Merge branch 'master' into master

Versent · Nov 5, 2020 · c547c9f · c547c9f
2 parents 2a544fa + ce9de80
commit c547c9f
Show file tree

Hide file tree

Showing 3 changed files with 33 additions and 17 deletions.
diff --git a/pkg/provider/keycloak/example/assertion.html b/pkg/provider/keycloak/example/assertion.html
@@ -7,6 +7,7 @@
 
 <BODY Onload="document.forms[0].submit()">
     <FORM METHOD="POST" ACTION="https://signin.aws.amazon.com/saml">
+        <INPUT TYPE="BUTTON" VALUE="Click"/>
         <INPUT TYPE="HIDDEN" NAME="SAMLResponse" VALUE="abc123"
         />
         <NOSCRIPT>

diff --git a/pkg/provider/keycloak/keycloak.go b/pkg/provider/keycloak/keycloak.go
@@ -70,23 +70,7 @@ func (kc *Client) Authenticate(loginDetails *creds.LoginDetails) (string, error)
 		}
 	}
 
-	var samlAssertion string
-
-	doc.Find("input").Each(func(i int, s *goquery.Selection) {
-		name, ok := s.Attr("name")
-		if !ok {
-			log.Fatalf("unable to locate IDP authentication form submit URL")
-		}
-		if name == "SAMLResponse" {
-			val, ok := s.Attr("value")
-			if !ok {
-				log.Fatalf("unable to locate saml assertion value")
-			}
-			samlAssertion = val
-		}
-	})
-
-	return samlAssertion, nil
+	return extractSamlResponse(doc), nil
 }
 
 func (kc *Client) getLoginForm(loginDetails *creds.LoginDetails) (string, url.Values, error) {
@@ -197,6 +181,27 @@ func extractSubmitURL(doc *goquery.Document) (string, error) {
 	return submitURL, nil
 }
 
+func extractSamlResponse(doc *goquery.Document) string {
+	var samlAssertion string
+
+	doc.Find("input").Each(func(i int, s *goquery.Selection) {
+		name, ok := s.Attr("name")
+		if ( ok && name == "SAMLResponse" ) {
+			val, ok := s.Attr("value")
+			if !ok {
+				log.Fatalf("unable to locate saml assertion value")
+			}
+			samlAssertion = val
+		}
+	})
+
+	if samlAssertion == "" {
+		log.Fatalf("unable to locate saml response field")
+	}
+
+	return samlAssertion
+}
+
 func containsTotpForm(doc *goquery.Document) bool {
 	// search totp field at Keycloak < 8.0.1
 	totpIndex := doc.Find("input#totp").Index()

diff --git a/pkg/provider/keycloak/keycloak_test.go b/pkg/provider/keycloak/keycloak_test.go
@@ -156,6 +156,16 @@ func TestClient_postTotpFormWithProvidedMFAToken(t *testing.T) {
 	pr.Mock.AssertNumberOfCalls(t, "RequestSecurityCode", 0)
 }
 
+func TestClient_extractSamlResponse(t *testing.T) {
+	data, err := ioutil.ReadFile("example/assertion.html")
+	require.Nil(t, err)
+
+	doc, err := goquery.NewDocumentFromReader(bytes.NewReader(data))
+	require.Nil(t, err)
+
+	require.Equal(t, extractSamlResponse(doc), "abc123")
+}
+
 func TestClient_containsTotpForm(t *testing.T) {
 	data, err := ioutil.ReadFile("example/mfapage.html")
 	require.Nil(t, err)