suraquis

SAML response (ADFS to Keycloak), real data obscured

Mar 1st, 2021
904
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. <samlp:Response ID="_0b2ab095-dbea-4dcd-ba5b-71472ce271b8" Version="2.0" IssueInstant="2021-03-01T11:48:03.879Z" Destination="https://keycloak.example.com/auth/realms/sandbox/broker/sandbox-adfs16/endpoint" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified">
  2. <Issuer>
  3. http://sandbox-adfs16.example.com/adfs/services/trust
  4. </Issuer>
  5. <samlp:Status>
  6. <samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
  7. </samlp:Status>
  8. <Assertion ID="_e36e681e-19d2-4380-a7dc-96780eff3fbd" IssueInstant="2021-03-01T11:48:03.879Z" Version="2.0">
  9. <Issuer>
  10. http://sandbox-adfs16.example.com/adfs/services/trust
  11. </Issuer>
  12. <ds:Signature>
  13. <ds:SignedInfo>
  14. <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  15. <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
  16. <ds:Reference URI="#_e36e681e-19d2-4380-a7dc-96780eff3fbd">
  17. <ds:Transforms>
  18. <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
  19. <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  20. </ds:Transforms>
  21. <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
  22. <ds:DigestValue>9+l6EJliL2NBH+Zidku4rSQ2D6y8oX0T2+A19Wg7bL0=</ds:DigestValue>
  23. </ds:Reference>
  24. </ds:SignedInfo>
  25. <ds:SignatureValue>
  26. (removed)
  27. </ds:SignatureValue>
  28. <KeyInfo>
  29. <ds:X509Data>
  30. <ds:X509Certificate>
  31. (removed)
  32. </ds:X509Certificate>
  33. </ds:X509Data>
  34. </KeyInfo>
  35. </ds:Signature>
  36. <Subject>
  37. <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName">SANDBOX-ADFS16\adfsuser1</NameID>
  38. <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
  39. <SubjectConfirmationData NotOnOrAfter="2021-03-01T11:53:03.879Z" Recipient="https://keycloak.example.com/auth/realms/sandbox/broker/sandbox-adfs16/endpoint"/>
  40. </SubjectConfirmation>
  41. </Subject>
  42. <Conditions NotBefore="2021-03-01T11:48:03.879Z" NotOnOrAfter="2021-03-01T12:48:03.879Z">
  43. <AudienceRestriction>
  44. <Audience>https://keycloak.example.com/auth/realms/sandbox</Audience>
  45. </AudienceRestriction>
  46. </Conditions>
  47. <AttributeStatement>
  48. <Attribute Name="http://schemas.microsoft.com/2012/12/certificatecontext/field/subjectname">
  49. <AttributeValue>adfsuser1</AttributeValue>
  50. </Attribute>
  51. </AttributeStatement>
  52. <AuthnStatement AuthnInstant="2021-03-01T11:33:53.567Z" SessionIndex="_e36e681e-19d2-4380-a7dc-96780eff3fbd">
  53. <AuthnContext>
  54. <AuthnContextClassRef>
  55. urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport
  56. </AuthnContextClassRef>
  57. </AuthnContext>
  58. </AuthnStatement>
  59. </Assertion>
  60. </samlp:Response>
  61.  
RAW Paste Data