use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.
the class IdpInitiatedLoginTest method testTwoConsequentIdpInitiatedLogins.
@Test
public void testTwoConsequentIdpInitiatedLogins() {
new SamlClientBuilder().idpInitiatedLogin(getAuthServerSamlEndpoint(REALM_NAME), "sales-post").build().login().user(bburkeUser).build().processSamlResponse(Binding.POST).transformObject(ob -> {
assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) ob;
assertThat(resp.getDestination(), is(SAML_ASSERTION_CONSUMER_URL_SALES_POST));
return null;
}).build().idpInitiatedLogin(getAuthServerSamlEndpoint(REALM_NAME), "sales-post2").build().login().sso(true).build().processSamlResponse(Binding.POST).transformObject(ob -> {
assertThat(ob, Matchers.isSamlResponse(JBossSAMLURIConstants.STATUS_SUCCESS));
ResponseType resp = (ResponseType) ob;
assertThat(resp.getDestination(), is(SAML_ASSERTION_CONSUMER_URL_SALES_POST2));
return null;
}).build().execute();
final UsersResource users = adminClient.realm(REALM_NAME).users();
final ClientsResource clients = adminClient.realm(REALM_NAME).clients();
UserRepresentation bburkeUserRepresentation = users.search(bburkeUser.getUsername()).stream().findFirst().get();
List<UserSessionRepresentation> userSessions = users.get(bburkeUserRepresentation.getId()).getUserSessions();
assertThat(userSessions, hasSize(1));
Map<String, String> clientSessions = userSessions.get(0).getClients();
Set<String> clientIds = clientSessions.values().stream().flatMap(c -> clients.findByClientId(c).stream()).map(ClientRepresentation::getClientId).collect(Collectors.toSet());
assertThat(clientIds, containsInAnyOrder(SAML_CLIENT_ID_SALES_POST, SAML_CLIENT_ID_SALES_POST2));
}
use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.
the class SOAPBindingTest method soapBindingAuthnWithSignatureMissingDestinationTest.
@Test
public void soapBindingAuthnWithSignatureMissingDestinationTest() {
SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_ECP_SP, SAML_ASSERTION_CONSUMER_URL_ECP_SP, SOAP).transformObject(authnRequestType -> {
authnRequestType.setDestination(null);
return authnRequestType;
}).signWith(SAML_CLIENT_SALES_POST_SIG_PRIVATE_KEY, SAML_CLIENT_SALES_POST_SIG_PUBLIC_KEY).basicAuthentication(bburkeUser).build().executeAndTransform(SOAP::extractResponse);
assertThat(response.getSamlObject(), instanceOf(ResponseType.class));
ResponseType rt = (ResponseType) response.getSamlObject();
assertThat(rt.getAssertions(), not(empty()));
}
use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.
the class SOAPBindingTest method soapBindingAuthnWithoutSignatureMissingDestinationTest.
@Test
public void soapBindingAuthnWithoutSignatureMissingDestinationTest() {
getCleanup().addCleanup(ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_ECP_SP).setAttribute(SamlConfigAttributes.SAML_SERVER_SIGNATURE, "false").setAttribute(SamlConfigAttributes.SAML_CLIENT_SIGNATURE_ATTRIBUTE, "false").update());
SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_ECP_SP, SAML_ASSERTION_CONSUMER_URL_ECP_SP, SOAP).transformObject(authnRequestType -> {
authnRequestType.setDestination(null);
return authnRequestType;
}).basicAuthentication(bburkeUser).build().executeAndTransform(SOAP::extractResponse);
assertThat(response.getSamlObject(), instanceOf(ResponseType.class));
ResponseType rt = (ResponseType) response.getSamlObject();
assertThat(rt.getAssertions(), not(empty()));
}
use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.
the class SOAPBindingTest method soapBindingLogoutWithoutSignatureMissingDestinationTest.
@Test
public void soapBindingLogoutWithoutSignatureMissingDestinationTest() {
getCleanup().addCleanup(ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_ECP_SP).setAttribute(SamlConfigAttributes.SAML_SERVER_SIGNATURE, "false").setAttribute(SamlConfigAttributes.SAML_CLIENT_SIGNATURE_ATTRIBUTE, "false").update());
SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_ECP_SP, SAML_ASSERTION_CONSUMER_URL_ECP_SP, POST).build().login().user(bburkeUser).build().processSamlResponse(POST).transformObject(this::extractNameIdAndSessionIndexAndTerminate).build().logoutRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_ECP_SP, SOAP).nameId(nameIdRef::get).sessionIndex(sessionIndexRef::get).transformObject(logoutRequestType -> {
logoutRequestType.setDestination(null);
return logoutRequestType;
}).build().executeAndTransform(POST::extractResponse);
assertThat(response.getSamlObject(), instanceOf(StatusResponseType.class));
}
use of org.keycloak.testsuite.util.SamlClientBuilder in project keycloak by keycloak.
the class SOAPBindingTest method soapBindingLogoutWithoutSignature.
@Test
public void soapBindingLogoutWithoutSignature() {
getCleanup().addCleanup(ClientAttributeUpdater.forClient(adminClient, REALM_NAME, SAML_CLIENT_ID_ECP_SP).setAttribute(SamlConfigAttributes.SAML_SERVER_SIGNATURE, "false").setAttribute(SamlConfigAttributes.SAML_CLIENT_SIGNATURE_ATTRIBUTE, "false").update());
SAMLDocumentHolder response = new SamlClientBuilder().authnRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_ECP_SP, SAML_ASSERTION_CONSUMER_URL_ECP_SP, POST).build().login().user(bburkeUser).build().processSamlResponse(POST).transformObject(this::extractNameIdAndSessionIndexAndTerminate).build().logoutRequest(getAuthServerSamlEndpoint(REALM_NAME), SAML_CLIENT_ID_ECP_SP, SOAP).nameId(nameIdRef::get).sessionIndex(sessionIndexRef::get).build().executeAndTransform(POST::extractResponse);
assertThat(response.getSamlObject(), instanceOf(StatusResponseType.class));
}
Aggregations