diff --git a/broker/saml/src/main/java/org/keycloak/broker/saml/SAMLEndpoint.java b/broker/saml/src/main/java/org/keycloak/broker/saml/SAMLEndpoint.java index 7880c5bab2..309337f46b 100755 --- a/broker/saml/src/main/java/org/keycloak/broker/saml/SAMLEndpoint.java +++ b/broker/saml/src/main/java/org/keycloak/broker/saml/SAMLEndpoint.java @@ -25,8 +25,8 @@ import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserSessionModel; import org.keycloak.protocol.saml.JaxrsSAML2BindingBuilder; -import org.keycloak.protocol.saml.SAML2LogoutResponseBuilder; -import org.keycloak.protocol.saml.SAMLRequestParser; +import org.keycloak.saml.SAML2LogoutResponseBuilder; +import org.keycloak.saml.SAMLRequestParser; import org.keycloak.protocol.saml.SamlProtocol; import org.keycloak.protocol.saml.SamlProtocolUtils; import org.keycloak.saml.common.constants.GeneralConstants; diff --git a/broker/saml/src/main/java/org/keycloak/broker/saml/SAMLIdentityProvider.java b/broker/saml/src/main/java/org/keycloak/broker/saml/SAMLIdentityProvider.java index a10fd50c10..6d87d963d7 100755 --- a/broker/saml/src/main/java/org/keycloak/broker/saml/SAMLIdentityProvider.java +++ b/broker/saml/src/main/java/org/keycloak/broker/saml/SAMLIdentityProvider.java @@ -34,20 +34,16 @@ import org.keycloak.models.FederatedIdentityModel; import org.keycloak.models.RealmModel; import org.keycloak.models.UserSessionModel; import org.keycloak.protocol.saml.JaxrsSAML2BindingBuilder; -import org.keycloak.protocol.saml.SAML2AuthnRequestBuilder; -import org.keycloak.protocol.saml.SAML2LogoutRequestBuilder; -import org.keycloak.protocol.saml.SAML2NameIDPolicyBuilder; +import org.keycloak.saml.SAML2AuthnRequestBuilder; +import org.keycloak.saml.SAML2LogoutRequestBuilder; +import org.keycloak.saml.SAML2NameIDPolicyBuilder; import org.keycloak.saml.common.constants.GeneralConstants; import org.keycloak.saml.common.constants.JBossSAMLURIConstants; -import org.keycloak.saml.common.exceptions.ConfigurationException; -import org.keycloak.saml.common.exceptions.ParsingException; -import org.keycloak.saml.common.exceptions.ProcessingException; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import javax.ws.rs.core.UriBuilder; import javax.ws.rs.core.UriInfo; -import java.io.IOException; import java.security.KeyPair; import java.security.PrivateKey; import java.security.PublicKey; diff --git a/integration/adapter-core/src/main/java/org/keycloak/adapters/RequestAuthenticator.java b/integration/adapter-core/src/main/java/org/keycloak/adapters/RequestAuthenticator.java index 04cf79e22b..daf205a3fd 100755 --- a/integration/adapter-core/src/main/java/org/keycloak/adapters/RequestAuthenticator.java +++ b/integration/adapter-core/src/main/java/org/keycloak/adapters/RequestAuthenticator.java @@ -9,11 +9,11 @@ import org.keycloak.KeycloakPrincipal; */ public abstract class RequestAuthenticator { protected static Logger log = Logger.getLogger(RequestAuthenticator.class); - protected HttpFacade facade; + protected AuthChallenge challenge; + protected KeycloakDeployment deployment; protected AdapterTokenStore tokenStore; - protected AuthChallenge challenge; protected int sslRedirectPort; public RequestAuthenticator(HttpFacade facade, KeycloakDeployment deployment, AdapterTokenStore tokenStore, int sslRedirectPort) { diff --git a/saml/client-adapter/core/pom.xml b/saml/client-adapter/core/pom.xml new file mode 100755 index 0000000000..36cdc08faf --- /dev/null +++ b/saml/client-adapter/core/pom.xml @@ -0,0 +1,60 @@ + + + + keycloak-parent + org.keycloak + 1.5.0.Final-SNAPSHOT + ../../../pom.xml + + 4.0.0 + + keycloak-saml-adapter-core + Keycloak SAML Adapter Core + + + + ${maven.build.timestamp} + yyyy-MM-dd HH:mm + + + + org.keycloak + keycloak-saml-core + provided + + + org.keycloak + keycloak-adapter-spi + provided + + + org.keycloak + keycloak-core + provided + + + org.jboss.logging + jboss-logging + provided + + + junit + junit + test + + + + + + org.apache.maven.plugins + maven-compiler-plugin + + ${maven.compiler.source} + ${maven.compiler.target} + + + + + + diff --git a/saml/client-adapter/core/src/main/java/org/keycloak/adapters/saml/SamlAuthenticator.java b/saml/client-adapter/core/src/main/java/org/keycloak/adapters/saml/SamlAuthenticator.java new file mode 100755 index 0000000000..eb5db0f564 --- /dev/null +++ b/saml/client-adapter/core/src/main/java/org/keycloak/adapters/saml/SamlAuthenticator.java @@ -0,0 +1,25 @@ +package org.keycloak.adapters.saml; + +import org.jboss.logging.Logger; +import org.keycloak.adapters.AuthChallenge; +import org.keycloak.adapters.AuthOutcome; +import org.keycloak.adapters.HttpFacade; + +/** + * @author Bill Burke + * @version $Revision: 1 $ + */ +public class SamlAuthenticator { + protected static Logger log = Logger.getLogger(SamlAuthenticator.class); + + protected HttpFacade facade; + protected AuthChallenge challenge; + + public AuthChallenge getChallenge() { + return challenge; + } + + public AuthOutcome authenticate() { + return null; + } +} diff --git a/saml/client-adapter/pom.xml b/saml/client-adapter/pom.xml new file mode 100755 index 0000000000..5242ff63db --- /dev/null +++ b/saml/client-adapter/pom.xml @@ -0,0 +1,19 @@ + + + keycloak-parent + org.keycloak + 1.5.0.Final-SNAPSHOT + ../../pom.xml + + Keycloak SAML Client Adapter Modules + + 4.0.0 + + keycloak-saml-client-adapter-pom + pom + + + core + + diff --git a/saml/pom.xml b/saml/pom.xml index c836f847ee..3e908106b1 100755 --- a/saml/pom.xml +++ b/saml/pom.xml @@ -16,5 +16,6 @@ saml-core saml-protocol + client-adapter diff --git a/saml/saml-core/pom.xml b/saml/saml-core/pom.xml index 454c4129c4..3b1c97748e 100755 --- a/saml/saml-core/pom.xml +++ b/saml/saml-core/pom.xml @@ -23,6 +23,11 @@ jboss-logging provided + + org.keycloak + keycloak-core + provided + org.apache.santuario xmlsec diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/BaseSAML2BindingBuilder.java b/saml/saml-core/src/main/java/org/keycloak/saml/BaseSAML2BindingBuilder.java similarity index 92% rename from saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/BaseSAML2BindingBuilder.java rename to saml/saml-core/src/main/java/org/keycloak/saml/BaseSAML2BindingBuilder.java index efb8e40d47..a39adf3d01 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/BaseSAML2BindingBuilder.java +++ b/saml/saml-core/src/main/java/org/keycloak/saml/BaseSAML2BindingBuilder.java @@ -1,4 +1,4 @@ -package org.keycloak.protocol.saml; +package org.keycloak.saml; import org.jboss.logging.Logger; import org.keycloak.saml.common.constants.GeneralConstants; @@ -177,7 +177,7 @@ public class BaseSAML2BindingBuilder { - private String getSAMLNSPrefix(Document samlResponseDocument) { + public String getSAMLNSPrefix(Document samlResponseDocument) { Node assertionElement = samlResponseDocument.getDocumentElement() .getElementsByTagNameNS(JBossSAMLURIConstants.ASSERTION_NSURI.get(), JBossSAMLConstants.ASSERTION.get()).item(0); @@ -188,14 +188,14 @@ public class BaseSAML2BindingBuilder { return assertionElement.getPrefix(); } - protected void encryptDocument(Document samlDocument) throws ProcessingException { + public void encryptDocument(Document samlDocument) throws ProcessingException { String samlNSPrefix = getSAMLNSPrefix(samlDocument); try { QName encryptedAssertionElementQName = new QName(JBossSAMLURIConstants.ASSERTION_NSURI.get(), JBossSAMLConstants.ENCRYPTED_ASSERTION.get(), samlNSPrefix); - byte[] secret = SamlProtocolUtils.createRandomSecret(encryptionKeySize / 8); + byte[] secret = RandomSecret.createRandomSecret(encryptionKeySize / 8); SecretKey secretKey = new SecretKeySpec(secret, encryptionAlgorithm); // encrypt the Assertion element and replace it with a EncryptedAssertion element. @@ -208,7 +208,7 @@ public class BaseSAML2BindingBuilder { } - protected void signDocument(Document samlDocument) throws ProcessingException { + public void signDocument(Document samlDocument) throws ProcessingException { String signatureMethod = signatureAlgorithm.getXmlSignatureMethod(); String signatureDigestMethod = signatureAlgorithm.getXmlSignatureDigestMethod(); SAML2Signature samlSignature = new SAML2Signature(); @@ -232,7 +232,7 @@ public class BaseSAML2BindingBuilder { samlSignature.signSAMLDocument(samlDocument, signingKeyPair, canonicalizationMethodType); } - protected void signAssertion(Document samlDocument) throws ProcessingException { + public void signAssertion(Document samlDocument) throws ProcessingException { Element originalAssertionElement = org.keycloak.saml.common.util.DocumentUtil.getChildElement(samlDocument.getDocumentElement(), new QName(JBossSAMLURIConstants.ASSERTION_NSURI.get(), JBossSAMLConstants.ASSERTION.get())); if (originalAssertionElement == null) return; Node clonedAssertionElement = originalAssertionElement.cloneNode(true); @@ -257,14 +257,14 @@ public class BaseSAML2BindingBuilder { } - protected String buildHtmlPostResponse(Document responseDoc, String actionUrl, boolean asRequest) throws ProcessingException, ConfigurationException, IOException { + public String buildHtmlPostResponse(Document responseDoc, String actionUrl, boolean asRequest) throws ProcessingException, ConfigurationException, IOException { byte[] responseBytes = org.keycloak.saml.common.util.DocumentUtil.getDocumentAsString(responseDoc).getBytes("UTF-8"); String samlResponse = PostBindingUtil.base64Encode(new String(responseBytes)); return buildHtml(samlResponse, actionUrl, asRequest); } - protected String buildHtml(String samlResponse, String actionUrl, boolean asRequest) { + public String buildHtml(String samlResponse, String actionUrl, boolean asRequest) { StringBuilder builder = new StringBuilder(); String key = GeneralConstants.SAML_RESPONSE_KEY; @@ -297,7 +297,7 @@ public class BaseSAML2BindingBuilder { return builder.toString(); } - protected String base64Encoded(Document document) throws ConfigurationException, ProcessingException, IOException { + public String base64Encoded(Document document) throws ConfigurationException, ProcessingException, IOException { String documentAsString = DocumentUtil.getDocumentAsString(document); logger.debugv("saml docment: {0}", documentAsString); byte[] responseBytes = documentAsString.getBytes("UTF-8"); @@ -306,7 +306,7 @@ public class BaseSAML2BindingBuilder { } - protected URI generateRedirectUri(String samlParameterName, String redirectUri, Document document) throws ConfigurationException, ProcessingException, IOException { + public URI generateRedirectUri(String samlParameterName, String redirectUri, Document document) throws ConfigurationException, ProcessingException, IOException { KeycloakUriBuilder builder = KeycloakUriBuilder.fromUri(redirectUri) .replaceQuery(null) .queryParam(samlParameterName, base64Encoded(document)); diff --git a/saml/saml-core/src/main/java/org/keycloak/saml/RandomSecret.java b/saml/saml-core/src/main/java/org/keycloak/saml/RandomSecret.java new file mode 100755 index 0000000000..67f4ba7091 --- /dev/null +++ b/saml/saml-core/src/main/java/org/keycloak/saml/RandomSecret.java @@ -0,0 +1,25 @@ +package org.keycloak.saml; + +import java.security.SecureRandom; + +/** + * @author Bill Burke + * @version $Revision: 1 $ + */ +public class RandomSecret { + /** + *

+ * Creates a random {@code byte[]} secret of the specified size. + *

+ * + * @param size the size of the secret to be created, in bytes. + * + * @return a {@code byte[]} containing the generated secret. + */ + public static byte[] createRandomSecret(final int size) { + SecureRandom random = new SecureRandom(); + byte[] secret = new byte[size]; + random.nextBytes(secret); + return secret; + } +} diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2AuthnRequestBuilder.java b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2AuthnRequestBuilder.java similarity index 98% rename from saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2AuthnRequestBuilder.java rename to saml/saml-core/src/main/java/org/keycloak/saml/SAML2AuthnRequestBuilder.java index 8dd3436f99..40db78c5f3 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2AuthnRequestBuilder.java +++ b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2AuthnRequestBuilder.java @@ -15,7 +15,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.keycloak.protocol.saml; +package org.keycloak.saml; import org.keycloak.saml.common.exceptions.ConfigurationException; import org.keycloak.saml.processing.api.saml.v2.request.SAML2Request; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2ErrorResponseBuilder.java b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2ErrorResponseBuilder.java similarity index 95% rename from saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2ErrorResponseBuilder.java rename to saml/saml-core/src/main/java/org/keycloak/saml/SAML2ErrorResponseBuilder.java index 3ea4440423..db7ac7ebf0 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2ErrorResponseBuilder.java +++ b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2ErrorResponseBuilder.java @@ -1,7 +1,6 @@ -package org.keycloak.protocol.saml; +package org.keycloak.saml; import org.keycloak.saml.common.constants.JBossSAMLURIConstants; -import org.keycloak.saml.common.exceptions.ConfigurationException; import org.keycloak.saml.common.exceptions.ProcessingException; import org.keycloak.saml.processing.api.saml.v2.response.SAML2Response; import org.keycloak.saml.processing.core.saml.v2.common.IDGenerator; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2LoginResponseBuilder.java b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2LoginResponseBuilder.java similarity index 99% rename from saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2LoginResponseBuilder.java rename to saml/saml-core/src/main/java/org/keycloak/saml/SAML2LoginResponseBuilder.java index 0b7dfb4f22..9ca5f670d9 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2LoginResponseBuilder.java +++ b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2LoginResponseBuilder.java @@ -1,4 +1,4 @@ -package org.keycloak.protocol.saml; +package org.keycloak.saml; import org.keycloak.saml.common.PicketLinkLogger; import org.keycloak.saml.common.PicketLinkLoggerFactory; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2LogoutRequestBuilder.java b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2LogoutRequestBuilder.java similarity index 98% rename from saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2LogoutRequestBuilder.java rename to saml/saml-core/src/main/java/org/keycloak/saml/SAML2LogoutRequestBuilder.java index 982927e107..a1c7c7ee17 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2LogoutRequestBuilder.java +++ b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2LogoutRequestBuilder.java @@ -1,4 +1,4 @@ -package org.keycloak.protocol.saml; +package org.keycloak.saml; import org.keycloak.saml.common.exceptions.ConfigurationException; import org.keycloak.saml.common.exceptions.ParsingException; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2LogoutResponseBuilder.java b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2LogoutResponseBuilder.java similarity index 98% rename from saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2LogoutResponseBuilder.java rename to saml/saml-core/src/main/java/org/keycloak/saml/SAML2LogoutResponseBuilder.java index 43aa1c9625..6710f71acf 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2LogoutResponseBuilder.java +++ b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2LogoutResponseBuilder.java @@ -1,4 +1,4 @@ -package org.keycloak.protocol.saml; +package org.keycloak.saml; import org.keycloak.saml.common.constants.JBossSAMLURIConstants; import org.keycloak.saml.common.exceptions.ConfigurationException; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2NameIDPolicyBuilder.java b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2NameIDPolicyBuilder.java similarity index 97% rename from saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2NameIDPolicyBuilder.java rename to saml/saml-core/src/main/java/org/keycloak/saml/SAML2NameIDPolicyBuilder.java index cc395cbf9b..446ca3634d 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAML2NameIDPolicyBuilder.java +++ b/saml/saml-core/src/main/java/org/keycloak/saml/SAML2NameIDPolicyBuilder.java @@ -15,7 +15,7 @@ * See the License for the specific language governing permissions and * limitations under the License. */ -package org.keycloak.protocol.saml; +package org.keycloak.saml; import org.keycloak.dom.saml.v2.protocol.NameIDPolicyType; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAMLRequestParser.java b/saml/saml-core/src/main/java/org/keycloak/saml/SAMLRequestParser.java similarity index 98% rename from saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAMLRequestParser.java rename to saml/saml-core/src/main/java/org/keycloak/saml/SAMLRequestParser.java index 65db552550..fb4fa0a854 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SAMLRequestParser.java +++ b/saml/saml-core/src/main/java/org/keycloak/saml/SAMLRequestParser.java @@ -1,4 +1,4 @@ -package org.keycloak.protocol.saml; +package org.keycloak.saml; import org.keycloak.saml.common.PicketLinkLogger; import org.keycloak.saml.common.PicketLinkLoggerFactory; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SignatureAlgorithm.java b/saml/saml-core/src/main/java/org/keycloak/saml/SignatureAlgorithm.java similarity index 98% rename from saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SignatureAlgorithm.java rename to saml/saml-core/src/main/java/org/keycloak/saml/SignatureAlgorithm.java index b10f0ce4df..8df4bc3f26 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SignatureAlgorithm.java +++ b/saml/saml-core/src/main/java/org/keycloak/saml/SignatureAlgorithm.java @@ -1,4 +1,4 @@ -package org.keycloak.protocol.saml; +package org.keycloak.saml; import java.security.Signature; import java.util.HashMap; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporterService.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporterService.java index 2b6a72c7f1..8cdd302faf 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporterService.java +++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/EntityDescriptorImporterService.java @@ -5,6 +5,7 @@ import org.jboss.resteasy.plugins.providers.multipart.MultipartFormDataInput; import org.keycloak.models.ClientModel; import org.keycloak.models.RealmModel; import org.keycloak.models.utils.KeycloakModelUtils; +import org.keycloak.saml.SignatureAlgorithm; import org.keycloak.services.resources.admin.RealmAuth; import org.keycloak.saml.common.constants.JBossSAMLURIConstants; import org.keycloak.saml.common.exceptions.ConfigurationException; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/JaxrsSAML2BindingBuilder.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/JaxrsSAML2BindingBuilder.java index fc2b5e954a..36e58044f9 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/JaxrsSAML2BindingBuilder.java +++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/JaxrsSAML2BindingBuilder.java @@ -1,5 +1,6 @@ package org.keycloak.protocol.saml; +import org.keycloak.saml.BaseSAML2BindingBuilder; import org.keycloak.saml.common.exceptions.ConfigurationException; import org.keycloak.saml.common.exceptions.ProcessingException; import org.w3c.dom.Document; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java index 42952304c7..4be6608d42 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java +++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocol.java @@ -26,6 +26,11 @@ import org.keycloak.protocol.RestartLoginCookie; import org.keycloak.protocol.saml.mappers.SAMLAttributeStatementMapper; import org.keycloak.protocol.saml.mappers.SAMLLoginResponseMapper; import org.keycloak.protocol.saml.mappers.SAMLRoleListMapper; +import org.keycloak.saml.SAML2ErrorResponseBuilder; +import org.keycloak.saml.SAML2LoginResponseBuilder; +import org.keycloak.saml.SAML2LogoutRequestBuilder; +import org.keycloak.saml.SAML2LogoutResponseBuilder; +import org.keycloak.saml.SignatureAlgorithm; import org.keycloak.saml.common.constants.GeneralConstants; import org.keycloak.saml.common.constants.JBossSAMLURIConstants; import org.keycloak.saml.common.exceptions.ConfigurationException; diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java index d865b2cdcd..bc18f3da96 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java +++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlProtocolUtils.java @@ -2,6 +2,7 @@ package org.keycloak.protocol.saml; import org.keycloak.VerificationException; import org.keycloak.models.ClientModel; +import org.keycloak.saml.SignatureAlgorithm; import org.keycloak.saml.common.constants.GeneralConstants; import org.keycloak.saml.common.exceptions.ProcessingException; import org.keycloak.saml.processing.api.saml.v2.sig.SAML2Signature; @@ -23,22 +24,6 @@ import java.security.cert.Certificate; */ public class SamlProtocolUtils { - /** - *

- * Creates a random {@code byte[]} secret of the specified size. - *

- * - * @param size the size of the secret to be created, in bytes. - * - * @return a {@code byte[]} containing the generated secret. - */ - public static byte[] createRandomSecret(final int size) { - SecureRandom random = new SecureRandom(); - byte[] secret = new byte[size]; - random.nextBytes(secret); - return secret; - } - public static void verifyDocumentSignature(ClientModel client, Document document) throws VerificationException { if (!"true".equals(client.getAttribute(SamlProtocol.SAML_CLIENT_SIGNATURE_ATTRIBUTE))) { diff --git a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java index 96b240ae90..0780e941c9 100755 --- a/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java +++ b/saml/saml-protocol/src/main/java/org/keycloak/protocol/saml/SamlService.java @@ -3,7 +3,6 @@ package org.keycloak.protocol.saml; import org.jboss.logging.Logger; import org.jboss.resteasy.spi.HttpRequest; import org.jboss.resteasy.spi.HttpResponse; -import org.jboss.resteasy.spi.NotFoundException; import org.keycloak.ClientConnection; import org.keycloak.VerificationException; import org.keycloak.authentication.AuthenticationProcessor; @@ -24,10 +23,12 @@ import org.keycloak.models.IdentityProviderModel; import org.keycloak.models.KeycloakSession; import org.keycloak.models.RealmModel; import org.keycloak.models.UserSessionModel; -import org.keycloak.models.utils.DefaultAuthenticationFlows; import org.keycloak.models.utils.KeycloakModelUtils; import org.keycloak.protocol.RestartLoginCookie; import org.keycloak.protocol.oidc.utils.RedirectUtils; +import org.keycloak.saml.SAML2LogoutResponseBuilder; +import org.keycloak.saml.SAMLRequestParser; +import org.keycloak.saml.SignatureAlgorithm; import org.keycloak.saml.common.constants.GeneralConstants; import org.keycloak.saml.common.constants.JBossSAMLURIConstants; import org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder;