c.dom.Document) NameIDMappingResponseType(org.keycloak.dom.saml.v2.protocol.NameIDMappingResponseType) Matchers.nullValue(org.hamcrest.Matchers.nullValue) SamlClient(org.keycloak.testsuite.util.SamlClient) SamlUtils(org.keycloak.testsuite.util.SamlUtils) URI(java.net.URI) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) Matchers.isEmptyOrNullString(org.hamcrest.Matchers.isEmptyOrNullString) Awaitility.await(org.awaitility.Awaitility.await) Matchers.isSamlResponse(org.keycloak.testsuite.util.Matchers.isSamlResponse) Matchers.notNullValue(org.hamcrest.Matchers.notNullValue) ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType) SamlProtocol(org.keycloak.protocol.saml.SamlProtocol) RealmAttributeUpdater(org.keycloak.testsuite.updaters.RealmAttributeUpdater) IOUtil(org.keycloak.testsuite.utils.io.IOUtil) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) Matchers.instanceOf(org.hamcrest.Matchers.instanceOf) ParsingException(org.keycloak.saml.common.exceptions.ParsingException) Base64(java.util.Base64) Response(javax.ws.rs.core.Response) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) Matchers.equalTo(org.hamcrest.Matchers.equalTo) Matchers.isSamlStatusResponse(org.keycloak.testsuite.util.Matchers.isSamlStatusResponse) SamlMessageReceiver(org.keycloak.testsuite.util.saml.SamlMessageReceiver) Matchers.is(org.hamcrest.Matchers.is) Pattern(java.util.regex.Pattern) Matchers.containsString(org.hamcrest.Matchers.containsString) SamlUtils.getSPInstallationDescriptor(org.keycloak.testsuite.util.SamlUtils.getSPInstallationDescriptor) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) SAMLParser(org.keycloak.saml.processing.core.parsers.saml.SAMLParser) DOMSource(javax.xml.transform.dom.DOMSource) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) SAML2Request(org.keycloak.saml.processing.api.saml.v2.request.SAML2Request) MessageDigest(java.security.MessageDigest) GeneralConstants(org.keycloak.saml.common.constants.GeneralConstants) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) SamlConfigAttributes(org.keycloak.protocol.saml.SamlConfigAttributes) Matchers.bodyHC(org.keycloak.testsuite.util.Matchers.bodyHC) AtomicReference(java.util.concurrent.atomic.AtomicReference) ArtifactBindingUtils(org.keycloak.protocol.saml.util.ArtifactBindingUtils) REDIRECT(org.keycloak.testsuite.util.SamlClient.Binding.REDIRECT) ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException) CloseableHttpResponse(org.apache.http.client.methods.CloseableHttpResponse) MatcherAssert.assertThat(org.hamcrest.MatcherAssert.assertThat) CommonClientSessionModel(org.keycloak.sessions.CommonClientSessionModel) Soap(org.keycloak.protocol.saml.profile.util.Soap) Charsets(com.google.common.base.Charsets) SPSSODescriptorType(org.keycloak.dom.saml.v2.metadata.SPSSODescriptorType) JBossSAMLURIConstants(org.keycloak.saml.common.constants.JBossSAMLURIConstants) Matchers(org.hamcrest.Matchers) Test(org.junit.Test) IOException(java.io.IOException) UserSessionModel(org.keycloak.models.UserSessionModel) StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType) TimeUnit(java.util.concurrent.TimeUnit) Rule(org.junit.Rule) SamlDeployment(org.keycloak.adapters.saml.SamlDeployment) SessionStateChecker(org.keycloak.testsuite.util.saml.SessionStateChecker) LogoutRequestType(org.keycloak.dom.saml.v2.protocol.LogoutRequestType) DOMSource(javax.xml.transform.dom.DOMSource) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) SAML2LogoutResponseBuilder(org.keycloak.saml.SAML2LogoutResponseBuilder) LogoutRequestType(org.keycloak.dom.saml.v2.protocol.LogoutRequestType) AtomicReference(java.util.concurrent.atomic.AtomicReference) Matchers.isEmptyOrNullString(org.hamcrest.Matchers.isEmptyOrNullString) Matchers.containsString(org.hamcrest.Matchers.containsString) SessionStateChecker(org.keycloak.testsuite.util.saml.SessionStateChecker) StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType) ClientRepresentation(org.keycloak.representations.idm.ClientRepresentation) SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) SAML2Object(org.keycloak.dom.saml.v2.SAML2Object) ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType) AuthServerContainerExclude(org.keycloak.testsuite.arquillian.annotation.AuthServerContainerExclude) Test(org.junit.Test)

Example 79 with SamlClientBuilder

use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.

the class ArtifactBindingTest method testArtifactBindingLoginFullExchangeWithPost.

@Test
public void testArtifactBindingLoginFullExchangeWithPost() {
    SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, SamlClient.Binding.POST).setProtocolBinding(JBossSAMLURIConstants.SAML_HTTP_ARTIFACT_BINDING.getUri()).build().login().user(bburkeUser).build().handleArtifact(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST).build().doNotFollowRedirects().executeAndTransform(this::getArtifactResponse);
    assertThat(response.getSamlObject(), instanceOf(ArtifactResponseType.class));
    ArtifactResponseType artifactResponse = (ArtifactResponseType) response.getSamlObject();
    assertThat(artifactResponse, isSamlStatusResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
    assertThat(artifactResponse.getSignature(), nullValue());
    assertThat(artifactResponse.getAny(), instanceOf(ResponseType.class));
    assertThat(artifactResponse.getInResponseTo(), not(isEmptyOrNullString()));
    ResponseType samlResponse = (ResponseType) artifactResponse.getAny();
    assertThat(samlResponse, isSamlStatusResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
}
Also used : SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType) NameIDMappingResponseType(org.keycloak.dom.saml.v2.protocol.NameIDMappingResponseType) ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType) Test(org.junit.Test)

Example 80 with SamlClientBuilder

use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.

the class ArtifactBindingTest method testArtifactResponseContainsCorrectInResponseTo.

@Test
public void testArtifactResponseContainsCorrectInResponseTo() {
    SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST, SAML_ASSERTION_CONSUMER_URL_SALES_POST, SamlClient.Binding.POST).setProtocolBinding(JBossSAMLURIConstants.SAML_HTTP_ARTIFACT_BINDING.getUri()).build().login().user(bburkeUser).build().handleArtifact(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_SALES_POST).setArtifactResolveId("TestId").build().doNotFollowRedirects().executeAndTransform(this::getArtifactResponse);
    assertThat(response.getSamlObject(), instanceOf(ArtifactResponseType.class));
    ArtifactResponseType artifactResponse = (ArtifactResponseType) response.getSamlObject();
    assertThat(artifactResponse, isSamlStatusResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
    assertThat(artifactResponse.getSignature(), nullValue());
    assertThat(artifactResponse.getAny(), instanceOf(ResponseType.class));
    assertThat(artifactResponse.getInResponseTo(), is("TestId"));
}
Also used : SAMLDocumentHolder(org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder) SamlClientBuilder(org.keycloak.testsuite.util.SamlClientBuilder) ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType) NameIDMappingResponseType(org.keycloak.dom.saml.v2.protocol.NameIDMappingResponseType) ArtifactResponseType(org.keycloak.dom.saml.v2.protocol.ArtifactResponseType) ResponseType(org.keycloak.dom.saml.v2.protocol.ResponseType) StatusResponseType(org.keycloak.dom.saml.v2.protocol.StatusResponseType) Test(org.junit.Test)

Aggregations

SamlClientBuilder (org.keycloak.testsuite.util.SamlClientBuilder)108 Test (org.junit.Test)99 SAMLDocumentHolder (org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)65 ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)42 Document (org.w3c.dom.Document)38 AuthnRequestType (org.keycloak.dom.saml.v2.protocol.AuthnRequestType)35 AbstractSamlTest (org.keycloak.testsuite.saml.AbstractSamlTest)30 StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)28 Matchers.containsString (org.hamcrest.Matchers.containsString)26 JBossSAMLURIConstants (org.keycloak.saml.common.constants.JBossSAMLURIConstants)23 Closeable (java.io.Closeable)21 URI (java.net.URI)20 IOException (java.io.IOException)19 SamlClient (org.keycloak.testsuite.util.SamlClient)18 ArtifactResponseType (org.keycloak.dom.saml.v2.protocol.ArtifactResponseType)17 Element (org.w3c.dom.Element)17 List (java.util.List)16 Response (javax.ws.rs.core.Response)15 Matchers.is (org.hamcrest.Matchers.is)14 ClientRepresentation (org.keycloak.representations.idm.ClientRepresentation)14