Hi All, In order to write integration tests related to API Manger calls, It requires to get the SAML_TOKEN as we have used SAML_TOKEN for login to API Manager in APIManagerIntegrationService. I had a offline chat with Dinusha and Lakmali and they provided me a code sample which does that with the code [1].
Simply what happens in the code is that: 1. First talk to sso app's login page and retrieve the "sessionDataKey" 2. Then do a call to commonauth endpoint with sessionDataKey, tenant username and password. This results the SAML Response. An easy way to try this scenario with App Factory from the browser is as follows: Prerequisites: Up and running App Factory setup with a working tenant (say [email protected]/admin) 1. Simply visit the AF login page and copy paste the full url to a notepad as follows: https://apps.appfactory.private.wso2.com:9443/carbon/appfactory/login_ajaxprocessor.jsp?SAMLRequest=PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPHNhbWwycDpBdXRoblJlcXVlc3QgSUQ9ImNvbG5iYW9jbGxla21jbWJhYWNtZ2xkampjbWZubmRjY21jZ2RoamIiIElzc3VlSW5zdGFudD0iMjAxNS0wNS0wNFQwNjo1NDo1Ny42ODFaIiBWZXJzaW9uPSIyLjAiIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIj48c2FtbDI6SXNzdWVyIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5BUFBGQUNUT1JZPC9zYW1sMjpJc3N1ZXI+PHNhbWwycDpOYW1lSURQb2xpY3kgQWxsb3dDcmVhdGU9InRydWUiIEZvcm1hdD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOm5hbWVpZC1mb3JtYXQ6ZW50aXR5Ii8+PC9zYW1sMnA6QXV0aG5SZXF1ZXN0Pg==&issuer=APPFACTORY&; *sessionDataKey=2bf27df8-44c7-4bfd-984a-96b59ad4dad6* &type=samlsso&commonAuthCallerPath=..%2F..%2Fsamlsso&forceAuthenticate=true 2. Just extract the *sessionDataKey* with value from 1 and create the below URL *.* https://apps.appfactory.private.wso2.com:9443/commonauth?sessionDataKey=2bf27df8-44c7-4bfd-984a-96b59ad4dad6&[email protected]&password=admin 3. Now just paste it in the browser and hit enter, This will log you in. >From FireBug you can see that SAMLResponse has received as the response. When I try to use the same code, I came across few issues: For me, just passing the login page didn't result sessionDataKey value. When I passed the login url, I was able to retrieve SAML Request,RelayState and SSOAuthSessionID. Then I did a second call and got the sessionDataKey value. Moreover the integration tests were run from my machine and AF setup is in another machine. So I got the below issue. javax.net.ssl.SSLException: hostname in certificate didn't match: < apps.appfactory.private.wso2.com> != <localhost> I was able to fix it by creating and adding a certificate for " apps.appfactory.private.wso2.com" domain name in both client side and server side. But now I am getting some errors while I try to create tenants with new certificate. I will look into it further. [1] https://github.com/wso2/carbon-appmgt/blob/master/components/appmgt/org.wso2.carbon.appmgt.sample.deployer/src/main/java/org/wso2/carbon/appmgt/sample/deployer/appcontroller/WebpageAccessor.java -- Thanks and Regards, Punnadi Gunarathna Senior Software Engineer, WSO2, Inc.; http://wso2.com <http://wso2> Blog: http://hi-my-world.blogspot.com/ Tel : 94 11 214 5345 Fax :94 11 2145300 <http://lalajisureshika.blogspot.com/>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
