Package org.picketlink.identity.federation.api.saml.v2.metadata

Examples of org.picketlink.identity.federation.api.saml.v2.metadata.SecurityActions


        String logoutRequest = redirectStr.substring(redirectStr.indexOf(SAML_REQUEST_KEY) + SAML_REQUEST_KEY.length(),
                redirectStr.indexOf(RELAY_STATE_KEY) - 1);

        InputStream stream = RedirectBindingUtil.urlBase64DeflateDecode(logoutRequest);

        SAML2Request saml2Request = new SAML2Request();
        LogoutRequestType lor = (LogoutRequestType) saml2Request.getRequestType(stream);
        assertEquals("Match Employee URL", employee, destination);
        assertEquals("Destination exists", employee, lor.getDestination().toString());

        // IDP has sent a LogOutRequest which we feed to SPRedirectFormAuthenticator for Employee
        MockCatalinaContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee");
        Thread.currentThread().setContextClassLoader(mclSPEmp);

        MockCatalinaContext context = new MockCatalinaContext();
        context.setRealm(realm);
        session.setServletContext(context);

        SPRedirectFormAuthenticator sp = new SPRedirectFormAuthenticator();
        sp.setContainer(context);
        sp.testStart();
        sp.getConfiguration().setIdpUsesPostBinding(false);

        request = new MockCatalinaRequest();
        request.setSession(session);
        request.setMethod("GET");
        request.setParameter("SAMLRequest", RedirectBindingUtil.urlDecode(logoutRequest));
        request.setParameter("RelayState", relayState);

        MockCatalinaResponse filterResponse = new MockCatalinaResponse();
        ByteArrayOutputStream filterbaos = new ByteArrayOutputStream();
        filterResponse.setWriter(new PrintWriter(filterbaos));

        sp.authenticate(request, response, new LoginConfig());

        redirectStr = response.redirectString;

        destination = redirectStr.substring(0, redirectStr.indexOf(SAML_RESPONSE_KEY) - 1);
        relayState = redirectStr.substring(redirectStr.indexOf(RELAY_STATE_KEY) + RELAY_STATE_KEY.length());
        assertNotNull("RelayState exists", relayState);
        String logoutResponse = redirectStr.substring(redirectStr.indexOf(SAML_RESPONSE_KEY) + SAML_RESPONSE_KEY.length(),
                redirectStr.indexOf(RELAY_STATE_KEY) - 1);

        stream = RedirectBindingUtil.urlBase64DeflateDecode(logoutResponse);
        StatusResponseType statusResponse = (StatusResponseType) saml2Request.getSAML2ObjectFromStream(stream);
        assertEquals("Match IDP URL", IDP, destination);

        // Now the SP (employee app) has logged out and sending a status response to IDP
        Thread.currentThread().setContextClassLoader(mclIDP);

        session.clear();
        request.clear();

        request.setMethod("GET");
        request.setSession(session);
        request.setUserPrincipal(genericPrincipal);
        request.setParameter("SAMLResponse", RedirectBindingUtil.urlDecode(logoutResponse));
        request.setParameter("RelayState", relayState);

        baos = new ByteArrayOutputStream();
        response.setOutputStream(baos);
        response.setWriter(new PrintWriter(baos));
        idp.invoke(request, response);

        destination = redirectStr.substring(0, redirectStr.indexOf(SAML_RESPONSE_KEY) - 1);
        relayState = redirectStr.substring(redirectStr.indexOf(RELAY_STATE_KEY) + RELAY_STATE_KEY.length());
        logoutResponse = redirectStr.substring(redirectStr.indexOf(SAML_RESPONSE_KEY) + SAML_RESPONSE_KEY.length(),
                redirectStr.indexOf(RELAY_STATE_KEY) - 1);

        stream = RedirectBindingUtil.urlBase64DeflateDecode(logoutResponse);

        SAML2Response saml2Response = new SAML2Response();
        statusResponse = (StatusResponseType) saml2Request.getSAML2ObjectFromStream(stream);
        assertEquals("Match IDP URL", IDP, destination);

        // Now we should have got a full success report from IDP
        MockCatalinaContextClassLoader mclSPSales = setupTCL(profile + "/sp/employee");
        Thread.currentThread().setContextClassLoader(mclSPSales);
View Full Code Here


        mcl.setProfile(resource);
        return mcl;
    }

    private String createLogOutRequest(String url) throws Exception {
        SAML2Request samlRequest = new SAML2Request();
        LogoutRequestType lot = samlRequest.createLogoutRequest(url);

        Principal userPrincipal = new Principal() {
            @Override
            public String getName() {
                return "test";
            }
        };
        NameIDType nameID = new NameIDType();
        nameID.setValue(userPrincipal.getName());
        lot.setNameID(nameID);

        StringWriter sw = new StringWriter();
        samlRequest.marshall(lot, sw);
        return sw.toString();
    }
View Full Code Here

* @author Anil.Saldhana@redhat.com
* @since Dec 11, 2008
*/
public class DeflateEncodingDecodingUnitTestCase extends TestCase {
    public void testDeflateEncoding() throws Exception {
        AuthnRequestType authnRequest = (new SAML2Request()).createAuthnRequestType(IDGenerator.create("ID_"), "http://sp",
                "http://localhost:8080/idp", "http://sp");

        StringWriter sw = new StringWriter();
        SAML2Request request = new SAML2Request();
        request.marshall(authnRequest, sw);
        byte[] deflatedMsg = DeflateUtil.encode(sw.toString());

        String base64Request = Base64.encodeBytes(deflatedMsg, Base64.DONT_BREAK_LINES);

        base64Request = URLEncoder.encode(base64Request, "UTF-8");

        // Decode
        String urlDecodedMsg = URLDecoder.decode(base64Request, "UTF-8");
        byte[] decodedMessage = Base64.decode(urlDecodedMsg);
        InputStream is = DeflateUtil.decode(decodedMessage);
        AuthnRequestType decodedRequestType = request.getAuthnRequestType(is);

        assertNotNull(decodedRequestType);
    }
View Full Code Here

        NodeList nodes = spHTMLResponse.getElementsByTagName("INPUT");
        Element inputElement = (Element) nodes.item(0);
        String logoutRequest = inputElement.getAttributeNode("VALUE").getValue();

        byte[] b64Decoded = PostBindingUtil.base64Decode(logoutRequest);
        SAML2Request saml2Request = new SAML2Request();
        LogoutRequestType lor = (LogoutRequestType) saml2Request.getRequestType(new ByteArrayInputStream(b64Decoded));
        assertEquals("Match Employee URL", employee, lor.getIssuer().getValue());
    }
View Full Code Here

        if (nodes.getLength() > 1)
            relayState = ((Element) nodes.item(1)).getAttributeNode("VALUE").getValue();

        String logoutResponse = new String(Base64.decode(logoutOrigResponse));

        SAML2Request samlRequest = new SAML2Request();
        ByteArrayInputStream bis = new ByteArrayInputStream(logoutResponse.getBytes());
        SAML2Object samlObject = samlRequest.getSAML2ObjectFromStream(bis);
        assertTrue(samlObject instanceof LogoutRequestType);

        // Let us feed the LogOutRequest to the SPFilter
        MockContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee");
        Thread.currentThread().setContextClassLoader(mclSPEmp);
View Full Code Here

        mcl.setProfile(resource);
        return mcl;
    }

    private String createLogOutRequest(String url) throws Exception {
        SAML2Request samlRequest = new SAML2Request();
        LogoutRequestType lot = samlRequest.createLogoutRequest(url);
        StringWriter sw = new StringWriter();
        samlRequest.marshall(lot, sw);
        return sw.toString();
    }
View Full Code Here

    private String employee = "http://localhost:8080/employee/";
    private String identity = "http://localhost:8080/idp/";

    public void testAuthForIDPServletAndSPFilter() throws Exception {
        String id = IDGenerator.create("ID_");
        SAML2Request saml2Request = new SAML2Request();
        AuthnRequestType art = saml2Request.createAuthnRequestType(id, employee, identity, employee);

        ServletContext servletContext = new MockServletContext();

        // First we go to the employee application
        MockContextClassLoader mclSPEmp = setupTCL(profile + "/sp/employee");
        Thread.currentThread().setContextClassLoader(mclSPEmp);
        SPFilter spEmpl = new SPFilter();
        MockFilterConfig filterConfig = new MockFilterConfig(servletContext);
        filterConfig.addInitParameter(GeneralConstants.IGNORE_SIGNATURES, "true");

        spEmpl.init(filterConfig);

        MockHttpSession filterSession = new MockHttpSession();
        MockHttpServletRequest filterRequest = new MockHttpServletRequest(filterSession, "POST");

        MockHttpServletResponse filterResponse = new MockHttpServletResponse();
        ByteArrayOutputStream filterbaos = new ByteArrayOutputStream();
        filterResponse.setOutputStream(filterbaos);

        spEmpl.doFilter(filterRequest, filterResponse, new MockFilterChain());
        String spResponse = new String(filterbaos.toByteArray());
        Document spHTMLResponse = DocumentUtil.getDocument(spResponse);
        NodeList nodes = spHTMLResponse.getElementsByTagName("INPUT");
        Element inputElement = (Element) nodes.item(0);
        String idpResponse = inputElement.getAttributeNode("VALUE").getValue();
        @SuppressWarnings("unused")
        String relayState = null;
        if (nodes.getLength() > 1)
            relayState = ((Element) nodes.item(1)).getAttributeNode("VALUE").getValue();

        // Lets call the IDPServlet

        MockHttpSession session = new MockHttpSession();
        servletContext = new MockServletContext();
        session.setServletContext(servletContext);
        IdentityServer server = this.getIdentityServer(session);
        servletContext.setAttribute("IDENTITY_SERVER", server);
        MockServletConfig servletConfig = new MockServletConfig(servletContext);

        MockContextClassLoader mclIDP = setupTCL(profile + "/idp");
        Thread.currentThread().setContextClassLoader(mclIDP);

        MockHttpServletRequest request = new MockHttpServletRequest(session, "POST");
        request.addHeader("Referer", "http://localhost:8080/employee/");

        request.addParameter(GeneralConstants.USERNAME_FIELD, "anil");
        request.addParameter(GeneralConstants.PASS_FIELD, "anil");

        MockHttpServletResponse response = new MockHttpServletResponse();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        response.setOutputStream(baos);

        IDPLoginServlet login = new IDPLoginServlet();
        login.init(servletConfig);

        String samlAuth = DocumentUtil.getDocumentAsString(saml2Request.convert(art));

        String samlMessage = Base64.encodeBytes(samlAuth.getBytes());
        session.setAttribute("SAMLRequest", samlMessage);

        login.testPost(request, response);
View Full Code Here

    public void testSignaturesRedirectBinding() throws Exception {
        doSignatureTest(false);
    }

    private void doSignatureTest(boolean isPostBinding) throws Exception {
        SAML2Request saml2Request = new SAML2Request();
        String id = IDGenerator.create("ID_");
        String assertionConsumerURL = "http://sp";
        String destination = "http://idp";
        String issuerValue = "http://sp";
        AuthnRequestType authnRequest = saml2Request.createAuthnRequestType(id, assertionConsumerURL, destination, issuerValue);

        Document authDoc = saml2Request.convert(authnRequest);

        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
        KeyPair keypair = kpg.genKeyPair();

        SAML2SignatureGenerationHandler handler = new SAML2SignatureGenerationHandler();
View Full Code Here

        if (serviceURL == null)
            throw logger.nullArgumentError("serviceURL");
        if (identityURL == null)
            throw logger.nullArgumentError("identityURL");

        SAML2Request saml2Request = new SAML2Request();
        String id = IDGenerator.create("ID_");
        return saml2Request.createAuthnRequestType(id, serviceURL, identityURL, serviceURL);
    }
View Full Code Here

    private class SPAuthenticationHandler {
        public void generateSAMLRequest(SAML2HandlerRequest request, SAML2HandlerResponse response) throws ProcessingException {
            String issuerValue = request.getIssuer().getValue();

            SAML2Request samlRequest = new SAML2Request();
            String id = IDGenerator.create("ID_");

            String assertionConsumerURL = (String) handlerConfig.getParameter(SAML2Handler.ASSERTION_CONSUMER_URL);
            if (StringUtil.isNullOrEmpty(assertionConsumerURL)) {
                assertionConsumerURL = issuerValue;
            }

            // Check if there is a nameid policy
            String nameIDFormat = (String) handlerConfig.getParameter(GeneralConstants.NAMEID_FORMAT);
            if (StringUtil.isNotNull(nameIDFormat)) {
                samlRequest.setNameIDFormat(nameIDFormat);
            }
            try {
                AuthnRequestType authn = samlRequest.createAuthnRequestType(id, assertionConsumerURL,
                        response.getDestination(), issuerValue);

                createRequestAuthnContext(authn);

                String bindingType = getSPConfiguration().getBindingType();
                boolean isIdpUsesPostBinding = getSPConfiguration().isIdpUsesPostBinding();

                if (bindingType != null) {
                    if (bindingType.equals("POST") || isIdpUsesPostBinding) {
                        authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_POST_BINDING.get()));
                    } else if (bindingType.equals("REDIRECT")) {
                        authn.setProtocolBinding(URI.create(JBossSAMLURIConstants.SAML_HTTP_REDIRECT_BINDING.get()));
                    } else {
                        throw logger.samlInvalidProtocolBinding();
                    }
                }

                response.setResultingDocument(samlRequest.convert(authn));
                response.setSendRequest(true);

                Map<String, Object> requestOptions = request.getOptions();
                PicketLinkAuditHelper auditHelper = (PicketLinkAuditHelper) requestOptions.get(GeneralConstants.AUDIT_HELPER);
                if (auditHelper != null) {
View Full Code Here

TOP

Related Classes of org.picketlink.identity.federation.api.saml.v2.metadata.SecurityActions

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.