| | |
| | | |
| | | keycloak_cas_url='http://localhost:8080/realms/master/protocol/cas' |
| | | action_pattern='action="([^"]+)"' |
| | | ticket_pattern='Location: .*\?ticket=(ST-[-A-Za-z0-9_.=]+)' |
| | | |
| | | get_ticket() { |
| | | local cookie_options="-b /tmp/cookies" |
| | | local ticket_pattern='Location: .*\?ticket=(ST-[-A-Za-z0-9_.=]+)' |
| | | local client_url_param=service |
| | | |
| | | if [ "$1" == "save_cookies" ]; then |
| | | cookie_options="${cookie_options} -c /tmp/cookies" |
| | | elif [ "$1" == "SAML" ]; then |
| | | ticket_pattern='Location: .*\?SAMLart=(ST-[-A-Za-z0-9_.=]+)' |
| | | client_url_param=TARGET |
| | | fi |
| | | |
| | | local login_response=$(curl --fail --silent -c /tmp/cookies "${keycloak_cas_url}/login?service=http://localhost") |
| | | local login_response=$(curl --fail --silent -c /tmp/cookies "${keycloak_cas_url}/login?${client_url_param}=http://localhost") |
| | | if [[ ! ($login_response =~ $action_pattern) ]] ; then |
| | | echo "Could not parse login form in response" |
| | | echo "${login_response}" |
| | |
| | | curl --fail --silent "${keycloak_cas_url}/p3/serviceValidate?service=http://localhost&format=JSON&ticket=$ticket" |
| | | echo |
| | | |
| | | # SAML 1.1 |
| | | ticket=$(get_ticket SAML) |
| | | timestamp=$(date -u +"%Y-%m-%dT%H:%M:%SZ") |
| | | saml_template=$(dirname "$0")/samlValidateTemplate.xml |
| | | sed -e "s/CAS_TICKET/$ticket/g" -e "s/TIMESTAMP/$timestamp/g" "$saml_template" \ |
| | | | curl --fail --silent -X POST -H "Content-Type: text/xml" \ |
| | | -H "SOAPAction: http://www.oasis-open.org/committees/security" \ |
| | | --data-binary @- "${keycloak_cas_url}/samlValidate?TARGET=http://localhost" |
| | | echo |
| | | |
| | | # CAS, gateway option |
| | | get_ticket save_cookies |
| | | login_response=$(curl --fail --silent -D - -b /tmp/cookies "${keycloak_cas_url}/login?service=http://localhost&gateway=true") |