-
Notifications
You must be signed in to change notification settings - Fork 4
/
keycloak_saml_response.xml
126 lines (126 loc) · 10.2 KB
/
keycloak_saml_response.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
Destination="https://signin.aws.amazon.com/saml" ID="ID_ce1aec42-6d1a-4ea2-b37d-1c552d93586d"
IssueInstant="2020-12-06T10:43:56.880Z" Version="2.0">
<saml:Issuer>http://localhost:8888/auth/realms/master</saml:Issuer>
<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<dsig:SignedInfo>
<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<dsig:Reference URI="#ID_ce1aec42-6d1a-4ea2-b37d-1c552d93586d">
<dsig:Transforms>
<dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<dsig:DigestValue>6jtiYOvN8KfbtkhydQfWwNt06S6rRtAKpHW06t98HJ4=</dsig:DigestValue>
</dsig:Reference>
</dsig:SignedInfo>
<dsig:SignatureValue>
rt4ATUsVZzyocm+1UjxTb9QfooF73e7tkGTnsEfZTLH3vqKywCkPwgGdX6M4xxHW8pNz5iBSS4gw/b2zu7+MfnP1yE19T+0uCoLQMfVEx4zroHd39ILdZYn0LhW8H/5NDOYG7Z6Mcgekl5c9Y97OkVWgKo60RsX7Prntv3NOLO4gxpd7sBj29YtCOYMwe1DgLSCdKPUiKaVhxfVDHHsV3HU97omtoG4m3YbINTuu0au+zTMOfB7r6yLREnhABhRQR5Q1HgSdG4KJXjz4N1zsuSxF1wXQf0oRz3/IyEIYMXvENfY4nkDlYmm2QNP+WtNaFH2BdvCa1xYuZMOzWZzdGQ==
</dsig:SignatureValue>
<dsig:KeyInfo>
<dsig:KeyName>x3XW_ih67i2tvaa_4U4HxS7NXwT68I7zuYyyfTOuMJE</dsig:KeyName>
<dsig:X509Data>
<dsig:X509Certificate>
MIICmzCCAYMCBgF2H/bTZjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjAxMjAxMjAxODU4WhcNMzAxMjAxMjAyMDM4WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3AQ9FgURVIH+vFAe/k7lZMR4Gsc6iffReahFk9H8G1xyRd0tsEN5n1MWxLHdafvGkEjZz6LviTMYydX9UHdx5z2MUl6oFRD1X9qEMhqb5n/nUwNAWIcbof54qeeCOwQN9addD4dQb9ckQXJC+mQGTMPHXC9OZiePEbS8GdSXc8bTSFN+l0cJTURcnUN7GpJb+gle0rRbr99WfqySvLoqrw2EYVAegNfQL2cv5onIZ/tq0q5pk9dhyEkOeS+qk9yi9T9M2KoHq+D6SogsvNaYLD9GEVsN5wiiz4vLaQzQwE0+9xH2RT9kFSCKvsRqfFl7QY607kwTcfJRIlw/ww4YZAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJgZ70TD5EkfJHxHRtoNeCl0ILYTQOR/pEAIlUSi5Hia/1QQY/w7vhyyFOXcxSPr3TI+cnxzKA8HY693QfH/2+3vTTljlmI2rVuulpQ4JV7cUtqWgqzP989okArXKr/j+rbQHYcHxC6jl1QWXVa0wCqWNpQeGluyyTS/n0UrkX6WRTAHDl29Z4zP7vVSp95uOxotsN3T9XbdozGDs4jDIzjzvcFSgyEthlE3Mhe1sl66whMmLYrishIGS165STpyWmppEdXZLQR9gdXvpd8dZu20Z0mgRMVlTwWWHqNj8kQ4TRGCpoZIMMUKvUHAsUgjDbjWc8KM5Okb5DmjzNeqMAg=
</dsig:X509Certificate>
</dsig:X509Data>
<dsig:KeyValue>
<dsig:RSAKeyValue>
<dsig:Modulus>
twEPRYFEVSB/rxQHv5O5WTEeBrHOon30XmoRZPR/BtcckXdLbBDeZ9TFsSx3Wn7xpBI2c+i74kzGMnV/VB3cec9jFJeqBUQ9V/ahDIam+Z/51MDQFiHG6H+eKnngjsEDfWnXQ+HUG/XJEFyQvpkBkzDx1wvTmYnjxG0vBnUl3PG00hTfpdHCU1EXJ1DexqSW/oJXtK0W6/fVn6skry6Kq8NhGFQHoDX0C9nL+aJyGf7atKuaZPXYchJDnkvqpPcovU/TNiqB6vg+kqILLzWmCw/RhFbDecIos+Ly2kM0MBNPvcR9kU/ZBUgir7EanxZe0GOtO5ME3HyUSJcP8MOGGQ==
</dsig:Modulus>
<dsig:Exponent>AQAB</dsig:Exponent>
</dsig:RSAKeyValue>
</dsig:KeyValue>
</dsig:KeyInfo>
</dsig:Signature>
<samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</samlp:Status>
<saml:Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="ID_109a16c9-4928-4aee-a438-a617ebeb39fa"
IssueInstant="2020-12-06T10:43:56.880Z" Version="2.0">
<saml:Issuer>http://localhost:8888/auth/realms/master</saml:Issuer>
<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
<dsig:SignedInfo>
<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<dsig:Reference URI="#ID_109a16c9-4928-4aee-a438-a617ebeb39fa">
<dsig:Transforms>
<dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<dsig:DigestValue>6cKd6YcnCIu+Okl5WpLvGV9QgsZsa+Z0eCE/xH7HrOM=</dsig:DigestValue>
</dsig:Reference>
</dsig:SignedInfo>
<dsig:SignatureValue>
gVWp6mEHwoTejn/IbGd76rasGkyIj31MTi4xQQxLglwSC2gbagVYmiGSU9LRXNxjzgK5gm3r9b88ZT1PtLunYCkmiA+RgKzOuZqWZKi2ykIGQpdJD9DkFj1bvjL5Fwucbp//+/cosdo8dJbJAybKVu5EL+IYFxC7loqJzsCgwBr7zRk5F3Dn6tbjsnsbN5+Wx1ykwC4zolp2zdot+4fH2tKaFoGT1ZFQaxw/zIaveuVgR1vy9agg4sn7PAGMHQU/B0tib2kllC2+AjJiPqwFT9y5Yp9MdDaztIcr0oVMefzCFk6I+EwcGtWh8j+bKEAjXF3QzG+RlP2DUktavkTj0w==
</dsig:SignatureValue>
<dsig:KeyInfo>
<dsig:KeyName>x3XW_ih67i2tvaa_4U4HxS7NXwT68I7zuYyyfTOuMJE</dsig:KeyName>
<dsig:X509Data>
<dsig:X509Certificate>
MIICmzCCAYMCBgF2H/bTZjANBgkqhkiG9w0BAQsFADARMQ8wDQYDVQQDDAZtYXN0ZXIwHhcNMjAxMjAxMjAxODU4WhcNMzAxMjAxMjAyMDM4WjARMQ8wDQYDVQQDDAZtYXN0ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3AQ9FgURVIH+vFAe/k7lZMR4Gsc6iffReahFk9H8G1xyRd0tsEN5n1MWxLHdafvGkEjZz6LviTMYydX9UHdx5z2MUl6oFRD1X9qEMhqb5n/nUwNAWIcbof54qeeCOwQN9addD4dQb9ckQXJC+mQGTMPHXC9OZiePEbS8GdSXc8bTSFN+l0cJTURcnUN7GpJb+gle0rRbr99WfqySvLoqrw2EYVAegNfQL2cv5onIZ/tq0q5pk9dhyEkOeS+qk9yi9T9M2KoHq+D6SogsvNaYLD9GEVsN5wiiz4vLaQzQwE0+9xH2RT9kFSCKvsRqfFl7QY607kwTcfJRIlw/ww4YZAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJgZ70TD5EkfJHxHRtoNeCl0ILYTQOR/pEAIlUSi5Hia/1QQY/w7vhyyFOXcxSPr3TI+cnxzKA8HY693QfH/2+3vTTljlmI2rVuulpQ4JV7cUtqWgqzP989okArXKr/j+rbQHYcHxC6jl1QWXVa0wCqWNpQeGluyyTS/n0UrkX6WRTAHDl29Z4zP7vVSp95uOxotsN3T9XbdozGDs4jDIzjzvcFSgyEthlE3Mhe1sl66whMmLYrishIGS165STpyWmppEdXZLQR9gdXvpd8dZu20Z0mgRMVlTwWWHqNj8kQ4TRGCpoZIMMUKvUHAsUgjDbjWc8KM5Okb5DmjzNeqMAg=
</dsig:X509Certificate>
</dsig:X509Data>
<dsig:KeyValue>
<dsig:RSAKeyValue>
<dsig:Modulus>
twEPRYFEVSB/rxQHv5O5WTEeBrHOon30XmoRZPR/BtcckXdLbBDeZ9TFsSx3Wn7xpBI2c+i74kzGMnV/VB3cec9jFJeqBUQ9V/ahDIam+Z/51MDQFiHG6H+eKnngjsEDfWnXQ+HUG/XJEFyQvpkBkzDx1wvTmYnjxG0vBnUl3PG00hTfpdHCU1EXJ1DexqSW/oJXtK0W6/fVn6skry6Kq8NhGFQHoDX0C9nL+aJyGf7atKuaZPXYchJDnkvqpPcovU/TNiqB6vg+kqILLzWmCw/RhFbDecIos+Ly2kM0MBNPvcR9kU/ZBUgir7EanxZe0GOtO5ME3HyUSJcP8MOGGQ==
</dsig:Modulus>
<dsig:Exponent>AQAB</dsig:Exponent>
</dsig:RSAKeyValue>
</dsig:KeyValue>
</dsig:KeyInfo>
</dsig:Signature>
<saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">
G-6ea85412-d427-4a07-a5dc-b7344aa763ec
</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData NotOnOrAfter="2020-12-06T10:44:54.880Z"
Recipient="https://signin.aws.amazon.com/saml"/>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:Conditions NotBefore="2020-12-06T10:43:54.880Z" NotOnOrAfter="2020-12-06T10:44:54.880Z">
<saml:AudienceRestriction>
<saml:Audience>urn:amazon:webservices</saml:Audience>
</saml:AudienceRestriction>
</saml:Conditions>
<saml:AuthnStatement AuthnInstant="2020-12-06T10:43:56.880Z"
SessionIndex="54256235-ebfd-4884-96f8-8a069e7675df::2e592dad-b2fc-4a5f-9c76-40a1cf860e29"
SessionNotOnOrAfter="2020-12-06T20:43:56.880Z">
<saml:AuthnContext>
<saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified
</saml:AuthnContextClassRef>
</saml:AuthnContext>
</saml:AuthnStatement>
<saml:AttributeStatement>
<saml:Attribute FriendlyName="Session Duration"
Name="https://aws.amazon.com/SAML/Attributes/SessionDuration"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">28800
</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="Session Name" Name="https://aws.amazon.com/SAML/Attributes/RoleSessionName"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">admin
</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="Session Role" Name="https://aws.amazon.com/SAML/Attributes/Role"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">
arn:aws:iam::000000000000:role/Role.User,arn:aws:iam::000000000000:saml-provider/SamlExampleProvider
</saml:AttributeValue>
<saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">
arn:aws:iam::000000000000:role/Role.Admin,arn:aws:iam::000000000000:saml-provider/SamlExampleProvider
</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</samlp:Response>