Forum Discussion

ohaya's avatar
ohaya
Contributor
7 years ago

SOLVED-Trying to get the SAML <Assertion> element from a response to Transfer property

Hi,

 

I am trying to get the signed SAML <Assertion> element from a response to one test step in one test case into a Transfer property, so that I can inject that assertion into the body of a request in a test step in another test case.

 

I am actually able to successfully ALMOST do that, but the problem I am running into is that the <Assertion> that I extracted appears to be stripped of all new lines, so the extracted <Assertion> is no longer valid, because the signature fails.

 

I have tried several ways so far, but no success:

 

- The straightforward approach - just putting a transfer property with the Xpath to find the <Assertion> - result was the transfer property had no new lines.

 

- Use a scripted assertion + transfer property - I used a scripted assertion to set a property:

 

def myVar = messageExchange.getResponseContentAsXml().toString()
log.info myVar

context.testCase.setPropertyValue('MSG_ID', myVar)

 

Then, I had the Xpath in a transfer property against the property 'MSG_ID' 

 

Result was the same as the straightforward approach, i.e., new lines were gone from the transfer property.

 

Does anyone know how to make this work?  From searching, this (getting the raw response) seems to be a fairly common problem/scenario, but is there actually a way to do this with SOAPUI?

 

Thanks,

Jim

 

EDIT: I am using SOAPUI 5.3.0

  • Hi,

     

    Sort of answering my original question, the following in a groovy script step seems to be able to get the raw response:

     

    def rawResponse = testRunner.testCase.testSteps["TC1 - NoAttribs"].testRequest.response.rawResponseData
    log.info new String(rawResponse)

    However, the rawResponse has not just the XML I am interested in, but also the HTTP response headers, etc.:

     

    Wed Apr 04 14:36:19 EDT 2018:INFO:HTTP/1.1 200 OK
    Server: Apache-Coyote/1.1
    Connection: close
    Content-Type: text/xml;charset=UTF-8
    Content-Length: 4249
    Date: Wed, 04 Apr 2018 18:31:13 GMT
    Connection: close
    
    <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Body>
    .
    .
    .

     

    I now need to strip off that stuff to get the XML so that I can then parse it for the <saml2:Assertion> element.  That's the next thing I need to figure out how to do :(...

     

    Does anyone know of an easy way to do that with Groovy?

     

    Thanks,

    Jim

  • ohaya's avatar
    ohaya
    Contributor

    Here is more detail on my latest attempt:

     

    - In a testcase where I have test steps that requests the Assertion tokens, I have a Transfer property that extracts the Assertion token, which is a digitally-signed token, where:

     

      Source:  test step 1  - Response - Xpath

    //*[local-name()='Assertion']

      Target:  test suite - SAMLAssertion1 - Xpath

     

    - In the next test case, where I have a test step that has a request to validate the Assertion token, in the validate request, I have included

     

    .
    .
    .
    <Validate>
    ${#TestSuite#SAMLAssertion1}
    </Validate>
    .
    .

    I am checking the HTTP Log when that latter Validation request is sent, and it looks like the token is being injected into the validation request, BUT, there are newline characters.  For example, instead of:

     

    <saml:Assertion ID="SamlAssertion-b6c1..../">  <saml:Issuer>https://xxxx/sts</saml:Issuer>....[\n]
    .
    .

    the request has:

     

    <saml:Assertion ID="SamlAssertion-b6c1....[\n]"
                  <saml:Issuer>https://xxxxx/sts</saml:Issuer>[\n]"
    .
    .
    .

    Since the Assertion token is signed, those newline characters that are being added are causing the digital signature to fail, and thus the validation request is getting a failed result.

     

    Is there a way to get the transfer property to not add those additional newline characters when the property is used in the validation request?

     

    Thanks,

    Jim

     

     

     

     

  • ohaya's avatar
    ohaya
    Contributor

    I should mention that the reason that I am doing this is that I am trying to improve the automation of our SOAPUI testing.

     

    Right now, we run the test suite, which has the first test case that gets the assertion tokens, and also the validation test case with the validation test step.  

     

    Originally we left the validation test step with no token in it, and had to MANUALLY copy the assertion token from the RAW response from one of the test steps in the first test case and then paste it into the validation request and then run the validation request, so I am trying to automate that so that the validation test step can work properly automatically when the test suite is run.

     

    Thanks,

    Jim

  • ohaya's avatar
    ohaya
    Contributor

    Hi,

     

    I am sorry for all the add-ons, but I've been looking at different info for awhile, and I wanted to clarify something. 

     

    So as I mentioned, the token/assertion I have been referring to is a SIGNED SAML Assertion.  The way that the signature for the signed SAML assertion is derived/calculated means that all of the contents of the SAML assertion, including spacing, newlines, i.e., every character between the saml2:Assertion.... and the /saml2:Assertion tags, contribute to the digital signature, so, for example, if newlines are changed or deleted, the digital signature will no longer be valid.

     

    So, in my posts, when I say "Raw response", I mean the original response, including all newlines, invisible characters, etc. as they were in the response that was sent back by the server.

     

    So that is why I am having a problem.  For example in the actual response from the server, the Assertion part has only like maybe 7 newlines, whereas when I look at the response I get from SOAPUI, it is showing a lot more new lines, thus causing the digital signature to be bad.

     

    Thanks,

    Jim

  • ohaya's avatar
    ohaya
    Contributor

    Hi,

     

    Sort of answering my original question, the following in a groovy script step seems to be able to get the raw response:

     

    def rawResponse = testRunner.testCase.testSteps["TC1 - NoAttribs"].testRequest.response.rawResponseData
    log.info new String(rawResponse)

    However, the rawResponse has not just the XML I am interested in, but also the HTTP response headers, etc.:

     

    Wed Apr 04 14:36:19 EDT 2018:INFO:HTTP/1.1 200 OK
    Server: Apache-Coyote/1.1
    Connection: close
    Content-Type: text/xml;charset=UTF-8
    Content-Length: 4249
    Date: Wed, 04 Apr 2018 18:31:13 GMT
    Connection: close
    
    <?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Body>
    .
    .
    .

     

    I now need to strip off that stuff to get the XML so that I can then parse it for the <saml2:Assertion> element.  That's the next thing I need to figure out how to do :(...

     

    Does anyone know of an easy way to do that with Groovy?

     

    Thanks,

    Jim