mirror of
https://github.com/unikent-ms1/simple-soap-ecp-test.git
synced 2025-01-22 09:19:59 +00:00
initial commit
This commit is contained in:
Matthew Slowe
commit
3e5e9beef0
28
README.md
Normal file
28
README.md
Normal file
@ -0,0 +1,28 @@
|
||||
Simple SOAP ECP Test
|
||||
====================
|
||||
|
||||
This simple script performs a test on a Basic Auth protected SAML2 ECP endpoint.
|
||||
|
||||
Usage
|
||||
-----
|
||||
|
||||
The script defaults to impersonating an Office365 Azure based SP. Override by specifying the EntityID of the SP you wish to impersonate in the ```ENTITYID``` environment variable.
|
||||
|
||||
You also need to specify the registered endpoint that the request is pretending to come from. Again, this defaults to the Office365 endpoint. Override with ```ENDPOINT```.
|
||||
|
||||
You *MUST* specify a ```URL``` to make the request against. For a Shibboleth IDP this probably looks like ```https://idp.example.com/idp/profile/SAML2/SOAP/ECP```.
|
||||
|
||||
Example
|
||||
-------
|
||||
|
||||
**The values for ```ENTITYID``` and ```ENDPOINT``` are the defaults.**
|
||||
|
||||
```
|
||||
CRED=user:pass \
|
||||
ENTITYID=urn:federation:MicrosoftOnline \
|
||||
ENDPOINT=https://login.microsoftonline.com/login.srf \
|
||||
URL=https://idp.example.com/idp/profile/SAML2/SOAP/ECP \
|
||||
bash test.sh | xmllint --pretty 1 -
|
||||
```
|
||||
|
||||
|
||||
22
template.xml
Normal file
22
template.xml
Normal file
@ -0,0 +1,22 @@
|
||||
<SOAP-ENV:Envelope
|
||||
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
|
||||
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
|
||||
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
|
||||
xmlns:ecp="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp">
|
||||
<SOAP-ENV:Header>
|
||||
</SOAP-ENV:Header>
|
||||
<SOAP-ENV:Body>
|
||||
<samlp:AuthnRequest
|
||||
ID="__RANDOM_STRING__"
|
||||
ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
|
||||
AssertionConsumerServiceURL="__AssertionConsumerServiceURL__"
|
||||
IssueInstant="__NOW__"
|
||||
Version="2.0"
|
||||
>
|
||||
<saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
|
||||
__REMOTE_ENTITYID__
|
||||
</saml:Issuer>
|
||||
<samlp:NameIDPolicy AllowCreate="1"/>
|
||||
</samlp:AuthnRequest>
|
||||
</SOAP-ENV:Body>
|
||||
</SOAP-ENV:Envelope>
|
||||
29
test.sh
Executable file
29
test.sh
Executable file
@ -0,0 +1,29 @@
|
||||
#!/bin/bash
|
||||
|
||||
### Simple SOAP ECP Test
|
||||
|
||||
TEMPLATE=template.xml
|
||||
NOW=$(date -u '+%FT%H:%M:%SZ')
|
||||
ID=$(echo "${NOW}-$$" | shasum | cut -d ' ' -f 1)
|
||||
ENTITYID=${ENTITYID:-urn:federation:MicrosoftOnline}
|
||||
ENDPOINT=${ENDPOINT:-https://login.microsoftonline.com/login.srf}
|
||||
URL=${URL:-http://localhost/}
|
||||
|
||||
CRED=${CRED:-anonymous:anonymous}
|
||||
|
||||
ENDPOINT_ESCAPED="$(echo $ENDPOINT | sed -e 's/[\/&]/\\&/g')"
|
||||
|
||||
REQUEST=$(cat $TEMPLATE |
|
||||
sed "s/__NOW__/$NOW/" |
|
||||
sed "s/__RANDOM_STRING__/$ID/" |
|
||||
sed "s/__REMOTE_ENTITYID__/$ENTITYID/" |
|
||||
sed "s/__AssertionConsumerServiceURL__/$ENDPOINT_ESCAPED/")
|
||||
|
||||
echo $REQUEST | xmllint --pretty 1 -
|
||||
|
||||
echo $REQUEST |
|
||||
curl -k \
|
||||
-d @- \
|
||||
-H "Content-Type: application/vnd.paos+xml" \
|
||||
--basic -u $CRED \
|
||||
$URL
|
||||
Loading…
x
Reference in New Issue
Block a user