Package org.jboss.identity.federation.api.saml.v2.request

Examples of org.jboss.identity.federation.api.saml.v2.request.SAML2Request


* @author Anil.Saldhana@redhat.com
* @since Jan 26, 2009
*/
public class SAML2RequestUnitTestCase extends TestCase {
    public void testLogOut() throws Exception {
        SAML2Request saml2Request = new SAML2Request();
        LogoutRequestType lrt = saml2Request.createLogoutRequest("http://idp");
        assertNotNull("LogoutRequest is not null", lrt);
    }
View Full Code Here


     */
    @Test
    public void testAuthnRequestExample() throws Exception {
        String resourceName = "saml/v2/authnrequest/samlAuthnRequestExample.xml";

        SAML2Request request = new SAML2Request();

        AuthnRequestType authnRequestType = request.getAuthnRequestType(resourceName);

        assertEquals("http://www.example.com/", authnRequestType.getDestination().toString());
        assertEquals("urn:oasis:names:tc:SAML:2.0:consent:obtained", authnRequestType.getConsent());
        assertEquals("http://www.example.com/", authnRequestType.getAssertionConsumerServiceURL().toString());
        assertEquals(Integer.valueOf("0"), authnRequestType.getAttributeConsumingServiceIndex());

        SubjectType subjectType = authnRequestType.getSubject();
        assertNotNull(subjectType);

        STSubType subType = subjectType.getSubType();
        NameIDType nameIDType = (NameIDType) subType.getBaseID();

        assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", nameIDType.getFormat().toString());
        assertEquals("j.doe@company.com", nameIDType.getValue());

        ConditionsType conditionsType = authnRequestType.getConditions();
        List<ConditionAbstractType> conditions = conditionsType.getConditions();
        assertTrue(conditions.size() == 1);

        ConditionAbstractType condition = conditions.get(0);
        assertTrue(condition instanceof AudienceRestrictionType);
        AudienceRestrictionType audienceRestrictionType = (AudienceRestrictionType) condition;
        List<URI> audiences = audienceRestrictionType.getAudience();
        assertTrue(audiences.size() == 1);
        assertEquals("urn:foo:sp.example.org", audiences.get(0).toASCIIString());

        RequestedAuthnContextType requestedAuthnContext = authnRequestType.getRequestedAuthnContext();
        assertEquals("urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport", requestedAuthnContext
                .getAuthnContextClassRef().get(0));

        // Let us marshall it back to an output stream
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        request.marshall(authnRequestType, baos);
    }
View Full Code Here

     */
    @Test
    public void testAuthnRequestWithSignature() throws Exception {
        String resourceName = "saml/v2/authnrequest/samlAuthnRequestWithSignature.xml";

        SAML2Request request = new SAML2Request();

        AuthnRequestType authnRequestType = request.getAuthnRequestType(resourceName);
        assertNotNull(authnRequestType);

        Element signatureType = authnRequestType.getSignature();
        assertNotNull("Signature is not null", signatureType);

        // Let us marshall it back to an output stream
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        request.marshall(authnRequestType, baos);
    }
View Full Code Here

     */
    @Test
    public void testAuthnRequestCreation() throws Exception {
        String id = IDGenerator.create("ID_");

        SAML2Request request = new SAML2Request();
        AuthnRequestType authnRequest = request.createAuthnRequestType(id, "http://sp", "http://idp", "http://sp");

        // Verify whether NameIDPolicy exists
        NameIDPolicyType nameIDPolicy = authnRequest.getNameIDPolicy();
        assertNotNull("NameIDPolicy is not null", nameIDPolicy);
        assertTrue(nameIDPolicy.isAllowCreate());

        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        request.marshall(authnRequest, baos);
    }
View Full Code Here

     * @throws ParsingException
     * @throws ConfigurationException
     */
    public boolean process(String samlRequest, HTTPContext httpContext, Set<SAML2Handler> handlers, Lock chainLock)
            throws ProcessingException, IOException, ParsingException, ConfigurationException {
        SAML2Request saml2Request = new SAML2Request();
        SAML2HandlerResponse saml2HandlerResponse = null;
        SAML2Object samlObject = null;
        SAMLDocumentHolder documentHolder = null;

        if (this.postBinding) {
            // we got a logout request from IDP
            InputStream is = PostBindingUtil.base64DecodeAsStream(samlRequest);
            samlObject = saml2Request.getSAML2ObjectFromStream(is);
        } else {
            InputStream is = RedirectBindingUtil.base64DeflateDecode(samlRequest);
            samlObject = saml2Request.getSAML2ObjectFromStream(is);
        }

        documentHolder = saml2Request.getSamlDocumentHolder();

        // Create the request/response
        SAML2HandlerRequest saml2HandlerRequest = getSAML2HandlerRequest(documentHolder, httpContext);
        saml2HandlerResponse = new DefaultSAML2HandlerResponse();
        saml2HandlerResponse.setPostBindingForResponse(postBinding);
View Full Code Here

    private String invokeIDPAndGetSAMLResponse(IDPWebBrowserSSOValve idpAuthenticator, String authnRequest)
            throws ConfigurationException, ProcessingException, ParsingException, LifecycleException, IOException,
            ServletException, Exception {
        byte[] base64Decode = PostBindingUtil.base64Decode(authnRequest);

        AuthnRequestType art = new SAML2Request().getAuthnRequestType(new ByteArrayInputStream(base64Decode));

        // now let's send the previous AuthnRequest to the IDP and authenticate an user. The IDP should return a valid and
        // signed SAML Response.
        MockCatalinaResponse response = new MockCatalinaResponse();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        response.setOutputStream(baos);

        String samlAuth = DocumentUtil.getDocumentAsString(new SAML2Request().convert(art));

        String samlMessage = Base64.encodeBytes(samlAuth.getBytes());

        MockCatalinaRealm realm = new MockCatalinaRealm("anil", "test", new Principal() {
            public String getName() {
View Full Code Here

    @SuppressWarnings("deprecation")
    public void testSAML2Post() throws Exception {
        System.setProperty("picketlink.schema.validate", "true");
        String id = IDGenerator.create("ID_");
        SAML2Request saml2Request = new SAML2Request();
        AuthnRequestType art = saml2Request.createAuthnRequestType(id, employee, identity, employee);

        MockCatalinaContext servletContext = new MockCatalinaContext();

        // First we go to the employee application
        MockCatalinaContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee");
        Thread.currentThread().setContextClassLoader(mclSPEmp);
        SPPostFormAuthenticator spEmpl = new SPPostFormAuthenticator();

        MockCatalinaContext context = new MockCatalinaContext();
        spEmpl.setContainer(context);
        spEmpl.testStart();

        MockCatalinaRequest catalinaRequest = new MockCatalinaRequest();

        MockCatalinaResponse catalinaResponse = new MockCatalinaResponse();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        catalinaResponse.setOutputStream(baos);

        LoginConfig loginConfig = new LoginConfig();
        spEmpl.authenticate(catalinaRequest, catalinaResponse, loginConfig);

        String spResponse = new String(baos.toByteArray());
        Document spHTMLResponse = DocumentUtil.getDocument(spResponse);
        NodeList nodes = spHTMLResponse.getElementsByTagName("INPUT");
        Element inputElement = (Element) nodes.item(0);
        String idpResponse = inputElement.getAttributeNode("VALUE").getValue();
        @SuppressWarnings("unused")
        String relayState = null;
        if (nodes.getLength() > 1)
            relayState = ((Element) nodes.item(1)).getAttributeNode("VALUE").getValue();

        // Lets call the IDPServlet

        MockCatalinaSession session = new MockCatalinaSession();
        servletContext = new MockCatalinaContext();
        session.setServletContext(servletContext);
        IdentityServer server = this.getIdentityServer(session);
        servletContext.setAttribute("IDENTITY_SERVER", server);

        MockCatalinaContextClassLoader mclIDP = setupTCL(profile + "/idp");
        Thread.currentThread().setContextClassLoader(mclIDP);

        MockCatalinaRequest request = new MockCatalinaRequest();
        request.addHeader("Referer", "http://localhost:8080/employee/");

        request.setParameter(GeneralConstants.USERNAME_FIELD, "anil");
        request.setParameter(GeneralConstants.PASS_FIELD, "anil");

        MockCatalinaResponse response = new MockCatalinaResponse();
        baos = new ByteArrayOutputStream();
        response.setOutputStream(baos);

        context = new MockCatalinaContext();
        IDPWebBrowserSSOValve idp = new IDPWebBrowserSSOValve();
        idp.setContainer(context);
        idp.setSignOutgoingMessages(false);
        idp.start();

        String samlAuth = DocumentUtil.getDocumentAsString(saml2Request.convert(art));

        String samlMessage = Base64.encodeBytes(samlAuth.getBytes());

        MockCatalinaRealm realm = new MockCatalinaRealm("anil", "test", new Principal() {
            public String getName() {
View Full Code Here

     * @param signToken
     */
    private void sendAuthenticationRequest(MockCatalinaRequest request, MockCatalinaResponse response, String issuer,
            String assertionConsumerURL, boolean signToken) {
        try {
            SAML2Request samlRequest = new SAML2Request();

            AuthnRequestType authnRequestType = samlRequest.createAuthnRequestType(IDGenerator.create("ID_"),
                  assertionConsumerURL, getAuthenticator().getConfiguration().getIdpOrSP().getIdentityURL(), issuer);

            Document authnRequestDocument = samlRequest.convert(authnRequestType);

            logger.info("AuthRequestType:" + prettyPrintDocument(authnRequestDocument).toString());

            if (signToken) {
                request.setQueryString(RedirectBindingSignatureUtil.getSAMLRequestURLWithSignature(authnRequestType, null,
View Full Code Here

        String redirectStr = response.redirectString;
        String logoutRequest = redirectStr.substring(redirectStr.indexOf(SAML_REQUEST_KEY) + SAML_REQUEST_KEY.length());

        InputStream stream = RedirectBindingUtil.urlBase64DeflateDecode(logoutRequest);

        SAML2Request saml2Request = new SAML2Request();
        LogoutRequestType lor = (LogoutRequestType) saml2Request.getRequestType(stream);
        assertEquals("Match Employee URL", employee, lor.getIssuer().getValue());
    }
View Full Code Here

        String logoutRequest = redirectStr.substring(redirectStr.indexOf(SAML_REQUEST_KEY) + SAML_REQUEST_KEY.length(),
                redirectStr.indexOf(RELAY_STATE_KEY) - 1);

        InputStream stream = RedirectBindingUtil.urlBase64DeflateDecode(logoutRequest);

        SAML2Request saml2Request = new SAML2Request();
        LogoutRequestType lor = (LogoutRequestType) saml2Request.getRequestType(stream);
        assertEquals("Match Employee URL", employee, destination);
        assertEquals("Destination exists", employee, lor.getDestination().toString());

        // IDP has sent a LogOutRequest which we feed to SPRedirectFormAuthenticator for Employee
        MockCatalinaContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee");
        Thread.currentThread().setContextClassLoader(mclSPEmp);

        MockCatalinaContext context = new MockCatalinaContext();
        context.setRealm(realm);
        session.setServletContext(context);

        SPRedirectFormAuthenticator sp = new SPRedirectFormAuthenticator();
        sp.setContainer(context);
        sp.testStart();
        sp.getConfiguration().setIdpUsesPostBinding(false);

        request = new MockCatalinaRequest();
        request.setSession(session);
        request.setMethod("GET");
        request.setParameter("SAMLRequest", RedirectBindingUtil.urlDecode(logoutRequest));
        request.setParameter("RelayState", relayState);

        MockCatalinaResponse filterResponse = new MockCatalinaResponse();
        ByteArrayOutputStream filterbaos = new ByteArrayOutputStream();
        filterResponse.setWriter(new PrintWriter(filterbaos));

        sp.authenticate(request, response, new LoginConfig());

        redirectStr = response.redirectString;

        destination = redirectStr.substring(0, redirectStr.indexOf(SAML_RESPONSE_KEY) - 1);
        relayState = redirectStr.substring(redirectStr.indexOf(RELAY_STATE_KEY) + RELAY_STATE_KEY.length());
        assertNotNull("RelayState exists", relayState);
        String logoutResponse = redirectStr.substring(redirectStr.indexOf(SAML_RESPONSE_KEY) + SAML_RESPONSE_KEY.length(),
                redirectStr.indexOf(RELAY_STATE_KEY) - 1);

        stream = RedirectBindingUtil.urlBase64DeflateDecode(logoutResponse);
        StatusResponseType statusResponse = (StatusResponseType) saml2Request.getSAML2ObjectFromStream(stream);
        assertEquals("Match IDP URL", IDP, destination);

        // Now the SP (employee app) has logged out and sending a status response to IDP
        Thread.currentThread().setContextClassLoader(mclIDP);

        session.clear();
        request.clear();

        request.setMethod("GET");
        request.setSession(session);
        request.setUserPrincipal(genericPrincipal);
        request.setParameter("SAMLResponse", RedirectBindingUtil.urlDecode(logoutResponse));
        request.setParameter("RelayState", relayState);

        baos = new ByteArrayOutputStream();
        response.setOutputStream(baos);
        response.setWriter(new PrintWriter(baos));
        idp.invoke(request, response);

        destination = redirectStr.substring(0, redirectStr.indexOf(SAML_RESPONSE_KEY) - 1);
        relayState = redirectStr.substring(redirectStr.indexOf(RELAY_STATE_KEY) + RELAY_STATE_KEY.length());
        logoutResponse = redirectStr.substring(redirectStr.indexOf(SAML_RESPONSE_KEY) + SAML_RESPONSE_KEY.length(),
                redirectStr.indexOf(RELAY_STATE_KEY) - 1);

        stream = RedirectBindingUtil.urlBase64DeflateDecode(logoutResponse);

        SAML2Response saml2Response = new SAML2Response();
        statusResponse = (StatusResponseType) saml2Request.getSAML2ObjectFromStream(stream);
        assertEquals("Match IDP URL", IDP, destination);

        // Now we should have got a full success report from IDP
        MockCatalinaContextClassLoader mclSPSales = setupTCL(profile + "/sp/employee");
        Thread.currentThread().setContextClassLoader(mclSPSales);
View Full Code Here

TOP

Related Classes of org.jboss.identity.federation.api.saml.v2.request.SAML2Request

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.