Skip to content

Instantly share code, notes, and snippets.

@edewit

edewit/response.html

Created August 26, 2015 08:53
Show Gist options
  • Save edewit/c4e153ae29dace3d55da to your computer and use it in GitHub Desktop.
Save edewit/c4e153ae29dace3d55da to your computer and use it in GitHub Desktop.
Download ZIP
Raw
response.html
<HTML>
<HEAD>
<TITLE>HTTP Post Binding (Request)</TITLE>
</HEAD>
<BODY Onload="document.forms[0].submit()">
<FORM METHOD="POST" ACTION="http://localhost:8080/auth/realms/saml-demo/protocol/saml">
<INPUT TYPE="HIDDEN" NAME="SAMLRequest" VALUE="PHNhbWxwOkF1dGhuUmVxdWVzdCB4bWxuczpzYW1scD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIiB4bWxucz0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFzc2VydGlvbiIgQXNzZXJ0aW9uQ29uc3VtZXJTZXJ2aWNlVVJMPSJodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC8iIERlc3RpbmF0aW9uPSJodHRwOi8vbG9jYWxob3N0OjgwODAvYXV0aC9yZWFsbXMvc2FtbC1kZW1vL3Byb3RvY29sL3NhbWwiIEZvcmNlQXV0aG49ImZhbHNlIiBJRD0iSURfYTZlMWVhOGMtN2IzYy00YTg3LTk1MmUtNzhkOWNjOTk3MWNjIiBJc1Bhc3NpdmU9ImZhbHNlIiBJc3N1ZUluc3RhbnQ9IjIwMTUtMDgtMjZUMDg6NTI6NDkuODAyWiIgUHJvdG9jb2xCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiBWZXJzaW9uPSIyLjAiPjxzYW1sOklzc3VlciB4bWxuczpzYW1sPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5odHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC88L3NhbWw6SXNzdWVyPjxzYW1scDpOYW1lSURQb2xpY3kgQWxsb3dDcmVhdGU9InRydWUiIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6dHJhbnNpZW50Ii8+PC9zYW1scDpBdXRoblJlcXVlc3Q+"/>
<NOSCRIPT>
<P>JavaScript is disabled. We strongly recommend to enable it. Click the button below to continue.</P>
<INPUT TYPE="SUBMIT" VALUE="CONTINUE" />
</NOSCRIPT>
</FORM>
</BODY>
</HTML>
@edewit
Copy link
Author

edewit commented Aug 26, 2015

the SAMLRequest is base64 encoded xml if you decode it it reads:

<samlp:AuthnRequest xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns="urn:oasis:names:tc:SAML:2.0:assertion" AssertionConsumerServiceURL="http://localhost:8080/sales-post/" Destination="http://localhost:8080/auth/realms/saml-demo/protocol/saml" ForceAuthn="false" ID="ID_a6e1ea8c-7b3c-4a87-952e-78d9cc9971cc" IsPassive="false" IssueInstant="2015-08-26T08:52:49.802Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0">
  <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">http://localhost:8080/sales-post/</saml:Issuer>
  <samlp:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"/>
</samlp:AuthnRequest>

@edewit
Copy link
Author

edewit commented Aug 26, 2015

if you are logged in you get the following result:

<HTML>
  <HEAD>
    <TITLE>HTTP Post Binding Response (Response)</TITLE>
  </HEAD>
  <BODY Onload="document.forms[0].submit()">
    <FORM METHOD="POST" ACTION="http://localhost:8080/sales-post/">
      <INPUT TYPE="HIDDEN" NAME="SAMLResponse" VALUE="PHNhbWxwOlJlc3BvbnNlIHhtbG5zOnNhbWxwPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6cHJvdG9jb2wiIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIERlc3RpbmF0aW9uPSJodHRwOi8vbG9jYWxob3N0OjgwODAvc2FsZXMtcG9zdC8iIElEPSJJRF9hMmE5YWJmYy1iOGRiLTRiYzAtYTYxNy03NjA3ZDIzMmYzNjAiIEluUmVzcG9uc2VUbz0iSURfNWIyMzIyMWMtOTQ4Zi00OTU2LTkyMTUtNDE5ZGVhNTAyZWI4IiBJc3N1ZUluc3RhbnQ9IjIwMTUtMDgtMjZUMDg6NTY6NDIuNDQzWiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL3NhbWwtZGVtbzwvc2FtbDpJc3N1ZXI+PHNhbWxwOlN0YXR1cz48c2FtbHA6U3RhdHVzQ29kZSBWYWx1ZT0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnN0YXR1czpTdWNjZXNzIi8+PC9zYW1scDpTdGF0dXM+PHNhbWw6QXNzZXJ0aW9uIHhtbG5zPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIiBJRD0iSURfN2RiODZlMDctOTdjMy00NWJhLThkZDctZTZlODQ0YWVlYjNlIiBJc3N1ZUluc3RhbnQ9IjIwMTUtMDgtMjZUMDg6NTY6NDIuNDQyWiIgVmVyc2lvbj0iMi4wIj48c2FtbDpJc3N1ZXI+aHR0cDovL2xvY2FsaG9zdDo4MDgwL2F1dGgvcmVhbG1zL3NhbWwtZGVtbzwvc2FtbDpJc3N1ZXI+PHNhbWw6U3ViamVjdD48c2FtbDpOYW1lSUQgRm9ybWF0PSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6bmFtZWlkLWZvcm1hdDp0cmFuc2llbnQiPkctOWUzM2EwZmItZmU4MS00ZDkwLWE3MzktYjhhY2I5ZTRlNTU0PC9zYW1sOk5hbWVJRD48c2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uIE1ldGhvZD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmNtOmJlYXJlciI+PHNhbWw6U3ViamVjdENvbmZpcm1hdGlvbkRhdGEgSW5SZXNwb25zZVRvPSJJRF81YjIzMjIxYy05NDhmLTQ5NTYtOTIxNS00MTlkZWE1MDJlYjgiIE5vdE9uT3JBZnRlcj0iMjAxNS0wOC0yNlQwOTowMTo0MC40NDJaIiBSZWNpcGllbnQ9Imh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9zYWxlcy1wb3N0LyIvPjwvc2FtbDpTdWJqZWN0Q29uZmlybWF0aW9uPjwvc2FtbDpTdWJqZWN0PjxzYW1sOkNvbmRpdGlvbnMgTm90QmVmb3JlPSIyMDE1LTA4LTI2VDA4OjU2OjQwLjQ0MloiIE5vdE9uT3JBZnRlcj0iMjAxNS0wOC0yNlQwODo1Nzo0MC40NDJaIj48c2FtbDpBdWRpZW5jZVJlc3RyaWN0aW9uPjxzYW1sOkF1ZGllbmNlPmh0dHA6Ly9sb2NhbGhvc3Q6ODA4MC9zYWxlcy1wb3N0Lzwvc2FtbDpBdWRpZW5jZT48L3NhbWw6QXVkaWVuY2VSZXN0cmljdGlvbj48L3NhbWw6Q29uZGl0aW9ucz48c2FtbDpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTUtMDgtMjZUMDg6NTY6NDIuNDQ0WiIgU2Vzc2lvbkluZGV4PSJhY2I2MzYwOC1lMzdjLTQwZmMtODFjYi00MjY3ZWQwMjk2OWQiPjxzYW1sOkF1dGhuQ29udGV4dD48c2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj51cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YWM6Y2xhc3Nlczp1bnNwZWNpZmllZDwvc2FtbDpBdXRobkNvbnRleHRDbGFzc1JlZj48L3NhbWw6QXV0aG5Db250ZXh0Pjwvc2FtbDpBdXRoblN0YXRlbWVudD48c2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PHNhbWw6QXR0cmlidXRlIE5hbWU9IlJvbGUiIE5hbWVGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphdHRybmFtZS1mb3JtYXQ6YmFzaWMiPjxzYW1sOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSIgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+bWFuYWdlcjwvc2FtbDpBdHRyaWJ1dGVWYWx1ZT48L3NhbWw6QXR0cmlidXRlPjwvc2FtbDpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9zYW1sOkFzc2VydGlvbj48L3NhbWxwOlJlc3BvbnNlPg=="/>
      <NOSCRIPT>
        <P>JavaScript is disabled. We strongly recommend to enable it. Click the button below to continue.</P>
        <INPUT TYPE="SUBMIT" VALUE="CONTINUE" />
      </NOSCRIPT>
    </FORM>
  </BODY>
</HTML>

@edewit
Copy link
Author

edewit commented Aug 26, 2015

SAMLResponse:

<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Destination="http://localhost:8080/sales-post/" ID="ID_a2a9abfc-b8db-4bc0-a617-7607d232f360" InResponseTo="ID_5b23221c-948f-4956-9215-419dea502eb8" IssueInstant="2015-08-26T08:56:42.443Z" Version="2.0">
  <saml:Issuer>http://localhost:8080/auth/realms/saml-demo</saml:Issuer>
  <samlp:Status>
    <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  </samlp:Status>
  <saml:Assertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion" ID="ID_7db86e07-97c3-45ba-8dd7-e6e844aeeb3e" IssueInstant="2015-08-26T08:56:42.442Z" Version="2.0">
    <saml:Issuer>http://localhost:8080/auth/realms/saml-demo</saml:Issuer>
    <saml:Subject>
      <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">G-9e33a0fb-fe81-4d90-a739-b8acb9e4e554</saml:NameID>
      <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
        <saml:SubjectConfirmationData InResponseTo="ID_5b23221c-948f-4956-9215-419dea502eb8" NotOnOrAfter="2015-08-26T09:01:40.442Z" Recipient="http://localhost:8080/sales-post/"/>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Conditions NotBefore="2015-08-26T08:56:40.442Z" NotOnOrAfter="2015-08-26T08:57:40.442Z">
      <saml:AudienceRestriction>
        <saml:Audience>http://localhost:8080/sales-post/</saml:Audience>
      </saml:AudienceRestriction>
    </saml:Conditions>
    <saml:AuthnStatement AuthnInstant="2015-08-26T08:56:42.444Z" SessionIndex="acb63608-e37c-40fc-81cb-4267ed02969d">
      <saml:AuthnContext>
        <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</saml:AuthnContextClassRef>
      </saml:AuthnContext>
    </saml:AuthnStatement>
    <saml:AttributeStatement>
      <saml:Attribute Name="Role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
        <saml:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">manager</saml:AttributeValue>
      </saml:Attribute>
    </saml:AttributeStatement>
  </saml:Assertion>
</samlp:Response>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment