Merge pull request #2435 from patriot1burke/master

KEYCLOAK-2584

adapters/saml/core/src/main/java/org/keycloak/adapters/saml/AbstractInitiateLogin.java

@@ -54,6 +54,39 @@ public abstract class AbstractInitiateLogin implements AuthChallenge {
     @Override
     public boolean challenge(HttpFacade httpFacade) {
         try {
+            SAML2AuthnRequestBuilder authnRequestBuilder = buildSaml2AuthnRequestBuilder(deployment);
+            BaseSAML2BindingBuilder binding = createSaml2Binding(deployment);
+            sessionStore.saveRequest();
+
+            sendAuthnRequest(httpFacade, authnRequestBuilder, binding);
+            sessionStore.setCurrentAction(SamlSessionStore.CurrentAction.LOGGING_IN);
+        } catch (Exception e) {
+            throw new RuntimeException("Could not create authentication request.", e);
+        }
+        return true;
+    }
+
+    public static BaseSAML2BindingBuilder createSaml2Binding(SamlDeployment deployment) {
+        BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder();
+
+        if (deployment.getIDP().getSingleSignOnService().signRequest()) {
+
+            binding.signatureAlgorithm(deployment.getSignatureAlgorithm());
+            KeyPair keypair = deployment.getSigningKeyPair();
+            if (keypair == null) {
+                throw new RuntimeException("Signing keys not configured");
+            }
+            if (deployment.getSignatureCanonicalizationMethod() != null) {
+                binding.canonicalizationMethod(deployment.getSignatureCanonicalizationMethod());
+            }
+
+            binding.signWith(keypair);
+            binding.signDocument();
+        }
+        return binding;
+    }
+
+    public static SAML2AuthnRequestBuilder buildSaml2AuthnRequestBuilder(SamlDeployment deployment) {
         String issuerURL = deployment.getEntityID();
         String nameIDPolicyFormat = deployment.getNameIDPolicyFormat();
 
@@ -77,30 +110,7 @@ public abstract class AbstractInitiateLogin implements AuthChallenge {
         if (deployment.getAssertionConsumerServiceUrl() != null) {
             authnRequestBuilder.assertionConsumerUrl(deployment.getAssertionConsumerServiceUrl());
         }
-            BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder();
+        return authnRequestBuilder;
-
-            if (deployment.getIDP().getSingleSignOnService().signRequest()) {
-
-
-                KeyPair keypair = deployment.getSigningKeyPair();
-                if (keypair == null) {
-                    throw new RuntimeException("Signing keys not configured");
-                }
-                if (deployment.getSignatureCanonicalizationMethod() != null) {
-                    binding.canonicalizationMethod(deployment.getSignatureCanonicalizationMethod());
-                }
-
-                binding.signWith(keypair);
-                binding.signDocument();
-            }
-            sessionStore.saveRequest();
-
-            sendAuthnRequest(httpFacade, authnRequestBuilder, binding);
-            sessionStore.setCurrentAction(SamlSessionStore.CurrentAction.LOGGING_IN);
-        } catch (Exception e) {
-            throw new RuntimeException("Could not create authentication request.", e);
-        }
-        return true;
     }
 
     protected abstract void sendAuthnRequest(HttpFacade httpFacade, SAML2AuthnRequestBuilder authnRequestBuilder, BaseSAML2BindingBuilder binding) throws ProcessingException, ConfigurationException, IOException;