Package org.picketlink.identity.federation.api.saml.v2.response

Examples of org.picketlink.identity.federation.api.saml.v2.response.SAML2Response

153
154
155
156
157
158
159
160
161
162
163
164
165
        KeyPair kp = kpg.genKeyPair();

        id = IDGenerator.create("ID_"); // regenerate
        ResponseType responseType = response.createResponseType(id, issuerInfo, assertion);

        SAML2Signature ss = new SAML2Signature();
        ss.setSignatureMethod(SignatureMethod.DSA_SHA1);
        Document signedDoc = ss.sign(responseType, kp);

        Logger.getLogger(SignatureValidationUnitTestCase.class).debug(DocumentUtil.asString(signedDoc));
        JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(signedDoc));

        // Validate the signature
View Full Code Here
190
191
192
193
194
195
196
197
198
199
200
201
        Node assert2 = DocumentUtil.getNodeWithAttribute(doc, "urn:oasis:names:tc:SAML:2.0:assertion", "Assertion", "ID", id);

        String referenceURI = "#" + id;

        assertNotNull("Found assertion?", assert2);
        SAML2Signature ss = new SAML2Signature();
        Document signedDoc = ss.sign(responseType, id, kp, referenceURI);

        JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(signedDoc));

        Node signedNode = DocumentUtil.getNodeWithAttribute(signedDoc, "urn:oasis:names:tc:SAML:2.0:assertion", "Assertion",
                "ID", id);
View Full Code Here
268
269
270
271
272
273
274
275
276
277
278
279
280
281
        KeyPair kp = kpg.genKeyPair();
        PublicKey publicKey = kp.getPublic();

        X509Certificate x509 = getCertificate();

        SAML2Signature ss = new SAML2Signature();
        ss.setSignatureMethod(SignatureMethod.DSA_SHA1);
        ss.setX509Certificate(x509);
        Document signedDoc = ss.sign(authnRequest, kp);

        //Ensure that we have the certificate in key info
        NodeList x509DataList = signedDoc.getElementsByTagName("dsig:X509Data");
        assertEquals(1, x509DataList.getLength());
View Full Code Here
144
145
146
147
148
149
150
151
152
153
154
       // sign Assertion element only
       signAssertionElement(samlResponseDoc, idpAuthenticator.getKeyManager());

       // verify successful validation of signature on Assertion element
       Assert.assertTrue(new SAML2Signature().validate(samlResponseDoc, idpAuthenticator.getKeyManager().getSigningKeyPair().getPublic()));

       // wrap evil assertion
       wrapBadAssertionBeforeOriginal(samlResponseDoc);

       // let's now send the bad SAML response and the assertion back to the SP.
View Full Code Here
81
82
83
84
85
86
87
88
89
90
91
        InputStream configStream = tcl.getResourceAsStream("saml/v2/response/saml2-response-adfs-claims.xml");
        SAML2Response samlResponse = new SAML2Response();
        SAML2Object samlObject = samlResponse.getSAML2ObjectFromStream(configStream);
        assertNotNull(samlObject);

        SAML2Signature sig = new SAML2Signature();
        Document signedDoc = sig.sign((ResponseType) samlObject, getKeyPair());
        assertNotNull(signedDoc);

        Logger.getLogger(SAML2ResponseUnitTestCase.class).debug("Signed Response=" + DocumentUtil.asString(signedDoc));
    }
View Full Code Here
122
123
124
125
126
127
128
129
130
131
132
133
        AssertionType assertion = AssertionUtil.createAssertion(assertionId, issuerInfo.getIssuer());
        assertion.addStatement(attributeStatement);

        ResponseType responseType = samlResponse.createResponseType(ID, sp, idp, issuerInfo, assertion);
        SAML2Signature sig = new SAML2Signature();
        Document signedDoc = sig.sign(responseType, getKeyPair());
        assertNotNull(signedDoc);

        Logger.getLogger(SAML2ResponseUnitTestCase.class).debug("Signed Response=" + DocumentUtil.asString(signedDoc));

        Document convertedDoc = samlResponse.convert(responseType);
View Full Code Here
116
117
118
119
120
121
122
123
124
125
126
127
128
     */
    @Test(expected = XMLSignatureException.class)
    public void testWrappingAttack() throws Exception {
        ResponseType responseType = createSignedResponse();

        SAML2Signature ss = new SAML2Signature();
        ss.setSignatureMethod(SignatureMethod.RSA_SHA1);
        Document signedDoc = ss.sign(responseType, new KeyPair(publicKey, privateKey));

        Logger.getLogger(SignatureValidationUnitTestCase.class).debug(DocumentUtil.asString(signedDoc));
        JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(signedDoc));

        // Validate the signature
View Full Code Here
187
188
189
190
191
192
193
194
195
196
197
198
199
     */
    @Test
    public void testForceWrappingAttack() throws Exception {
        ResponseType responseType = createSignedResponse();

        SAML2Signature ss = new SAML2Signature();
        ss.setSignatureMethod(SignatureMethod.RSA_SHA1);
        Document signedDoc = ss.sign(responseType, new KeyPair(publicKey, privateKey));

        Logger.getLogger(SignatureValidationUnitTestCase.class).debug(DocumentUtil.asString(signedDoc));
        JAXPValidationUtil.validate(DocumentUtil.getNodeAsStream(signedDoc));

        // Validate the signature
View Full Code Here
161
162
163
164
165
166
167
168
169
170
171
172
173
    private boolean isSignResponseAndAssertion() {
        return this.handlerConfig.getParameter(SIGN_RESPONSE_AND_ASSERTION) != null ? Boolean.valueOf(this.handlerConfig.getParameter(SIGN_RESPONSE_AND_ASSERTION).toString()) : false;
    }

    private void signDocument(Document samlDocument, KeyPair keypair, X509Certificate x509Certificate) throws ProcessingException {
        SAML2Signature samlSignature = new SAML2Signature();
        Node nextSibling = samlSignature.getNextSiblingOfIssuer(samlDocument);
        samlSignature.setNextSibling(nextSibling);
        if(x509Certificate != null){
            samlSignature.setX509Certificate(x509Certificate);
        }
        samlSignature.signSAMLDocument(samlDocument, keypair);
    }
View Full Code Here
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
    }

    protected void sendToDestination(Document samlDocument, String relayState, String destination,
            HttpServletResponse response, boolean request) throws IOException, SAXException, GeneralSecurityException {
        if (!ignoreSignatures) {
            SAML2Signature samlSignature = new SAML2Signature();

            Node nextSibling = samlSignature.getNextSiblingOfIssuer(samlDocument);
            if (nextSibling != null) {
                samlSignature.setNextSibling(nextSibling);
            }
            KeyPair keypair = keyManager.getSigningKeyPair();
            samlSignature.signSAMLDocument(samlDocument, keypair);
        }
        String samlMessage = PostBindingUtil.base64Encode(DocumentUtil.getDocumentAsString(samlDocument));
        PostBindingUtil.sendPost(new DestinationInfoHolder(destination, samlMessage, relayState), response, request);
    }
View Full Code Here
TOP

Related Classes of org.picketlink.identity.federation.api.saml.v2.response.SAML2Response

  • org.jboss.identity.federation.api.saml.v2.sig.SAML2Signature
  • org.jboss.identity.federation.bindings.servlets.SOAPSAMLXACMLServlet
  • org.jboss.identity.federation.bindings.tomcat.idp.IDPRedirectValve
  • org.jboss.identity.federation.bindings.tomcat.idp.IDPRedirectWithSignatureValve
  • org.jboss.identity.federation.bindings.tomcat.idp.IDPWebRequestUtil
  • org.jboss.identity.federation.bindings.tomcat.sp.SPPostFormAuthenticator
  • org.jboss.identity.federation.bindings.tomcat.sp.SPRedirectFormAuthenticator
  • org.jboss.identity.federation.bindings.tomcat.sp.SPRedirectSignatureFormAuthenticator
  • org.jboss.identity.federation.core.saml.v2.common.SAMLDocumentHolder
  • org.jboss.identity.federation.saml.v2.assertion.AttributeStatementType
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.