Author: sguilhen(a)redhat.com Date: 2010-11-11 12:43:49 -0500 (Thu, 11 Nov 2010) New Revision: 552 Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-certificate.xml federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-combined.xml federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-pubkey.xml federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-simmetric.xml federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion.xml federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-cancel.xml federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-invalid.xml federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-valid.xml Log: Adding sample WS-Trust response messages for testing purposes Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-certificate.xml =================================================================== --- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-certificate.xml (rev 0) +++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-certificate.xml 2010-11-11 17:43:49 UTC (rev 552) @@ -0,0 +1,78 @@ +<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-w... + <wst:RequestSecurityTokenResponse Context="testcontext"> + <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-prof... + <wst:Lifetime> + <wsu:Created>2010-11-11T16:34:19.602Z</wsu:Created> + <wsu:Expires>2010-11-11T18:34:19.602Z</wsu:Expires> + </wst:Lifetime> + <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> + <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing"> + <wsa:Address>http://services.testcorp.org/provider2</wsa:Address> + </wsa:EndpointReference> + </wsp:AppliesTo> + <wst:KeySize>128</wst:KeySize> + <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey... + <wst:RequestedSecurityToken> + <saml2:Assertion ID="ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f" IssueInstant="2010-11-11T16:34:19.602Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> + <saml2:Issuer>Test STS</saml2:Issuer> + <saml2:Subject> + <saml2:NameID NameQualifier="urn:picketlink:identity-federation">jduke</saml2:NameID> + <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"> + <saml2:SubjectConfirmationData xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xsi:type="KeyInfoConfirmationDataType"> + <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:X509Data> + <dsig:X509Certificate> +MIICVDCCAb0CBEn2ANAwDQYJKoZIhvcNAQEEBQAwcTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkZMMQ4wDAYDVQQHEwVNaWFtaTESMBAGA1UEChMJVGVjaG5vYnVnMRQwEgYDVQQLEwtTYW1wbGUgVW5pdDEbMBkGA1UEAxMSU2VydmljZSBQcm92aWRlciAxMB4XDTA5MDQyNzE5MDAzMloXDTA5MDcyNjE5MDAzMlowcTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkZMMQ4wDAYDVQQHEwVNaWFtaTESMBAGA1UEChMJVGVjaG5vYnVnMRQwEgYDVQQLEwtTYW1wbGUgVW5pdDEbMBkGA1UEAxMSU2VydmljZSBQcm92aWRlciAxMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC1yAvTR3PaBfYU77dznEb6PRPJWwAn3XDvp1kIObmaV2rkDwb+8dDkS2Y0pfl52ubKKK82kg/PA6GeL1c0/MCGCRnrZdCaQgKW/Tj+jh1SzZdLlMdBxYuV39jRUXoHJYgfhm7FZjew2SXo40T/qbeKYGhBS6D1tDPngxU1umB/hwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAK33IhDY8BGFf5A4gk4iQ8pOpfxq7khBerj5+5VaW5fdxbfs9vIpD2lLNkk0OnIEs5cd7ERqi2W7pb/M4yHVJ2/09JqAqVEbZYW/Gi88ZrxdfPexP5F9SnHkRwdMNPAV/XUXc0m6Jw44t02xzrgOVRyOaLE+X1Wvb1YWpLkgIua2 + </dsig:X509Certificate> + </dsig:X509Data> + </dsig:KeyInfo> + </saml2:SubjectConfirmationData> + </saml2:SubjectConfirmation> + </saml2:Subject> + <saml2:Conditions NotBefore="2010-11-11T16:34:19.602Z" NotOnOrAfter="2010-11-11T18:34:19.602Z"> + <saml2:AudienceRestriction> + <saml2:Audience>http://services.testcorp.org/provider2</saml2:Audien... + </saml2:AudienceRestriction> + </saml2:Conditions> + <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"... + <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <dsig:Reference URI="#ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae"> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature&quo... + <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>XOHHAGsbjaDmICo3hwutC7N31Nk=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue> +RS/FTE78ndmSjuccLTn4HuzBO90/PYvIufv57eZHftSOZIPC/5LeycMHK84a7dsE+CEslLJYdKEU +3+rbg8cnN9mhEJEmNjVmjKvCvCrWPOj/0p2vImZPMOCTimlhipUMd65ldtdvps35sQBtE4jBIJ+N +OB+stBdZbMGw16AQ8S0= + </dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:KeyValue> + <dsig:RSAKeyValue> + <dsig:Modulus> +suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1 +dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJns2qVnMuRK19ju2dxpKw +lYGGtrP5VQv00dfNPbs= + </dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </dsig:KeyValue> + </dsig:KeyInfo> + </dsig:Signature> + </saml2:Assertion> + </wst:RequestedSecurityToken> + <wst:RequestedAttachedReference> + <wsse:SecurityTokenReference xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-se... wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-toke... xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-... + <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profi... +#ID_5a15fc70-daa1-4808-b70e-9cbf6b8e4d4f + </wsse:KeyIdentifier> + </wsse:SecurityTokenReference> + </wst:RequestedAttachedReference> + </wst:RequestSecurityTokenResponse> +</wst:RequestSecurityTokenResponseCollection> Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-combined.xml =================================================================== --- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-combined.xml (rev 0) +++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-combined.xml 2010-11-11 17:43:49 UTC (rev 552) @@ -0,0 +1,87 @@ +<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-w... + <wst:RequestSecurityTokenResponse Context="testcontext"> + <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-prof... + <wst:Lifetime> + <wsu:Created>2010-11-11T16:34:19.602Z</wsu:Created> + <wsu:Expires>2010-11-11T18:34:19.602Z</wsu:Expires> + </wst:Lifetime> + <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> + <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing"> + <wsa:Address>http://services.testcorp.org/provider2</wsa:Address> + </wsa:EndpointReference> + </wsp:AppliesTo> + <wst:KeySize>128</wst:KeySize> + <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Symmetric... + <wst:RequestedSecurityToken> + <saml2:Assertion ID="ID_17a5f8b6-0c74-4df8-993d-ff51f00c57c7" IssueInstant="2010-11-11T16:34:19.602Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> + <saml2:Issuer>Test STS</saml2:Issuer> + <saml2:Subject> + <saml2:NameID NameQualifier="urn:picketlink:identity-federation">jduke</saml2:NameID> + <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"> + <saml2:SubjectConfirmationData xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xsi:type="KeyInfoConfirmationDataType"> + <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> + <saml2:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> + <xenc:CipherData> + <xenc:CipherValue>Sq+duLMJvG9iRtcd4zSpIEPDfa7RCxf7pAP9hnjRjcIcBBVu//5jrzLOY67Su8TkNqG6Y4Oo+LiCriqsw78Rm+4fcZ79/aY2f9Pfo7H2xPsRP9B0yD7DsvKp03gNRp5y2OHL9fhSIgevswvVmspNbpn0BGecE9BwM69/9jU/fl8= + </xenc:CipherValue> + </xenc:CipherData> + </xenc:EncryptedKey> + </dsig:KeyInfo> + </saml2:SubjectConfirmationData> + </saml2:SubjectConfirmation> + </saml2:Subject> + <saml2:Conditions NotBefore="2010-11-11T16:34:19.602Z" NotOnOrAfter="2010-11-11T18:34:19.602Z"> + <saml2:AudienceRestriction> + <saml2:Audience>http://services.testcorp.org/provider2</saml2:Audien... + </saml2:AudienceRestriction> + </saml2:Conditions> + <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"... + <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <dsig:Reference URI="#ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae"> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature&quo... + <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>2kY+t5BbdjKKg3vq0SIKCSLTR04=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue> +LNQLG+ZGKpIyrT0HM7Rvlie4P3TWK7N/MzKdL+FKu5VlzxzMVjt56b31SGufTl5Lgjx7P7b5MZRj +QGwfQRxlfHP7zWGr5A3zyDtV8OS5u8UZt8dYaO96PyPYOzS82drb2ujPxx63cucvcQnONrQXr/Ob +vsQ212ns9qYBk60G2Cg= + </dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:KeyValue> + <dsig:RSAKeyValue> + <dsig:Modulus> +suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1 +dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJns2qVnMuRK19ju2dxpKw +lYGGtrP5VQv00dfNPbs= + </dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </dsig:KeyValue> + </dsig:KeyInfo> + </dsig:Signature> + </saml2:Assertion> + </wst:RequestedSecurityToken> + <wst:RequestedProofToken> + <wst:ComputedKey>http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/PS... + </wst:RequestedProofToken> + <wst:Entropy> + <wst:BinarySecret Type="http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce"&g... + </wst:Entropy> + <wst:RequestedAttachedReference> + <wsse:SecurityTokenReference xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-se... wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-toke... xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-... + <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profi... +#ID_17a5f8b6-0c74-4df8-993d-ff51f00c57c7 + </wsse:KeyIdentifier> + </wsse:SecurityTokenReference> + </wst:RequestedAttachedReference> + </wst:RequestSecurityTokenResponse> +</wst:RequestSecurityTokenResponseCollection> + Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-pubkey.xml =================================================================== --- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-pubkey.xml (rev 0) +++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-pubkey.xml 2010-11-11 17:43:49 UTC (rev 552) @@ -0,0 +1,81 @@ +<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-w... + <wst:RequestSecurityTokenResponse Context="testcontext"> + <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-prof... + <wst:Lifetime> + <wsu:Created>2010-11-11T16:34:19.602Z</wsu:Created> + <wsu:Expires>2010-11-11T18:34:19.602Z</wsu:Expires> + </wst:Lifetime> + <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> + <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing"> + <wsa:Address>http://services.testcorp.org/provider2</wsa:Address> + </wsa:EndpointReference> + </wsp:AppliesTo> + <wst:KeySize>128</wst:KeySize> + <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey... + <wst:RequestedSecurityToken> + <saml2:Assertion ID="ID_22727062-ce90-44d3-a870-823ec0d69809" IssueInstant="2010-11-11T16:34:19.602Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> + <saml2:Issuer>Test STS</saml2:Issuer> + <saml2:Subject> + <saml2:NameID NameQualifier="urn:picketlink:identity-federation">jduke</saml2:NameID> + <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"> + <saml2:SubjectConfirmationData xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xsi:type="KeyInfoConfirmationDataType"> + <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:KeyValue> + <dsig:RSAKeyValue> + <dsig:Modulus> +ALXIC9NHc9oF9hTvt3OcRvo9E8lbACfdcO+nWQg5uZpXauQPBv7x0ORLZjSl+Xna5soorzaSD88DoZ4vVzT8wIYJGetl0JpCApb9OP6OHVLNl0uUx0HFi5Xf2NFRegcliB+GbsVmN7DZJejjRP+pt4pgaEFLoPW0M+eDFTW6YH+H + </dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </dsig:KeyValue> + </dsig:KeyInfo> + </saml2:SubjectConfirmationData> + </saml2:SubjectConfirmation> + </saml2:Subject> + <saml2:Conditions NotBefore="2010-11-11T16:34:19.602Z" NotOnOrAfter="2010-11-11T18:34:19.602Z"> + <saml2:AudienceRestriction> + <saml2:Audience>http://services.testcorp.org/provider2</saml2:Audien... + </saml2:AudienceRestriction> + </saml2:Conditions> + <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"... + <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <dsig:Reference URI="#ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae"> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature&quo... + <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>N5WxOctBkA4K6JfkMjM7u0VPv+I=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue> +sfZJ7mQFaEsE+eeKBnccbi9ollA1byl37SrhjVAOpWHya9AwoY3iKliStQRIrdgYCMUcRJkw+OXl +7lIc4kgbLWnfzBM9oy8AN4Vfa0O8hnGLY5GZP++18BlQluudVyDw3yBvkXC0NxIYuXi2O2nJQ9OB +rGfVybfpTIPOp+oaAgY= + </dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:KeyValue> + <dsig:RSAKeyValue> + <dsig:Modulus> +suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1 +dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJns2qVnMuRK19ju2dxpKw +lYGGtrP5VQv00dfNPbs= + </dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </dsig:KeyValue> + </dsig:KeyInfo> + </dsig:Signature> + </saml2:Assertion> + </wst:RequestedSecurityToken> + <wst:RequestedAttachedReference> + <wsse:SecurityTokenReference xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-se... wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-toke... xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-... + <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profi... +#ID_22727062-ce90-44d3-a870-823ec0d69809 + </wsse:KeyIdentifier> + </wsse:SecurityTokenReference> + </wst:RequestedAttachedReference> + </wst:RequestSecurityTokenResponse> +</wst:RequestSecurityTokenResponseCollection> Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-simmetric.xml =================================================================== --- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-simmetric.xml (rev 0) +++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion-hok-simmetric.xml 2010-11-11 17:43:49 UTC (rev 552) @@ -0,0 +1,86 @@ +<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-w... + <wst:RequestSecurityTokenResponse Context="testcontext"> + <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-prof... + <wst:Lifetime> + <wsu:Created>2010-11-11T16:34:19.602Z</wsu:Created> + <wsu:Expires>2010-11-11T18:34:19.602Z</wsu:Expires> + </wst:Lifetime> + <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> + <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing"> + <wsa:Address>http://services.testcorp.org/provider2</wsa:Address> + </wsa:EndpointReference> + </wsp:AppliesTo> + <wst:KeySize>128</wst:KeySize> + <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Symmetric... + <wst:RequestedSecurityToken> + <saml2:Assertion ID="ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae" IssueInstant="2010-11-11T16:34:19.602Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> + <saml2:Issuer>Test STS</saml2:Issuer> + <saml2:Subject> + <saml2:NameID NameQualifier="urn:picketlink:identity-federation">jduke</saml2:NameID> + <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:holder-of-key"> + <saml2:SubjectConfirmationData xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xsi:type="KeyInfoConfirmationDataType"> + <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> + <saml2:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> + <xenc:CipherData> + <xenc:CipherValue>oeD3q5F1smRylk8s0aECc9aQf2HBEZpLnRLAHlz2K12yZ64j6Y5QYFKOQi/gwUnqnTsu/QGSVLUtR2k4BKwBKsRJo8bNoEafkzwWqsdZ7FteZvhAJ1cCJaSyWBNznaMHLPKb5J7phw3N6lPQblJprePOU+6ivGrdomdNC8DReVs= + </xenc:CipherValue> + </xenc:CipherData> + </xenc:EncryptedKey> + </dsig:KeyInfo> + </saml2:SubjectConfirmationData> + </saml2:SubjectConfirmation> + </saml2:Subject> + <saml2:Conditions NotBefore="2010-11-11T16:34:19.602Z" NotOnOrAfter="2010-11-11T18:34:19.602Z"> + <saml2:AudienceRestriction> + <saml2:Audience>http://services.testcorp.org/provider2</saml2:Audien... + </saml2:AudienceRestriction> + </saml2:Conditions> + <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"... + <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <dsig:Reference URI="#ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae"> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature&quo... + <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>2Num77N2i/oDzItrDBA7oT39xqU=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue> +RZ15mBooDeqgbHExYz5+eWLdAerE8FW/c0kEcJ9jJZc7dIL8B0NTFkVtdJP0h0htdLqMDtKAS/0Z +nE+8bGDoZGA2oFCDD0zMLHh5iqPNkqBjVWZVYClh7pOB7+iHUbDpcYICKPQupEDkkl3BYHCHljVS +D46FGN0ARuAav0vtE8g= + </dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:KeyValue> + <dsig:RSAKeyValue> + <dsig:Modulus> +suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1 +dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJwspqVnMuRK19ju2dxpKw +lYGGtrP5VQv00dfNPbs= + </dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </dsig:KeyValue> + </dsig:KeyInfo> + </dsig:Signature> + </saml2:Assertion> + </wst:RequestedSecurityToken> + <wst:RequestedProofToken> + <wst:BinarySecret Type="http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce"&g... + </wst:RequestedProofToken> + <wst:Entropy> + <wst:BinarySecret Type="http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce"&g... + </wst:Entropy> + <wst:RequestedAttachedReference> + <wsse:SecurityTokenReference xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-se... wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-toke... xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-... + <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profi... +#ID_5cc7fe71-7d76-4615-93d7-6ecfb1e63aae + </wsse:KeyIdentifier> + </wsse:SecurityTokenReference> + </wst:RequestedAttachedReference> + </wst:RequestSecurityTokenResponse> +</wst:RequestSecurityTokenResponseCollection> Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion.xml =================================================================== --- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion.xml (rev 0) +++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-assertion.xml 2010-11-11 17:43:49 UTC (rev 552) @@ -0,0 +1,61 @@ +<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-w... + <wst:RequestSecurityTokenResponse Context="testcontext"> + <wst:TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-prof... + <wst:Lifetime> + <wsu:Created>2010-11-11T16:34:19.466Z</wsu:Created> + <wsu:Expires>2010-11-11T18:34:19.466Z</wsu:Expires> + </wst:Lifetime> + <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> + <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing"> + <wsa:Address>http://services.testcorp.org/provider2</wsa:Address> + </wsa:EndpointReference> + </wsp:AppliesTo> + <wst:KeySize>128</wst:KeySize> + <wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer<... + <wst:RequestedSecurityToken> + <saml2:Assertion ID="ID_9e316914-0934-4138-b72b-d095a02da6c0" IssueInstant="2010-11-11T16:34:19.466Z" Version="2.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> + <saml2:Issuer>Test STS</saml2:Issuer> + <saml2:Subject> + <saml2:NameID NameQualifier="urn:picketlink:identity-federation">jduke</saml2:NameID> + <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/> + </saml2:Subject> + <saml2:Conditions NotBefore="2010-11-11T16:34:19.466Z" NotOnOrAfter="2010-11-11T18:34:19.466Z"> + <saml2:AudienceRestriction> + <saml2:Audience>http://services.testcorp.org/provider2</saml2:Audien... + </saml2:AudienceRestriction> + </saml2:Conditions> + <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"... + <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <dsig:Reference URI="#ID_9e316914-0934-4138-b72b-d095a02da6c0"> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature&quo... + <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>BqUzdf4lWiqRG9YZRKjTeWI7cdg=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue> +ANyfL86/tF5t+0XKnKMv5Gd3eV+mtqRvVxekEjAoDbc4bmZ9bAz3mpmNmcOXthrk6AlwasBA+AMS +5gfHmCFXHcHhcQ2RvrfM8LtFrcxAnb2U/s7kTEJKmPRuLstjFAtA9BV3jKUTBt6siVZjMo8QP54r +XwC2SZv0gVWhyYXEdH4= + </dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:KeyValue> + <dsig:RSAKeyValue> + <dsig:Modulus> +suGIyhVTbFvDwZdx8Av62zmP+aGOlsBN8WUE3eEEcDtOIZgO78SImMQGwB2C0eIVMhiLRzVPqoW1 +dCPAveTm653zHOmubaps1fY0lLJDSZbTbhjeYhoQmmaBro/tDpVw5lKJwspqVnMuRK19ju2dxpKw +lYGGtrP5VQv00dfNPbs= + </dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </dsig:KeyValue> + </dsig:KeyInfo> + </dsig:Signature> + </saml2:Assertion> + </wst:RequestedSecurityToken> + </wst:RequestSecurityTokenResponse> +</wst:RequestSecurityTokenResponseCollection> Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-cancel.xml =================================================================== --- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-cancel.xml (rev 0) +++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-cancel.xml 2010-11-11 17:43:49 UTC (rev 552) @@ -0,0 +1,6 @@ +<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"> + <wst:RequestSecurityTokenResponse Context="cancelcontext"> + <wst:RequestedTokenCancelled/> + </wst:RequestSecurityTokenResponse> +</wst:RequestSecurityTokenResponseCollection> + Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-invalid.xml =================================================================== --- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-invalid.xml (rev 0) +++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-invalid.xml 2010-11-11 17:43:49 UTC (rev 552) @@ -0,0 +1,9 @@ +<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"> + <wst:RequestSecurityTokenResponse Context="validatecontext"> + <wst:TokenType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/St... + <wst:Status> + <wst:Code>http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/inval... + <wst:Reason>Validation failure: digital signature is invalid</wst:Reason> + </wst:Status> + </wst:RequestSecurityTokenResponse> +</wst:RequestSecurityTokenResponseCollection> Added: federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-valid.xml =================================================================== --- federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-valid.xml (rev 0) +++ federation/trunk/picketlink-fed-core/src/test/resources/parser/wst/wst-response-validate-valid.xml 2010-11-11 17:43:49 UTC (rev 552) @@ -0,0 +1,9 @@ +<wst:RequestSecurityTokenResponseCollection xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"> + <wst:RequestSecurityTokenResponse Context="validatecontext"> + <wst:TokenType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/St... + <wst:Status> + <wst:Code>http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/valid... + <wst:Reason>SAMLV2.0 Assertion successfuly validated</wst:Reason> + </wst:Status> + </wst:RequestSecurityTokenResponse> +</wst:RequestSecurityTokenResponseCollection>