suraquis

SAML response (ADFS to Keycloak), real data obscured

Mar 1st, 2021
841
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <samlp:Response ID="_0b2ab095-dbea-4dcd-ba5b-71472ce271b8" Version="2.0" IssueInstant="2021-03-01T11:48:03.879Z" Destination="https://keycloak.example.com/auth/realms/sandbox/broker/sandbox-adfs16/endpoint" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified">
  2. <Issuer>
  3. http://sandbox-adfs16.example.com/adfs/services/trust
  4. </Issuer>
  5. <samlp:Status>
  6. <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  7. </samlp:Status>
  8. <Assertion ID="_e36e681e-19d2-4380-a7dc-96780eff3fbd" IssueInstant="2021-03-01T11:48:03.879Z" Version="2.0">
  9. <Issuer>
  10. http://sandbox-adfs16.example.com/adfs/services/trust
  11. </Issuer>
  12. <ds:Signature>
  13. <ds:SignedInfo>
  14. <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  15. <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
  16. <ds:Reference URI="#_e36e681e-19d2-4380-a7dc-96780eff3fbd">
  17. <ds:Transforms>
  18. <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
  19. <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  20. </ds:Transforms>
  21. <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
  22. <ds:DigestValue>9+l6EJliL2NBH+Zidku4rSQ2D6y8oX0T2+A19Wg7bL0=</ds:DigestValue>
  23. </ds:Reference>
  24. </ds:SignedInfo>
  25. <ds:SignatureValue>
  26. (removed)
  27. </ds:SignatureValue>
  28. <KeyInfo>
  29. <ds:X509Data>
  30. <ds:X509Certificate>
  31. (removed)
  32. </ds:X509Certificate>
  33. </ds:X509Data>
  34. </KeyInfo>
  35. </ds:Signature>
  36. <Subject>
  37. <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName">SANDBOX-ADFS16\adfsuser1</NameID>
  38. <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
  39. <SubjectConfirmationData NotOnOrAfter="2021-03-01T11:53:03.879Z" Recipient="https://keycloak.example.com/auth/realms/sandbox/broker/sandbox-adfs16/endpoint"/>
  40. </SubjectConfirmation>
  41. </Subject>
  42. <Conditions NotBefore="2021-03-01T11:48:03.879Z" NotOnOrAfter="2021-03-01T12:48:03.879Z">
  43. <AudienceRestriction>
  44. <Audience>https://keycloak.example.com/auth/realms/sandbox</Audience>
  45. </AudienceRestriction>
  46. </Conditions>
  47. <AttributeStatement>
  48. <Attribute Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname">
  49. <AttributeValue>adfsuser1</AttributeValue>
  50. </Attribute>
  51. </AttributeStatement>
  52. <AuthnStatement AuthnInstant="2021-03-01T11:33:53.567Z" SessionIndex="_e36e681e-19d2-4380-a7dc-96780eff3fbd">
  53. <AuthnContext>
  54. <AuthnContextClassRef>
  55. urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
  56. </AuthnContextClassRef>
  57. </AuthnContext>
  58. </AuthnStatement>
  59. </Assertion>
  60. </samlp:Response>
  61.  
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×