From 9ed06695889c482c9a634d63581dd73bf6db23a3 Mon Sep 17 00:00:00 2001
From: Daniel Ramos <dan@daramos.com>
Date: Thu, 31 Mar 2022 21:15:42 +0000
Subject: [PATCH] Add SAML 1.1 test to integration test

---
 integrationTest/suite.sh |   21 ++++++++++++++++++---
 1 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/integrationTest/suite.sh b/integrationTest/suite.sh
index 8b1507c..ccd0680 100755
--- a/integrationTest/suite.sh
+++ b/integrationTest/suite.sh
@@ -1,17 +1,22 @@
 #!/bin/bash
 set -e
 
-keycloak_cas_url='http://localhost:8080/auth/realms/master/protocol/cas'
+keycloak_cas_url='http://localhost:8080/realms/master/protocol/cas'
 action_pattern='action="([^"]+)"'
-ticket_pattern='Location: .*\?ticket=(ST-[-A-Za-z0-9_.=]+)'
 
 get_ticket() {
     local cookie_options="-b /tmp/cookies"
+    local ticket_pattern='Location: .*\?ticket=(ST-[-A-Za-z0-9_.=]+)'
+    local client_url_param=service
+
     if [ "$1" == "save_cookies" ]; then
       cookie_options="${cookie_options} -c /tmp/cookies"
+    elif [ "$1" == "SAML" ]; then
+      ticket_pattern='Location: .*\?SAMLart=(ST-[-A-Za-z0-9_.=]+)'
+      client_url_param=TARGET
     fi
 
-    local login_response=$(curl --fail --silent -c /tmp/cookies "${keycloak_cas_url}/login?service=http://localhost")
+    local login_response=$(curl --fail --silent -c /tmp/cookies "${keycloak_cas_url}/login?${client_url_param}=http://localhost")
     if [[ ! ($login_response =~ $action_pattern) ]] ; then
         echo "Could not parse login form in response"
         echo "${login_response}"
@@ -48,6 +53,16 @@
 curl --fail --silent "${keycloak_cas_url}/p3/serviceValidate?service=http://localhost&format=JSON&ticket=$ticket"
 echo
 
+# SAML 1.1
+ticket=$(get_ticket SAML)
+timestamp=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+saml_template=$(dirname "$0")/samlValidateTemplate.xml
+sed -e "s/CAS_TICKET/$ticket/g" -e "s/TIMESTAMP/$timestamp/g" "$saml_template" \
+  | curl --fail --silent -X POST -H "Content-Type: text/xml" \
+      -H "SOAPAction: http://www.oasis-open.org/committees/security" \
+      --data-binary @- "${keycloak_cas_url}/samlValidate?TARGET=http://localhost"
+echo
+
 # CAS, gateway option
 get_ticket save_cookies
 login_response=$(curl --fail --silent -D - -b /tmp/cookies "${keycloak_cas_url}/login?service=http://localhost&gateway=true")

--
Gitblit v1.9.1