mafoo.org.uk/simple-soap-ecp-test
1
0
Fork 0
mirror of https://github.com/unikent-ms1/simple-soap-ecp-test.git synced 2025-01-22 09:19:59 +00:00
Code Issues Projects Releases Wiki Activity

initial commit

Browse Source
This commit is contained in:
Matthew Slowe 2016-07-08 09:01:25 +01:00
commit 3e5e9beef0
3 changed files with 79 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
README.md Normal file
View File

@ -0,0 +1,28 @@
Simple SOAP ECP Test
====================
This simple script performs a test on a Basic Auth protected SAML2 ECP endpoint.
Usage
-----
The script defaults to impersonating an Office365 Azure based SP. Override by specifying the EntityID of the SP you wish to impersonate in the ```ENTITYID``` environment variable.
You also need to specify the registered endpoint that the request is pretending to come from. Again, this defaults to the Office365 endpoint. Override with ```ENDPOINT```.
You *MUST* specify a ```URL``` to make the request against. For a Shibboleth IDP this probably looks like ```https://idp.example.com/idp/profile/SAML2/SOAP/ECP```.
Example
-------
**The values for ```ENTITYID``` and ```ENDPOINT``` are the defaults.**
```
CRED=user:pass \
ENTITYID=urn:federation:MicrosoftOnline \
ENDPOINT=https://login.microsoftonline.com/login.srf \
URL=https://idp.example.com/idp/profile/SAML2/SOAP/ECP \
bash test.sh | xmllint --pretty 1 -
```

22
template.xml Normal file
View File

@ -0,0 +1,22 @@
<SOAP-ENV:Envelope
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp">
<SOAP-ENV:Header>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<samlp:AuthnRequest
ID="__RANDOM_STRING__"
ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
AssertionConsumerServiceURL="__AssertionConsumerServiceURL__"
IssueInstant="__NOW__"
Version="2.0"
>
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
__REMOTE_ENTITYID__
</saml:Issuer>
<samlp:NameIDPolicy AllowCreate="1"/>
</samlp:AuthnRequest>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

29
test.sh Executable file
View File

@ -0,0 +1,29 @@
#!/bin/bash
### Simple SOAP ECP Test
TEMPLATE=template.xml
NOW=$(date -u '+%FT%H:%M:%SZ')
ID=$(echo "${NOW}-$$" | shasum | cut -d ' ' -f 1)
ENTITYID=${ENTITYID:-urn:federation:MicrosoftOnline}
ENDPOINT=${ENDPOINT:-https://login.microsoftonline.com/login.srf}
URL=${URL:-http://localhost/}
CRED=${CRED:-anonymous:anonymous}
ENDPOINT_ESCAPED="$(echo $ENDPOINT | sed -e 's/[\/&]/\\&/g')"
REQUEST=$(cat $TEMPLATE |
sed "s/__NOW__/$NOW/" |
sed "s/__RANDOM_STRING__/$ID/" |
sed "s/__REMOTE_ENTITYID__/$ENTITYID/" |
sed "s/__AssertionConsumerServiceURL__/$ENDPOINT_ESCAPED/")
echo $REQUEST | xmllint --pretty 1 -
echo $REQUEST |
curl -k \
-d @- \
-H "Content-Type: application/vnd.paos+xml" \
--basic -u $CRED \
$URL