Trying to get ADFS Saml assertion token using curl

StackOverflow https://stackoverflow.com/questions/20338140

  •  07-08-2022
  •  | 
  •  

Question

After reading this post http://leandrob.com/2012/02/request-a-token-from-adfs-using-ws-trust-from-ios-objective-c-iphone-ipad-android-java-node-js-or-any-platform-or-language/

I tried to request a SAML token using curl.

Here is what I'm passing using curl:

curl https://server.com/adfs/services/trust/13/usernamemixed --data @request.txt -H "Content-Type:application/soap+xml"  --verbose -o "output.txt"

Here is my request.txt file

<?xml version="1.0" encoding="utf-8"?>
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <s:Header>
        <a:Action s:mustUnderstand="1">

http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue

        </a:Action>
        <a:To s:mustUnderstand="1">https://server.com/adfs/services/trust/13/UsernameMixed</a:To>
        <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" >
            <o:UsernameToken u:Id="uuid-6a13a244-dac6-42c1-84c5-cbb345b0c4c4-1">
                <o:Username>user</o:Username>
                <o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pass</o:Password>
            </o:UsernameToken>
        </o:Security>
    </s:Header>
    <s:Body>
        <trust:RequestSecurityToken xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
            <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
                <a:EndpointReference>
                    <a:Address>https://server.com</a:Address>
                </a:EndpointReference>
            </wsp:AppliesTo>
            <trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
            <trust:RequestType>

http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue

            </trust:RequestType>
            <trust:TokenType>urn:oasis:names:tc:SAML:2.0:assertion</trust:TokenType>
        </trust:RequestSecurityToken>
    </s:Body>
</s:Envelope>

The response I'm getting is MSIS3127: The specified request failed.

Any ideas of things I can check? Thanks!

Was it helpful?

Solution

After looking at the event logs, I found the issue was that it was picking up a space or newline after docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue. Probably as a result of copying the xml from a website!

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top