adal 1.0.0

data/spec/fixtures/oauth/error.json

@@ -0,0 +1 @@
+{"error":"invalid_grant","error_description":"AADSTS70002: Error validating credentials. AADSTS50126: Invalid username or password\r\nTrace ID: 29bbd59a-664e-46ab-8c84-46eecf0cb89a\r\nCorrelation ID: 53532eb8-214a-4694-9bcf-dc51c29810a5\r\nTimestamp: 2015-07-09 22:11:48Z","error_codes":[70002,50126],"timestamp":"2015-07-09 22:11:48Z","trace_id":"92bbd59a-664e-46ab-8c84-46eecf0cb89a","correlation_id":"54532eb8-214a-4694-9bcf-dc51c29810a5","submit_url":null,"context":null}

data/spec/fixtures/oauth/success.json

@@ -0,0 +1 @@
+{"expires_in":"3599","token_type":"Bearer","scope":"Calendars.Read Calendars.ReadWrite Directory.AccessAsUser.All Directory.Read Directory.Read.All Directory.ReadWrite.All Directory.Write Files.Read Files.Read.Selected Files.ReadWrite Files.ReadWrite.Selected Group.Read.All Group.ReadWrite.All Mail.Read Mail.ReadWrite Mail.Send offline_access openid recipient.manage Sites.Read.All Sites.ReadWrite.All Tasks.Read.All Tasks.ReadWrite.All User.Read User.Read.All User.ReadBasic.All User.ReadWrite User.ReadWrite.All user_impersonation UserProfile.Read","expires_on":"1436483416","not_before":"1436479516","resource":"https://graph.windows.net","access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik1uQ19WWmNBVGZNNXBPWWlKSE1iYTlnb0VLWSIsImtpZCI6Ik1uQ19WWmNBVGZNNXBPWWlKSE1iYTlnb0VWLSJ9.eyJhdWQiOiJodHRwczovL2dyYXBoLndpbmRvd3MbumV0IiwiaXNzIjoiaHR0cHM6Ly9zdHMud2luZG93cy5uZXQvZGRmNzMzYjYtNGFjMS00M2FjLWEzZWQtYmU3N2MxMjllMGY4LyIsImlhdCI6MTQzNjQ3OTUxNiwibmJmIjoxNDM2NDc5NTE2LCJleHAiOjE0MzY0ODM0MTYsInZlciI6IjEuMCIsInRpZCI6ImRkZjczM2I2LTRhYzEtNDNhYy1hM2VkLWJlNzdjMTI5ZTBmOCIsIm9pZCI6Ijc4OWVhYmJjLTAwZmItNGQ4NS04ODljLTFlNWQ3OGEyMjMxZSIsInVwbiI6InVzZXIxQGFkYW1ham1pY2hhZWwub25taWNyb3NvZnQuY29tIiwicHVpZCI6IjEwMDNCRkZEOTExQzlENTQiLCJzdWIiOiJBc1gtaDVCcElGLVMtalZtVWs4aHVYSlhmN0lFZUlLOGhTQ29rSTY5UmlrIiwiZ2l2ZW5fbmFtZSI6IlNvbWUiLCJmYW1pbHlfbmFtZSI6IlVzZXIiLCJuYW1lIjoiU29tZSBVc2VyIiwiYW1yIjpbInB3ZCJdLCJ1bmlxdWVfbmFtZSI6InVzZXIxQGFkYW1ham1pY2hhZWwub25taWNyb3NvZnQuY29tIiwiYXBwaWQiOiJjMzYzYTUwNS03MmNmLTQ0NmQtOTQ5OC1jNWViMmRiZWUwZWEiLCJhcHBpZGFjciI6IjAiLCJzY3AiOiJDYWxlbmRhcnMuUmVhZCBDYWxlbmRhcnMuUmVhZFdyaXRlIERpcmVjdG9yeS5BY2Nlc3NBc1VzZXIuQWxsIERpcmVjdG9yeS5SZWFkIERpcmVjdG9yeS5SZWFkLkFsbCBEaXJlY3RvcnkuUmVhZFdyaXRlLkFsbCBEaXJlY3RvcnkuV3JpdGUgRmlsZXMuUmVhZCBGaWxlcy5SZWFkLlNlbGVjdGVkIEZpbGVzLlJlYWRXcml0ZSBGaWxlcy5SZWFkV3JpdGUuU2VsZWN0ZWQgR3JvdXAuUmVhZC5BbGwgR3JvdXAuUmVhZFdyaXRlLkFsbCBNYWlsLlJlYWQgTWFpbC5SZWFkV3JpdGUgTWFpbC5TZW5kIG9mZmxpbmVfYWNjZXNzIG9wZW5pZCByZWNpcGllbnQubWFuYWdlIFNpdGVzLlJlYWQuQWxsIFNpdGVzLlJlYWRXcml0ZS5BbGwgVGFza3MuUmVhZC5BbGwgVGFza3MuUmVhZFdyaXRlLkFsbCBVc2VyLlJlYWQgVXNlci5SZWFkLkFsbCBVc2VyLlJlYWRCYXNpYy5BbGwgVXNlci5SZWFkV3JpdGUgVXNlci5SZWFkV3JpdGUuQWxsIHVzZXJfaW1wZXJzb25hdGlvbiBVc2VyUHJvZmlsZS5SZWFkIiwiYWNyIjoiMSJ9.OCMNnlxh9KGWFcuUXvDLfamAAzVFjN7rWG3n6zcZXUNiNwRoLLttPxKvWAya_sz_qo3B8r6zlP-nb2gaXyQskJ5hJU3ddyo2fkUEwyj3jbs5ZcCTGq0guq2vK-8u-ue4BYsRfNvqCSaAwwKhgkU1rehtJr0Je9wSFA8QKXUeFNpzfGMqDHkpqZbqpeG3jUgqrnx3mj7KQjJfQoBASRjHeu0LdV7z5PTtuTitaUnxF8CLXkNup5kO22WRBu2iMGTtZhJ-87lvKGiVewWTd9iraWD8qc8FnFIw0givTNRCAo0_1XUz2ctJVuQUBiIuHq7nNAnkmStKgNs6tHOAeGVONQ","refresh_token":"AAABAAAAiL9Kn2Z27UubvWFPbm0gLQ4W9_efb2mUc9TlA7vSiuqu3drE5RTL-8l7x54O4vIYoOB6WiXF5DeQvURMjyQnlXs7AeRn9QmEkIdAJaCPMsboQCY3NCoHWNHumKPNXK3-AeB4HASaQp8ratyWYtjDiG9JXZvOEJfteGn62SMM1ujTyTmfIHQxe0MgYfDmgzdLS0Elfrxbt4zydKgMpT4I1YpxHD-cWsx-5CbmZtbqvhsUEFtUvTOd9ig0mp3lGpmyxOdCoVGlw667VLtNjZ6dnNu9xC3wf3ZrZAuR7tL9Xsn5aXfAB8mXwDueXKFbuk7A-QxXfwYiC9wi2e5MsRLt8KoF71kFVe2j26bis2ambtqeJUhuupFzP5K27e8B-4D5lZpAV0bt18Pa3Vj4wf8-KVqJmF1TjxP9P4_qRsXmc2uXrVA9VGqb-hxK2DgW1PmFZU3Eu_6oN2Z1lDROTGy9oRxJ8nP9DjeGzrY6hjomrsl3wtPAuKJ2bcu-ZE8Jic9HNCUAQjrynOvsbkWglr2AyqrU4mqu4dbB697O68Tuum2V0W5f6ZYp9zccARR_I9mcIAA"}

data/spec/fixtures/oauth/success_with_id_token.json

@@ -0,0 +1 @@
+{"expires_in":"3599","token_type":"Bearer","scope":"Calendars.Read Calendars.ReadWrite Directory.AccessAsUser.All Directory.Read Directory.Read.All Directory.ReadWrite.All Directory.Write Files.Read Files.Read.Selected Files.ReadWrite Files.ReadWrite.Selected Group.Read.All Group.ReadWrite.All Mail.Read Mail.ReadWrite Mail.Send offline_access openid recipient.manage Sites.Read.All Sites.ReadWrite.All Tasks.Read.All Tasks.ReadWrite.All User.Read User.Read.All User.ReadBasic.All User.ReadWrite User.ReadWrite.All user_impersonation UserProfile.Read","expires_on":"1437537157","not_before":"1437533257","resource":"https://graph.windows.net","access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6Ik1uQ19WWmNBVGZNNXBPWWlKSE1iYTlnb0VLWSIsImtpZCI6Ik1uQ19WWmNBVGZNNXBPWWlKSE1iYTlnb0VLWSJ9.eyJhdWQiOiJodHRwczovL2dyYXBoLndpbmRvd3MubmV0IiwiaXNzIjoiaHR0cHM6Ly9zdHMud2luZG93cy5uZXQvZGRmNzMzYjYtNGFjMS00M2FjLWEzZWQtYmU3N2MxMjllMGY4LyIsImlhdCI6MTQzNzUzMzI1NywibmJmIjoxNDM3NTMzMjU3LCJleHAiOjE0Mzc1MzcxNTcsInZlciI6IjEuMCIsInRpZCI6ImRkZjczM2I2LTRhYzEtNDNhYy1hM2VkLWJlNzdjMTI5ZTBmOCIsIm9pZCI6ImUwMDlkOGQ2LTcxODAtNDc4Ni04ZDEwLWM2ZjFlYzM0OTc2YyIsInVwbiI6ImFhcm9uQGFqbWljaGFlbC5uZXQiLCJwdWlkIjoiMTAwMzNGRkY5MTZBRTYyQiIsInN1YiI6Im9HSXlnSFlYT1N0ZXhBZXJIR0xTd2J3WXpyNktjTG5vd3lNNjloQVNZNk0iLCJnaXZlbl9uYW1lIjoiQWFyb24iLCJmYW1pbHlfbmFtZSI6Ik1pY2hhZWwiLCJuYW1lIjoiQWFyb24gTWljaGFlbCIsImFtciI6WyJwd2QiXSwidW5pcXVlX25hbWUiOiJhYXJvbkBham1pY2hhZWwubmV0Iiwib25wcmVtX3NpZCI6IlMtMS01LTIxLTk1MTA5NTkzNC0zMDAxMDQyODYzLTQwMDQxNjczNDctMTEwNiIsImFwcGlkIjoiZDA2NDQ1ODQtNjFkZS00YmNhLTk4YWItZTc1YWYwZmY1NTI4IiwiYXBwaWRhY3IiOiIxIiwic2NwIjoiQ2FsZW5kYXJzLlJlYWQgQ2FsZW5kYXJzLlJlYWRXcml0ZSBEaXJlY3RvcnkuQWNjZXNzQXNVc2VyLkFsbCBEaXJlY3RvcnkuUmVhZCBEaXJlY3RvcnkuUmVhZC5BbGwgRGlyZWN0b3J5LlJlYWRXcml0ZS5BbGwgRGlyZWN0b3J5LldyaXRlIEZpbGVzLlJlYWQgRmlsZXMuUmVhZC5TZWxlY3RlZCBGaWxlcy5SZWFkV3JpdGUgRmlsZXMuUmVhZFdyaXRlLlNlbGVjdGVkIEdyb3VwLlJlYWQuQWxsIEdyb3VwLlJlYWRXcml0ZS5BbGwgTWFpbC5SZWFkIE1haWwuUmVhZFdyaXRlIE1haWwuU2VuZCBvZmZsaW5lX2FjY2VzcyBvcGVuaWQgcmVjaXBpZW50Lm1hbmFnZSBTaXRlcy5SZWFkLkFsbCBTaXRlcy5SZWFkV3JpdGUuQWxsIFRhc2tzLlJlYWQuQWxsIFRhc2tzLlJlYWRXcml0ZS5BbGwgVXNlci5SZWFkIFVzZXIuUmVhZC5BbGwgVXNlci5SZWFkQmFzaWMuQWxsIFVzZXIuUmVhZFdyaXRlIFVzZXIuUmVhZFdyaXRlLkFsbCB1c2VyX2ltcGVyc29uYXRpb24gVXNlclByb2ZpbGUuUmVhZCIsImFjciI6IjEifQ.js2r2-zmLVmHN9I-jRSTwzjXTxndlOrAv4FBekxrhtyghq_dml56okN3i4qC7MyOW_MiuXz4lTbNNDMZKwsC6Lg7tZBogfXj0wBIKI5BuM-x82E4-dDQ34PkNwaLs4X6HsTcqB_0cyDDL7j0QEnnSvkD5gZs35KhpXt_xkmlMG3d5w9ht54aOhGoLVHA5Kqr88-za9j41QpcRXqNESJN5UKvQP--l8Dty3pXzFaLPfHHJ3weQ8-9t7hNgYD-Knpn7J11xoW_WhLwdzZvXCM5P33sycvFvHcSheL47BsKip5w5QSSG0MbiFSpahW08Lb66iAxWseKz8BEon95szdN9w","refresh_token":"AAABAAAAiL9Kn2Z27UubvWFPbm0gLdRUkuB5MisMJPvgvcVrwu8dLv4PzCwxHqo-wV6rRz__od9BQGzBIEthNm9tZb65Gqxv2C9msJ26rNQRH7LAi4T7WSj1rZs1CrUgoH5SZdZE9EYWPnUcptz2B6-kvcc-dO744czVUKbIUCZslT65PxOllRjpd7aXCXfWCcQG4cR1MHg26QrPZYZskNwKnEGNKCc9PB8PoaHQmuoBHrf8GQbpLQ6mcyajyESWUday9FaY4nOCtRLdIiLPGVYuYzaxkj0AFy7hq6FUgJQVlJeWPddmvd1Y-hJUMX8MeV4r08ZfQ6Gj2saW4AbTMmm-KEqw8S-dw8Kr05_YhOHKW32rrFYR5hSouJXM_SleCLV9SGRTBisT4LxvzB-GdE502nQg2canmCsfYL5hHWhF-hIIyEPQksXQ8r2WZPAL8D0NEnesU7ng_FYrWEfZYQ1UhE7GY9Fce-qd0-zKvA9ifq0k8PIfNe8PvWNcJ9BOmr2IGLUcVyBA8AHeX8XffJYfYuFOTQw6Xz0i1r_Po1K7D0c23sZvPj2mArqDxte-xEY9SGitPd8FW4cn0XwIdRhLLBXwASAA","id_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJub25lIiwia2lkIjpudWxsfQ.eyJhdWQiOiJkMDY0NDU4NC02MWRlLTRiY2EtOThhYi1lNzVhZjBmZjU1MjgiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9kZGY3MzNiNi00YWMxLTQzYWMtYTNlZC1iZTc3YzEyOWUwZjgvIiwiaWF0IjoxNDM3NTMzMjU3LCJuYmYiOjE0Mzc1MzMyNTcsImV4cCI6MTE0Mzc1MzcxNTcsInZlciI6IjEuMCIsInRpZCI6ImRkZjczM2I2LTRhYzEtNDNhYy1hM2VkLWJlNzdjMTI5ZTBmOCIsIm9pZCI6ImUwMDlkOGQ2LTcxODAtNDc4Ni04ZDEwLWM2ZjFlYzM0OTc2YyIsInVwbiI6ImFhcm9uQGFqbWljaGFlbC5uZXQiLCJzdWIiOiJYUG9ELUc1cHlhU1V5eVRDQ29ka2xXeFU4dzV1ZnplcVVtMFpFYndnZ0prIiwiZ2l2ZW5fbmFtZSI6IkFhcm9uIiwiZmFtaWx5X25hbWUiOiJNaWNoYWVsIiwibmFtZSI6IkFhcm9uIE1pY2hhZWwiLCJhbXIiOlsicHdkIl0sInVuaXF1ZV9uYW1lIjoiYWFyb25AYWptaWNoYWVsLm5ldCIsIm9ucHJlbV9zaWQiOiJTLTEtNS0yMS05NTEwOTU5MzQtMzAwMTA0Mjg2My00MDA0MTY3MzQ3LTExMDYifQ."}

data/spec/fixtures/wstrust/error.xml

@@ -0,0 +1,24 @@
+ <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+   <s:Header>
+     <a:Action s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action>
+     <o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+       <u:Timestamp u:Id="_0">
+         <u:Created>2013-07-30T00:32:21.989Z</u:Created>
+         <u:Expires>2013-07-30T00:37:21.989Z</u:Expires>
+       </u:Timestamp>
+     </o:Security>
+   </s:Header>
+   <s:Body>
+     <s:Fault>
+       <s:Code>
+         <s:Value>s:Sender</s:Value>
+         <s:Subcode>
+           <s:Value xmlns:a="http://docs.oasis-open.org/ws-sx/ws-trust/200512">a:RequestFailed</s:Value>
+         </s:Subcode>
+       </s:Code>
+       <s:Reason>
+         <s:Text xml:lang="en-US">MSIS3127: The specified request failed.</s:Text>
+       </s:Reason>
+     </s:Fault>
+   </s:Body>
+ </s:Envelope>

data/spec/fixtures/wstrust/invalid_namespaces.xml

@@ -0,0 +1,136 @@
+<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
+  xmlns:a="http://www.w3.org/2005/08/addressing"
+  xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+  <s:Header>
+    <a:Action s:mustUnderstand="1">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal</a:Action>
+    <o:Security s:mustUnderstand="1"
+      xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+      <u:Timestamp u:Id="_0">
+        <u:Created>2014-10-11T01:57:52.927Z</u:Created>
+        <u:Expires>2014-10-11T02:02:52.927Z</u:Expires>
+      </u:Timestamp>
+    </o:Security>
+  </s:Header>
+  <s:Body>
+    <trust:RequestSecurityTokenResponseCollection
+      xmlns:trust="http://somemaliciousprotocol.net">
+      <trust:RequestSecurityTokenResponse>
+        <trust:Lifetime>
+          <wsu:Created
+            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-10-11T01:57:52.802Z</wsu:Created>
+          <wsu:Expires
+            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-10-11T02:57:52.802Z</wsu:Expires>
+        </trust:Lifetime>
+        <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+          <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
+            <wsa:Address>urn:federation:MicrosoftOnline</wsa:Address>
+          </wsa:EndpointReference>
+        </wsp:AppliesTo>
+        <trust:RequestedSecurityToken>
+          <saml:Assertion MajorVersion="1" MinorVersion="1"
+            AssertionID="_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e" Issuer="urn:federation:MSFT"
+            IssueInstant="2014-10-11T01:57:52.927Z" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+            <saml:Conditions NotBefore="2014-10-11T01:57:52.802Z"
+              NotOnOrAfter="2014-10-11T02:57:52.802Z">
+              <saml:AudienceRestrictionCondition>
+                <saml:Audience>urn:federation:MicrosoftOnline</saml:Audience>
+              </saml:AudienceRestrictionCondition>
+            </saml:Conditions>
+            <saml:AttributeStatement>
+              <saml:Subject>
+                <saml:NameIdentifier
+                  Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">11111</saml:NameIdentifier>
+                <saml:SubjectConfirmation>
+                  <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
+                  </saml:ConfirmationMethod>
+                </saml:SubjectConfirmation>
+              </saml:Subject>
+              <saml:Attribute AttributeName="UPN"
+                AttributeNamespace="http://schemas.xmlsoap.org/claims">
+                <saml:AttributeValue>sdfb4@vsfdbs.com</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="objectGUID"
+                AttributeNamespace="http://tempuri.com">
+                <saml:AttributeValue>sefgbw4w4tbwrtb==
+                </saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="PersonnelNumber"
+                AttributeNamespace="http://schemas.xmlsoap.org/claims">
+                <saml:AttributeValue>11111</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="ImmutableID"
+                AttributeNamespace="http://schemas.microsoft.com/LiveID/Federation/2008/05">
+                <saml:AttributeValue>11111</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="insidecorporatenetwork"
+                AttributeNamespace="http://schemas.microsoft.com/ws/2012/01">
+                <saml:AttributeValue>true</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="psso"
+                AttributeNamespace="http://schemas.microsoft.com/2014/03">
+                <saml:AttributeValue>true</saml:AttributeValue>
+              </saml:Attribute>
+            </saml:AttributeStatement>
+            <saml:AuthenticationStatement
+              AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"
+              AuthenticationInstant="2014-10-11T01:57:52.786Z">
+              <saml:Subject>
+                <saml:NameIdentifier
+                  Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">11111</saml:NameIdentifier>
+                <saml:SubjectConfirmation>
+                  <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
+                  </saml:ConfirmationMethod>
+                </saml:SubjectConfirmation>
+              </saml:Subject>
+            </saml:AuthenticationStatement>
+            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+              <ds:SignedInfo>
+                <ds:CanonicalizationMethod
+                  Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+                <ds:Reference URI="#_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e">
+                  <ds:Transforms>
+                    <ds:Transform
+                      Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                  </ds:Transforms>
+                  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+                  <ds:DigestValue>11112412434fgvwefb24rb=</ds:DigestValue>
+                </ds:Reference>
+              </ds:SignedInfo>
+              <ds:SignatureValue>yc2hltEY1z/0zgEdUKdIo9K8BAauLYCvEM21Jrasdnvkadsjv9834759384utfhwrgEDSDGSDFG34543fFFwdffeeeeCfnoRal7Q1PXtxwsDqg/maesA7/1eYG75Q6/MyB5s+GZqUDK5Sif1XXseTe3hbocz/dMfVIeHKZ/BJ9iKdjI+WhDJspJ282sCu9e31h0CKEEgHwwe3U+0iwtwXrBxJKi9wNrrShez7CW+18jz2bQ+hFxsLYpuXSskOgeB6wza5BR9QjLHjjntqchVZOgZNQzmnULQBXIbPHGvrcKZZ1+05y27505B8T1jOopN6ncdic2b3tt712n/lDbtQCBKOUp5A0ZIP8nupkUE4lvIE0qFiETrWFKbRKgNLzPSS8Fb0ITuq5FPQRNDZkYebVqBvQavd7T8qx9RnhXwJNYBABxZ2NgicCT1QnAhPwyU4vvMaSeCbguAsbO0z6IM9Y6pzLe6eehvzh2/WfIckEExeHvPTEZZWMiA16msBSWLX+NkVMLfVBj8GA2sK7Qj4wnvK6ip+8x5PBl5z3Ra8p7MXsDVnunZcl5LnjBM7Z0puX9vT79xVuJ7+q3jD6GRjiH0XZr4yZXCJk2Ipfq9P4S+8fT50=
+              </ds:SignatureValue>
+              <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+                <X509Data>
+                  <X509Certificate>vwbeiurkjbhvnsfbMMWEFGVWERBwbdfefwbbFowITEfMB0GA1UEAxMWbXNmdC5zdHMubWljcm9zb2Z0LmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMsKK87jKV6UdjZWE5gu2lUecEJeBH35aEG89U9fAXqRIbsmkAgnZAqtmD3dw4W0edvOMW0YxLejvHpxrrei4Hc3KOYczFaiJGOxeir6Fymk5cOJ0x3ioJGSCn/X0J0vka6sUijwUlFzaqOyTO5YP23AzSu2a39SUxBCVNqgkGrbjMp4xl1LP6rYrNc1QG/aBGvT0od0oXF4Hy5uiCxqq49Wb+QjCyJ76+1kzkWHTK18r8vOG9GxfWfNeshT9W9XoT9ChgRcxIHt/Y2ZUrOT86ldpakld58gTq1E0l5jho3CZPAnZjnwBhYv9bUgsgwHUU29Ceig/iqdjUDzS50F4pn2pcncoWGmrQP3hOEvJRCs0BWz6+VW/ATV5TGknsLDfq89c5b69haZ3fiDQmU+RZQBIsLEcrRs3Vyld++rmM7OdfZ4CAbo8l3F4ONpHczWfNKhGnor4GH0vC6G5gR3otWCdM6bcrNCYjm4PEVaF0I5+94PvJ2SkaGL4k86u+Ns4OpFLGawC5D3bq0SPMgsUWbXzq4VXq946fewWLV4Jh4mvRkVdsb1egk78rzQdpeqfiq9Ax6W6wRLCIFUiicymITQw/mn646OvwR2mTMc2M+BfW9a35MwfZfyMG/PdZc7nl2Alvuiw1Wk6M3C2xcS8Hpu9unnacXujRr/FbgnaKwnAgMBAAGjdTBzMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBSBgNVHQEESzBJgBBsOlmxcrgqKZ1x+s8zuEDRoSMwITEfMB0GA1UEAxMWbXNmdC5zdHMubWljcm9zb2Z0LmNvbYIQYvo/wNRpcL5JZi8e/Z4hBzANBgkqhkiG9w0BAQsFAAOCAgEAQbiCZJWFH9zaGaPlT77Jq9bWoH6fqZRrNIDuVXM7h+g7E8Xj5Demi16WrRSTR8Ff1uNV0n5tdbLu4C9rEU4RrZjFOJXGGsQZD85y8Jq3tcZ6RZSU6ie3tzvpl5Yhe0o1xfuUvI43VxJWFzW7LHzHyzoDeFNhSuplWfGkQfdjs9yGLTYflIDVCigXv94Wv949HckiG1+PST9ai9jST6NCkeqElm5zoZHxo+haYIRMma4lL7/AO3uYhey5bKYyIHyWTAZcJBKqO2RrWuOtZWthK/gL0yTeGrGXFQvHbfUwEA/lBdUka/x8m59hzSCS2c0f/GZbrBGq6mOrl4NSrJSck4KJnQDbdYzyP2kIVWwjlYMNbFWXE0e2lxm6T28Znhh0wtqrBDyQIxDFpt/bdw9I5OsXmXvjRYlVXP1gmHebuhL9wA3A9BKUaTNf2BTfvWdYnBwbRq98vB4RSAwWRLjv9bizB9JkmMUSmPS9Z5juPMmkbTpcmn8RUUPLGDpuFYMB0dXpGtG+oJ40wHeYZCvfBU1tuXuB+RTxkPsXzF4WEf6sei0VCgs+ir0mULF9L++Bc0INn9VpZoOpDE9pX7jMn9jkutClaxVOirysvYcOAy092MHo3uR6opH9U9vzWJrQULxPOdT+GVwLJ2ZgSmYC14tsr37vbC8WAD5E1zyfGPU=
+                  </X509Certificate>
+                </X509Data>
+              </KeyInfo>
+            </ds:Signature>
+          </saml:Assertion>
+        </trust:RequestedSecurityToken>
+        <trust:RequestedAttachedReference>
+          <o:SecurityTokenReference
+            k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
+            xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+            xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
+            <o:KeyIdentifier
+              ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e</o:KeyIdentifier>
+          </o:SecurityTokenReference>
+        </trust:RequestedAttachedReference>
+        <trust:RequestedUnattachedReference>
+          <o:SecurityTokenReference
+            k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
+            xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+            xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
+            <o:KeyIdentifier
+              ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e</o:KeyIdentifier>
+          </o:SecurityTokenReference>
+        </trust:RequestedUnattachedReference>
+        <trust:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</trust:TokenType>
+        <trust:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</trust:RequestType>
+        <trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
+      </trust:RequestSecurityTokenResponse>
+    </trust:RequestSecurityTokenResponseCollection>
+  </s:Body>
+</s:Envelope>

data/spec/fixtures/wstrust/missing_security_tokens.xml

@@ -0,0 +1,90 @@
+<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
+  xmlns:a="http://www.w3.org/2005/08/addressing"
+  xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+  <s:Header>
+    <a:Action s:mustUnderstand="1">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal</a:Action>
+    <o:Security s:mustUnderstand="1"
+      xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+      <u:Timestamp u:Id="_0">
+        <u:Created>2014-10-11T01:57:52.927Z</u:Created>
+        <u:Expires>2014-10-11T02:02:52.927Z</u:Expires>
+      </u:Timestamp>
+    </o:Security>
+  </s:Header>
+  <s:Body>
+    <trust:RequestSecurityTokenResponseCollection
+      xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
+      <trust:RequestSecurityTokenResponse>
+        <trust:Lifetime>
+          <wsu:Created
+            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-10-11T01:57:52.802Z</wsu:Created>
+          <wsu:Expires
+            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-10-11T02:57:52.802Z</wsu:Expires>
+        </trust:Lifetime>
+        <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+          <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
+            <wsa:Address>urn:federation:MicrosoftOnline</wsa:Address>
+          </wsa:EndpointReference>
+        </wsp:AppliesTo>
+        <trust:RequestedAttachedReference>
+          <o:SecurityTokenReference
+            k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
+            xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+            xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
+            <o:KeyIdentifier
+              ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e</o:KeyIdentifier>
+          </o:SecurityTokenReference>
+        </trust:RequestedAttachedReference>
+        <trust:RequestedUnattachedReference>
+          <o:SecurityTokenReference
+            k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
+            xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+            xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
+            <o:KeyIdentifier
+              ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e</o:KeyIdentifier>
+          </o:SecurityTokenReference>
+        </trust:RequestedUnattachedReference>
+        <trust:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</trust:TokenType>
+        <trust:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</trust:RequestType>
+        <trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
+      </trust:RequestSecurityTokenResponse>
+      <trust:RequestSecurityTokenResponse>
+        <trust:Lifetime>
+          <wsu:Created
+            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-10-11T01:57:52.802Z</wsu:Created>
+          <wsu:Expires
+            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-10-11T02:57:52.802Z</wsu:Expires>
+        </trust:Lifetime>
+        <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+          <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
+            <wsa:Address>urn:federation:MicrosoftOnline</wsa:Address>
+          </wsa:EndpointReference>
+        </wsp:AppliesTo>
+        <trust:RequestedSecurityToken>
+          <foo:Assertion xmlns:foo="bar"></foo:Assertion>
+        </trust:RequestedSecurityToken>
+        <trust:RequestedAttachedReference>
+          <o:SecurityTokenReference
+            k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
+            xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+            xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
+            <o:KeyIdentifier
+              ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e</o:KeyIdentifier>
+          </o:SecurityTokenReference>
+        </trust:RequestedAttachedReference>
+        <trust:RequestedUnattachedReference>
+          <o:SecurityTokenReference
+            k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
+            xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+            xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
+            <o:KeyIdentifier
+              ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e</o:KeyIdentifier>
+          </o:SecurityTokenReference>
+        </trust:RequestedUnattachedReference>
+        <trust:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</trust:TokenType>
+        <trust:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</trust:RequestType>
+        <trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
+      </trust:RequestSecurityTokenResponse>
+    </trust:RequestSecurityTokenResponseCollection>
+  </s:Body>
+</s:Envelope>

data/spec/fixtures/wstrust/success.xml

@@ -0,0 +1,136 @@
+<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
+  xmlns:a="http://www.w3.org/2005/08/addressing"
+  xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+  <s:Header>
+    <a:Action s:mustUnderstand="1">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal</a:Action>
+    <o:Security s:mustUnderstand="1"
+      xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+      <u:Timestamp u:Id="_0">
+        <u:Created>2014-10-11T01:57:52.927Z</u:Created>
+        <u:Expires>2014-10-11T02:02:52.927Z</u:Expires>
+      </u:Timestamp>
+    </o:Security>
+  </s:Header>
+  <s:Body>
+    <trust:RequestSecurityTokenResponseCollection
+      xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
+      <trust:RequestSecurityTokenResponse>
+        <trust:Lifetime>
+          <wsu:Created
+            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-10-11T01:57:52.802Z</wsu:Created>
+          <wsu:Expires
+            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-10-11T02:57:52.802Z</wsu:Expires>
+        </trust:Lifetime>
+        <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+          <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
+            <wsa:Address>urn:federation:MicrosoftOnline</wsa:Address>
+          </wsa:EndpointReference>
+        </wsp:AppliesTo>
+        <trust:RequestedSecurityToken>
+          <saml:Assertion MajorVersion="1" MinorVersion="1"
+            AssertionID="_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e" Issuer="urn:federation:MSFT"
+            IssueInstant="2014-10-11T01:57:52.927Z" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+            <saml:Conditions NotBefore="2014-10-11T01:57:52.802Z"
+              NotOnOrAfter="2014-10-11T02:57:52.802Z">
+              <saml:AudienceRestrictionCondition>
+                <saml:Audience>urn:federation:MicrosoftOnline</saml:Audience>
+              </saml:AudienceRestrictionCondition>
+            </saml:Conditions>
+            <saml:AttributeStatement>
+              <saml:Subject>
+                <saml:NameIdentifier
+                  Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">11111</saml:NameIdentifier>
+                <saml:SubjectConfirmation>
+                  <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
+                  </saml:ConfirmationMethod>
+                </saml:SubjectConfirmation>
+              </saml:Subject>
+              <saml:Attribute AttributeName="UPN"
+                AttributeNamespace="http://schemas.xmlsoap.org/claims">
+                <saml:AttributeValue>sdfb4@vsfdbs.com</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="objectGUID"
+                AttributeNamespace="http://tempuri.com">
+                <saml:AttributeValue>sefgbw4w4tbwrtb==
+                </saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="PersonnelNumber"
+                AttributeNamespace="http://schemas.xmlsoap.org/claims">
+                <saml:AttributeValue>11111</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="ImmutableID"
+                AttributeNamespace="http://schemas.microsoft.com/LiveID/Federation/2008/05">
+                <saml:AttributeValue>11111</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="insidecorporatenetwork"
+                AttributeNamespace="http://schemas.microsoft.com/ws/2012/01">
+                <saml:AttributeValue>true</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="psso"
+                AttributeNamespace="http://schemas.microsoft.com/2014/03">
+                <saml:AttributeValue>true</saml:AttributeValue>
+              </saml:Attribute>
+            </saml:AttributeStatement>
+            <saml:AuthenticationStatement
+              AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"
+              AuthenticationInstant="2014-10-11T01:57:52.786Z">
+              <saml:Subject>
+                <saml:NameIdentifier
+                  Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">11111</saml:NameIdentifier>
+                <saml:SubjectConfirmation>
+                  <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
+                  </saml:ConfirmationMethod>
+                </saml:SubjectConfirmation>
+              </saml:Subject>
+            </saml:AuthenticationStatement>
+            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+              <ds:SignedInfo>
+                <ds:CanonicalizationMethod
+                  Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+                <ds:Reference URI="#_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e">
+                  <ds:Transforms>
+                    <ds:Transform
+                      Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                  </ds:Transforms>
+                  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+                  <ds:DigestValue>11112412434fgvwefb24rb=</ds:DigestValue>
+                </ds:Reference>
+              </ds:SignedInfo>
+              <ds:SignatureValue>yc2hltEY1z/0zgEdUKdIo9K8BAauLYCvEM21Jrasdnvkadsjv9834759384utfhwrgEDSDGSDFG34543fFFwdffeeeeCfnoRal7Q1PXtxwsDqg/maesA7/1eYG75Q6/MyB5s+GZqUDK5Sif1XXseTe3hbocz/dMfVIeHKZ/BJ9iKdjI+WhDJspJ282sCu9e31h0CKEEgHwwe3U+0iwtwXrBxJKi9wNrrShez7CW+18jz2bQ+hFxsLYpuXSskOgeB6wza5BR9QjLHjjntqchVZOgZNQzmnULQBXIbPHGvrcKZZ1+05y27505B8T1jOopN6ncdic2b3tt712n/lDbtQCBKOUp5A0ZIP8nupkUE4lvIE0qFiETrWFKbRKgNLzPSS8Fb0ITuq5FPQRNDZkYebVqBvQavd7T8qx9RnhXwJNYBABxZ2NgicCT1QnAhPwyU4vvMaSeCbguAsbO0z6IM9Y6pzLe6eehvzh2/WfIckEExeHvPTEZZWMiA16msBSWLX+NkVMLfVBj8GA2sK7Qj4wnvK6ip+8x5PBl5z3Ra8p7MXsDVnunZcl5LnjBM7Z0puX9vT79xVuJ7+q3jD6GRjiH0XZr4yZXCJk2Ipfq9P4S+8fT50=
+              </ds:SignatureValue>
+              <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+                <X509Data>
+                  <X509Certificate>vwbeiurkjbhvnsfbMMWEFGVWERBwbdfefwbbFowITEfMB0GA1UEAxMWbXNmdC5zdHMubWljcm9zb2Z0LmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMsKK87jKV6UdjZWE5gu2lUecEJeBH35aEG89U9fAXqRIbsmkAgnZAqtmD3dw4W0edvOMW0YxLejvHpxrrei4Hc3KOYczFaiJGOxeir6Fymk5cOJ0x3ioJGSCn/X0J0vka6sUijwUlFzaqOyTO5YP23AzSu2a39SUxBCVNqgkGrbjMp4xl1LP6rYrNc1QG/aBGvT0od0oXF4Hy5uiCxqq49Wb+QjCyJ76+1kzkWHTK18r8vOG9GxfWfNeshT9W9XoT9ChgRcxIHt/Y2ZUrOT86ldpakld58gTq1E0l5jho3CZPAnZjnwBhYv9bUgsgwHUU29Ceig/iqdjUDzS50F4pn2pcncoWGmrQP3hOEvJRCs0BWz6+VW/ATV5TGknsLDfq89c5b69haZ3fiDQmU+RZQBIsLEcrRs3Vyld++rmM7OdfZ4CAbo8l3F4ONpHczWfNKhGnor4GH0vC6G5gR3otWCdM6bcrNCYjm4PEVaF0I5+94PvJ2SkaGL4k86u+Ns4OpFLGawC5D3bq0SPMgsUWbXzq4VXq946fewWLV4Jh4mvRkVdsb1egk78rzQdpeqfiq9Ax6W6wRLCIFUiicymITQw/mn646OvwR2mTMc2M+BfW9a35MwfZfyMG/PdZc7nl2Alvuiw1Wk6M3C2xcS8Hpu9unnacXujRr/FbgnaKwnAgMBAAGjdTBzMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBSBgNVHQEESzBJgBBsOlmxcrgqKZ1x+s8zuEDRoSMwITEfMB0GA1UEAxMWbXNmdC5zdHMubWljcm9zb2Z0LmNvbYIQYvo/wNRpcL5JZi8e/Z4hBzANBgkqhkiG9w0BAQsFAAOCAgEAQbiCZJWFH9zaGaPlT77Jq9bWoH6fqZRrNIDuVXM7h+g7E8Xj5Demi16WrRSTR8Ff1uNV0n5tdbLu4C9rEU4RrZjFOJXGGsQZD85y8Jq3tcZ6RZSU6ie3tzvpl5Yhe0o1xfuUvI43VxJWFzW7LHzHyzoDeFNhSuplWfGkQfdjs9yGLTYflIDVCigXv94Wv949HckiG1+PST9ai9jST6NCkeqElm5zoZHxo+haYIRMma4lL7/AO3uYhey5bKYyIHyWTAZcJBKqO2RrWuOtZWthK/gL0yTeGrGXFQvHbfUwEA/lBdUka/x8m59hzSCS2c0f/GZbrBGq6mOrl4NSrJSck4KJnQDbdYzyP2kIVWwjlYMNbFWXE0e2lxm6T28Znhh0wtqrBDyQIxDFpt/bdw9I5OsXmXvjRYlVXP1gmHebuhL9wA3A9BKUaTNf2BTfvWdYnBwbRq98vB4RSAwWRLjv9bizB9JkmMUSmPS9Z5juPMmkbTpcmn8RUUPLGDpuFYMB0dXpGtG+oJ40wHeYZCvfBU1tuXuB+RTxkPsXzF4WEf6sei0VCgs+ir0mULF9L++Bc0INn9VpZoOpDE9pX7jMn9jkutClaxVOirysvYcOAy092MHo3uR6opH9U9vzWJrQULxPOdT+GVwLJ2ZgSmYC14tsr37vbC8WAD5E1zyfGPU=
+                  </X509Certificate>
+                </X509Data>
+              </KeyInfo>
+            </ds:Signature>
+          </saml:Assertion>
+        </trust:RequestedSecurityToken>
+        <trust:RequestedAttachedReference>
+          <o:SecurityTokenReference
+            k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
+            xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+            xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
+            <o:KeyIdentifier
+              ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e</o:KeyIdentifier>
+          </o:SecurityTokenReference>
+        </trust:RequestedAttachedReference>
+        <trust:RequestedUnattachedReference>
+          <o:SecurityTokenReference
+            k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
+            xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+            xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
+            <o:KeyIdentifier
+              ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e</o:KeyIdentifier>
+          </o:SecurityTokenReference>
+        </trust:RequestedUnattachedReference>
+        <trust:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</trust:TokenType>
+        <trust:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</trust:RequestType>
+        <trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
+      </trust:RequestSecurityTokenResponse>
+    </trust:RequestSecurityTokenResponseCollection>
+  </s:Body>
+</s:Envelope>

data/spec/fixtures/wstrust/token.xml

@@ -0,0 +1 @@
+<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" MajorVersion="1" MinorVersion="1" AssertionID="_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e" Issuer="urn:federation:MSFT" IssueInstant="2014-10-11T01:57:52.927Z"><saml:Conditions NotBefore="2014-10-11T01:57:52.802Z" NotOnOrAfter="2014-10-11T02:57:52.802Z"><saml:AudienceRestrictionCondition><saml:Audience>urn:federation:MicrosoftOnline</saml:Audience></saml:AudienceRestrictionCondition></saml:Conditions><saml:AttributeStatement><saml:Subject><saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">11111</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject><saml:Attribute AttributeName="UPN" AttributeNamespace="http://schemas.xmlsoap.org/claims"><saml:AttributeValue>sdfb4@vsfdbs.com</saml:AttributeValue></saml:Attribute><saml:Attribute AttributeName="objectGUID" AttributeNamespace="http://tempuri.com"><saml:AttributeValue>sefgbw4w4tbwrtb==</saml:AttributeValue></saml:Attribute><saml:Attribute AttributeName="PersonnelNumber" AttributeNamespace="http://schemas.xmlsoap.org/claims"><saml:AttributeValue>11111</saml:AttributeValue></saml:Attribute><saml:Attribute AttributeName="ImmutableID" AttributeNamespace="http://schemas.microsoft.com/LiveID/Federation/2008/05"><saml:AttributeValue>11111</saml:AttributeValue></saml:Attribute><saml:Attribute AttributeName="insidecorporatenetwork" AttributeNamespace="http://schemas.microsoft.com/ws/2012/01"><saml:AttributeValue>true</saml:AttributeValue></saml:Attribute><saml:Attribute AttributeName="psso" AttributeNamespace="http://schemas.microsoft.com/2014/03"><saml:AttributeValue>true</saml:AttributeValue></saml:Attribute></saml:AttributeStatement><saml:AuthenticationStatement AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2014-10-11T01:57:52.786Z"><saml:Subject><saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">11111</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject></saml:AuthenticationStatement><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>11112412434fgvwefb24rb=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>yc2hltEY1z/0zgEdUKdIo9K8BAauLYCvEM21Jrasdnvkadsjv9834759384utfhwrgEDSDGSDFG34543fFFwdffeeeeCfnoRal7Q1PXtxwsDqg/maesA7/1eYG75Q6/MyB5s+GZqUDK5Sif1XXseTe3hbocz/dMfVIeHKZ/BJ9iKdjI+WhDJspJ282sCu9e31h0CKEEgHwwe3U+0iwtwXrBxJKi9wNrrShez7CW+18jz2bQ+hFxsLYpuXSskOgeB6wza5BR9QjLHjjntqchVZOgZNQzmnULQBXIbPHGvrcKZZ1+05y27505B8T1jOopN6ncdic2b3tt712n/lDbtQCBKOUp5A0ZIP8nupkUE4lvIE0qFiETrWFKbRKgNLzPSS8Fb0ITuq5FPQRNDZkYebVqBvQavd7T8qx9RnhXwJNYBABxZ2NgicCT1QnAhPwyU4vvMaSeCbguAsbO0z6IM9Y6pzLe6eehvzh2/WfIckEExeHvPTEZZWMiA16msBSWLX+NkVMLfVBj8GA2sK7Qj4wnvK6ip+8x5PBl5z3Ra8p7MXsDVnunZcl5LnjBM7Z0puX9vT79xVuJ7+q3jD6GRjiH0XZr4yZXCJk2Ipfq9P4S+8fT50=</ds:SignatureValue><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"><X509Data><X509Certificate>vwbeiurkjbhvnsfbMMWEFGVWERBwbdfefwbbFowITEfMB0GA1UEAxMWbXNmdC5zdHMubWljcm9zb2Z0LmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMsKK87jKV6UdjZWE5gu2lUecEJeBH35aEG89U9fAXqRIbsmkAgnZAqtmD3dw4W0edvOMW0YxLejvHpxrrei4Hc3KOYczFaiJGOxeir6Fymk5cOJ0x3ioJGSCn/X0J0vka6sUijwUlFzaqOyTO5YP23AzSu2a39SUxBCVNqgkGrbjMp4xl1LP6rYrNc1QG/aBGvT0od0oXF4Hy5uiCxqq49Wb+QjCyJ76+1kzkWHTK18r8vOG9GxfWfNeshT9W9XoT9ChgRcxIHt/Y2ZUrOT86ldpakld58gTq1E0l5jho3CZPAnZjnwBhYv9bUgsgwHUU29Ceig/iqdjUDzS50F4pn2pcncoWGmrQP3hOEvJRCs0BWz6+VW/ATV5TGknsLDfq89c5b69haZ3fiDQmU+RZQBIsLEcrRs3Vyld++rmM7OdfZ4CAbo8l3F4ONpHczWfNKhGnor4GH0vC6G5gR3otWCdM6bcrNCYjm4PEVaF0I5+94PvJ2SkaGL4k86u+Ns4OpFLGawC5D3bq0SPMgsUWbXzq4VXq946fewWLV4Jh4mvRkVdsb1egk78rzQdpeqfiq9Ax6W6wRLCIFUiicymITQw/mn646OvwR2mTMc2M+BfW9a35MwfZfyMG/PdZc7nl2Alvuiw1Wk6M3C2xcS8Hpu9unnacXujRr/FbgnaKwnAgMBAAGjdTBzMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBSBgNVHQEESzBJgBBsOlmxcrgqKZ1x+s8zuEDRoSMwITEfMB0GA1UEAxMWbXNmdC5zdHMubWljcm9zb2Z0LmNvbYIQYvo/wNRpcL5JZi8e/Z4hBzANBgkqhkiG9w0BAQsFAAOCAgEAQbiCZJWFH9zaGaPlT77Jq9bWoH6fqZRrNIDuVXM7h+g7E8Xj5Demi16WrRSTR8Ff1uNV0n5tdbLu4C9rEU4RrZjFOJXGGsQZD85y8Jq3tcZ6RZSU6ie3tzvpl5Yhe0o1xfuUvI43VxJWFzW7LHzHyzoDeFNhSuplWfGkQfdjs9yGLTYflIDVCigXv94Wv949HckiG1+PST9ai9jST6NCkeqElm5zoZHxo+haYIRMma4lL7/AO3uYhey5bKYyIHyWTAZcJBKqO2RrWuOtZWthK/gL0yTeGrGXFQvHbfUwEA/lBdUka/x8m59hzSCS2c0f/GZbrBGq6mOrl4NSrJSck4KJnQDbdYzyP2kIVWwjlYMNbFWXE0e2lxm6T28Znhh0wtqrBDyQIxDFpt/bdw9I5OsXmXvjRYlVXP1gmHebuhL9wA3A9BKUaTNf2BTfvWdYnBwbRq98vB4RSAwWRLjv9bizB9JkmMUSmPS9Z5juPMmkbTpcmn8RUUPLGDpuFYMB0dXpGtG+oJ40wHeYZCvfBU1tuXuB+RTxkPsXzF4WEf6sei0VCgs+ir0mULF9L++Bc0INn9VpZoOpDE9pX7jMn9jkutClaxVOirysvYcOAy092MHo3uR6opH9U9vzWJrQULxPOdT+GVwLJ2ZgSmYC14tsr37vbC8WAD5E1zyfGPU=</X509Certificate></X509Data></KeyInfo></ds:Signature></saml:Assertion>

data/spec/fixtures/wstrust/too_many_security_tokens.xml

@@ -0,0 +1,219 @@
+<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
+  xmlns:a="http://www.w3.org/2005/08/addressing"
+  xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
+  <s:Header>
+    <a:Action s:mustUnderstand="1">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTRC/IssueFinal</a:Action>
+    <o:Security s:mustUnderstand="1"
+      xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
+      <u:Timestamp u:Id="_0">
+        <u:Created>2014-10-11T01:57:52.927Z</u:Created>
+        <u:Expires>2014-10-11T02:02:52.927Z</u:Expires>
+      </u:Timestamp>
+    </o:Security>
+  </s:Header>
+  <s:Body>
+    <trust:RequestSecurityTokenResponseCollection
+      xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">
+      <trust:RequestSecurityTokenResponse>
+        <trust:Lifetime>
+          <wsu:Created
+            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-10-11T01:57:52.802Z</wsu:Created>
+          <wsu:Expires
+            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2014-10-11T02:57:52.802Z</wsu:Expires>
+        </trust:Lifetime>
+        <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
+          <wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing">
+            <wsa:Address>urn:federation:MicrosoftOnline</wsa:Address>
+          </wsa:EndpointReference>
+        </wsp:AppliesTo>
+        <trust:RequestedSecurityToken>
+          <saml:Assertion MajorVersion="1" MinorVersion="1"
+            AssertionID="_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e" Issuer="urn:federation:MSFT"
+            IssueInstant="2014-10-11T01:57:52.927Z" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+            <saml:Conditions NotBefore="2014-10-11T01:57:52.802Z"
+              NotOnOrAfter="2014-10-11T02:57:52.802Z">
+              <saml:AudienceRestrictionCondition>
+                <saml:Audience>urn:federation:MicrosoftOnline</saml:Audience>
+              </saml:AudienceRestrictionCondition>
+            </saml:Conditions>
+            <saml:AttributeStatement>
+              <saml:Subject>
+                <saml:NameIdentifier
+                  Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">11111</saml:NameIdentifier>
+                <saml:SubjectConfirmation>
+                  <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
+                  </saml:ConfirmationMethod>
+                </saml:SubjectConfirmation>
+              </saml:Subject>
+              <saml:Attribute AttributeName="UPN"
+                AttributeNamespace="http://schemas.xmlsoap.org/claims">
+                <saml:AttributeValue>sdfb4@vsfdbs.com</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="objectGUID"
+                AttributeNamespace="http://tempuri.com">
+                <saml:AttributeValue>sefgbw4w4tbwrtb==
+                </saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="PersonnelNumber"
+                AttributeNamespace="http://schemas.xmlsoap.org/claims">
+                <saml:AttributeValue>11111</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="ImmutableID"
+                AttributeNamespace="http://schemas.microsoft.com/LiveID/Federation/2008/05">
+                <saml:AttributeValue>11111</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="insidecorporatenetwork"
+                AttributeNamespace="http://schemas.microsoft.com/ws/2012/01">
+                <saml:AttributeValue>true</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="psso"
+                AttributeNamespace="http://schemas.microsoft.com/2014/03">
+                <saml:AttributeValue>true</saml:AttributeValue>
+              </saml:Attribute>
+            </saml:AttributeStatement>
+            <saml:AuthenticationStatement
+              AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"
+              AuthenticationInstant="2014-10-11T01:57:52.786Z">
+              <saml:Subject>
+                <saml:NameIdentifier
+                  Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">11111</saml:NameIdentifier>
+                <saml:SubjectConfirmation>
+                  <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
+                  </saml:ConfirmationMethod>
+                </saml:SubjectConfirmation>
+              </saml:Subject>
+            </saml:AuthenticationStatement>
+            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+              <ds:SignedInfo>
+                <ds:CanonicalizationMethod
+                  Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+                <ds:Reference URI="#_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e">
+                  <ds:Transforms>
+                    <ds:Transform
+                      Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                  </ds:Transforms>
+                  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+                  <ds:DigestValue>11112412434fgvwefb24rb=</ds:DigestValue>
+                </ds:Reference>
+              </ds:SignedInfo>
+              <ds:SignatureValue>yc2hltEY1z/0zgEdUKdIo9K8BAauLYCvEM21Jrasdnvkadsjv9834759384utfhwrgEDSDGSDFG34543fFFwdffeeeeCfnoRal7Q1PXtxwsDqg/maesA7/1eYG75Q6/MyB5s+GZqUDK5Sif1XXseTe3hbocz/dMfVIeHKZ/BJ9iKdjI+WhDJspJ282sCu9e31h0CKEEgHwwe3U+0iwtwXrBxJKi9wNrrShez7CW+18jz2bQ+hFxsLYpuXSskOgeB6wza5BR9QjLHjjntqchVZOgZNQzmnULQBXIbPHGvrcKZZ1+05y27505B8T1jOopN6ncdic2b3tt712n/lDbtQCBKOUp5A0ZIP8nupkUE4lvIE0qFiETrWFKbRKgNLzPSS8Fb0ITuq5FPQRNDZkYebVqBvQavd7T8qx9RnhXwJNYBABxZ2NgicCT1QnAhPwyU4vvMaSeCbguAsbO0z6IM9Y6pzLe6eehvzh2/WfIckEExeHvPTEZZWMiA16msBSWLX+NkVMLfVBj8GA2sK7Qj4wnvK6ip+8x5PBl5z3Ra8p7MXsDVnunZcl5LnjBM7Z0puX9vT79xVuJ7+q3jD6GRjiH0XZr4yZXCJk2Ipfq9P4S+8fT50=
+              </ds:SignatureValue>
+              <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+                <X509Data>
+                  <X509Certificate>vwbeiurkjbhvnsfbMMWEFGVWERBwbdfefwbbFowITEfMB0GA1UEAxMWbXNmdC5zdHMubWljcm9zb2Z0LmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMsKK87jKV6UdjZWE5gu2lUecEJeBH35aEG89U9fAXqRIbsmkAgnZAqtmD3dw4W0edvOMW0YxLejvHpxrrei4Hc3KOYczFaiJGOxeir6Fymk5cOJ0x3ioJGSCn/X0J0vka6sUijwUlFzaqOyTO5YP23AzSu2a39SUxBCVNqgkGrbjMp4xl1LP6rYrNc1QG/aBGvT0od0oXF4Hy5uiCxqq49Wb+QjCyJ76+1kzkWHTK18r8vOG9GxfWfNeshT9W9XoT9ChgRcxIHt/Y2ZUrOT86ldpakld58gTq1E0l5jho3CZPAnZjnwBhYv9bUgsgwHUU29Ceig/iqdjUDzS50F4pn2pcncoWGmrQP3hOEvJRCs0BWz6+VW/ATV5TGknsLDfq89c5b69haZ3fiDQmU+RZQBIsLEcrRs3Vyld++rmM7OdfZ4CAbo8l3F4ONpHczWfNKhGnor4GH0vC6G5gR3otWCdM6bcrNCYjm4PEVaF0I5+94PvJ2SkaGL4k86u+Ns4OpFLGawC5D3bq0SPMgsUWbXzq4VXq946fewWLV4Jh4mvRkVdsb1egk78rzQdpeqfiq9Ax6W6wRLCIFUiicymITQw/mn646OvwR2mTMc2M+BfW9a35MwfZfyMG/PdZc7nl2Alvuiw1Wk6M3C2xcS8Hpu9unnacXujRr/FbgnaKwnAgMBAAGjdTBzMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBSBgNVHQEESzBJgBBsOlmxcrgqKZ1x+s8zuEDRoSMwITEfMB0GA1UEAxMWbXNmdC5zdHMubWljcm9zb2Z0LmNvbYIQYvo/wNRpcL5JZi8e/Z4hBzANBgkqhkiG9w0BAQsFAAOCAgEAQbiCZJWFH9zaGaPlT77Jq9bWoH6fqZRrNIDuVXM7h+g7E8Xj5Demi16WrRSTR8Ff1uNV0n5tdbLu4C9rEU4RrZjFOJXGGsQZD85y8Jq3tcZ6RZSU6ie3tzvpl5Yhe0o1xfuUvI43VxJWFzW7LHzHyzoDeFNhSuplWfGkQfdjs9yGLTYflIDVCigXv94Wv949HckiG1+PST9ai9jST6NCkeqElm5zoZHxo+haYIRMma4lL7/AO3uYhey5bKYyIHyWTAZcJBKqO2RrWuOtZWthK/gL0yTeGrGXFQvHbfUwEA/lBdUka/x8m59hzSCS2c0f/GZbrBGq6mOrl4NSrJSck4KJnQDbdYzyP2kIVWwjlYMNbFWXE0e2lxm6T28Znhh0wtqrBDyQIxDFpt/bdw9I5OsXmXvjRYlVXP1gmHebuhL9wA3A9BKUaTNf2BTfvWdYnBwbRq98vB4RSAwWRLjv9bizB9JkmMUSmPS9Z5juPMmkbTpcmn8RUUPLGDpuFYMB0dXpGtG+oJ40wHeYZCvfBU1tuXuB+RTxkPsXzF4WEf6sei0VCgs+ir0mULF9L++Bc0INn9VpZoOpDE9pX7jMn9jkutClaxVOirysvYcOAy092MHo3uR6opH9U9vzWJrQULxPOdT+GVwLJ2ZgSmYC14tsr37vbC8WAD5E1zyfGPU=
+                  </X509Certificate>
+                </X509Data>
+              </KeyInfo>
+            </ds:Signature>
+          </saml:Assertion>
+        </trust:RequestedSecurityToken>
+        <trust:RequestedSecurityToken>
+          <saml:Assertion MajorVersion="1" MinorVersion="1"
+            AssertionID="_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e" Issuer="urn:federation:MSFT"
+            IssueInstant="2014-10-11T01:57:52.927Z" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+            <saml:Conditions NotBefore="2014-10-11T01:57:52.802Z"
+              NotOnOrAfter="2014-10-11T02:57:52.802Z">
+              <saml:AudienceRestrictionCondition>
+                <saml:Audience>urn:federation:MicrosoftOnline</saml:Audience>
+              </saml:AudienceRestrictionCondition>
+            </saml:Conditions>
+            <saml:AttributeStatement>
+              <saml:Subject>
+                <saml:NameIdentifier
+                  Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">11111</saml:NameIdentifier>
+                <saml:SubjectConfirmation>
+                  <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
+                  </saml:ConfirmationMethod>
+                </saml:SubjectConfirmation>
+              </saml:Subject>
+              <saml:Attribute AttributeName="UPN"
+                AttributeNamespace="http://schemas.xmlsoap.org/claims">
+                <saml:AttributeValue>sdfb4@vsfdbs.com</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="objectGUID"
+                AttributeNamespace="http://tempuri.com">
+                <saml:AttributeValue>sefgbw4w4tbwrtb==
+                </saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="PersonnelNumber"
+                AttributeNamespace="http://schemas.xmlsoap.org/claims">
+                <saml:AttributeValue>11111</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="ImmutableID"
+                AttributeNamespace="http://schemas.microsoft.com/LiveID/Federation/2008/05">
+                <saml:AttributeValue>11111</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="insidecorporatenetwork"
+                AttributeNamespace="http://schemas.microsoft.com/ws/2012/01">
+                <saml:AttributeValue>true</saml:AttributeValue>
+              </saml:Attribute>
+              <saml:Attribute AttributeName="psso"
+                AttributeNamespace="http://schemas.microsoft.com/2014/03">
+                <saml:AttributeValue>true</saml:AttributeValue>
+              </saml:Attribute>
+            </saml:AttributeStatement>
+            <saml:AuthenticationStatement
+              AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"
+              AuthenticationInstant="2014-10-11T01:57:52.786Z">
+              <saml:Subject>
+                <saml:NameIdentifier
+                  Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">11111</saml:NameIdentifier>
+                <saml:SubjectConfirmation>
+                  <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer
+                  </saml:ConfirmationMethod>
+                </saml:SubjectConfirmation>
+              </saml:Subject>
+            </saml:AuthenticationStatement>
+            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+              <ds:SignedInfo>
+                <ds:CanonicalizationMethod
+                  Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+                <ds:Reference URI="#_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e">
+                  <ds:Transforms>
+                    <ds:Transform
+                      Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+                    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+                  </ds:Transforms>
+                  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+                  <ds:DigestValue>11112412434fgvwefb24rb=</ds:DigestValue>
+                </ds:Reference>
+              </ds:SignedInfo>
+              <ds:SignatureValue>yc2hltEY1z/0zgEdUKdIo9K8BAauLYCvEM21Jrasdnvkadsjv9834759384utfhwrgEDSDGSDFG34543fFFwdffeeeeCfnoRal7Q1PXtxwsDqg/maesA7/1eYG75Q6/MyB5s+GZqUDK5Sif1XXseTe3hbocz/dMfVIeHKZ/BJ9iKdjI+WhDJspJ282sCu9e31h0CKEEgHwwe3U+0iwtwXrBxJKi9wNrrShez7CW+18jz2bQ+hFxsLYpuXSskOgeB6wza5BR9QjLHjjntqchVZOgZNQzmnULQBXIbPHGvrcKZZ1+05y27505B8T1jOopN6ncdic2b3tt712n/lDbtQCBKOUp5A0ZIP8nupkUE4lvIE0qFiETrWFKbRKgNLzPSS8Fb0ITuq5FPQRNDZkYebVqBvQavd7T8qx9RnhXwJNYBABxZ2NgicCT1QnAhPwyU4vvMaSeCbguAsbO0z6IM9Y6pzLe6eehvzh2/WfIckEExeHvPTEZZWMiA16msBSWLX+NkVMLfVBj8GA2sK7Qj4wnvK6ip+8x5PBl5z3Ra8p7MXsDVnunZcl5LnjBM7Z0puX9vT79xVuJ7+q3jD6GRjiH0XZr4yZXCJk2Ipfq9P4S+8fT50=
+              </ds:SignatureValue>
+              <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+                <X509Data>
+                  <X509Certificate>vwbeiurkjbhvnsfbMMWEFGVWERBwbdfefwbbFowITEfMB0GA1UEAxMWbXNmdC5zdHMubWljcm9zb2Z0LmNvbTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAMsKK87jKV6UdjZWE5gu2lUecEJeBH35aEG89U9fAXqRIbsmkAgnZAqtmD3dw4W0edvOMW0YxLejvHpxrrei4Hc3KOYczFaiJGOxeir6Fymk5cOJ0x3ioJGSCn/X0J0vka6sUijwUlFzaqOyTO5YP23AzSu2a39SUxBCVNqgkGrbjMp4xl1LP6rYrNc1QG/aBGvT0od0oXF4Hy5uiCxqq49Wb+QjCyJ76+1kzkWHTK18r8vOG9GxfWfNeshT9W9XoT9ChgRcxIHt/Y2ZUrOT86ldpakld58gTq1E0l5jho3CZPAnZjnwBhYv9bUgsgwHUU29Ceig/iqdjUDzS50F4pn2pcncoWGmrQP3hOEvJRCs0BWz6+VW/ATV5TGknsLDfq89c5b69haZ3fiDQmU+RZQBIsLEcrRs3Vyld++rmM7OdfZ4CAbo8l3F4ONpHczWfNKhGnor4GH0vC6G5gR3otWCdM6bcrNCYjm4PEVaF0I5+94PvJ2SkaGL4k86u+Ns4OpFLGawC5D3bq0SPMgsUWbXzq4VXq946fewWLV4Jh4mvRkVdsb1egk78rzQdpeqfiq9Ax6W6wRLCIFUiicymITQw/mn646OvwR2mTMc2M+BfW9a35MwfZfyMG/PdZc7nl2Alvuiw1Wk6M3C2xcS8Hpu9unnacXujRr/FbgnaKwnAgMBAAGjdTBzMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATBSBgNVHQEESzBJgBBsOlmxcrgqKZ1x+s8zuEDRoSMwITEfMB0GA1UEAxMWbXNmdC5zdHMubWljcm9zb2Z0LmNvbYIQYvo/wNRpcL5JZi8e/Z4hBzANBgkqhkiG9w0BAQsFAAOCAgEAQbiCZJWFH9zaGaPlT77Jq9bWoH6fqZRrNIDuVXM7h+g7E8Xj5Demi16WrRSTR8Ff1uNV0n5tdbLu4C9rEU4RrZjFOJXGGsQZD85y8Jq3tcZ6RZSU6ie3tzvpl5Yhe0o1xfuUvI43VxJWFzW7LHzHyzoDeFNhSuplWfGkQfdjs9yGLTYflIDVCigXv94Wv949HckiG1+PST9ai9jST6NCkeqElm5zoZHxo+haYIRMma4lL7/AO3uYhey5bKYyIHyWTAZcJBKqO2RrWuOtZWthK/gL0yTeGrGXFQvHbfUwEA/lBdUka/x8m59hzSCS2c0f/GZbrBGq6mOrl4NSrJSck4KJnQDbdYzyP2kIVWwjlYMNbFWXE0e2lxm6T28Znhh0wtqrBDyQIxDFpt/bdw9I5OsXmXvjRYlVXP1gmHebuhL9wA3A9BKUaTNf2BTfvWdYnBwbRq98vB4RSAwWRLjv9bizB9JkmMUSmPS9Z5juPMmkbTpcmn8RUUPLGDpuFYMB0dXpGtG+oJ40wHeYZCvfBU1tuXuB+RTxkPsXzF4WEf6sei0VCgs+ir0mULF9L++Bc0INn9VpZoOpDE9pX7jMn9jkutClaxVOirysvYcOAy092MHo3uR6opH9U9vzWJrQULxPOdT+GVwLJ2ZgSmYC14tsr37vbC8WAD5E1zyfGPU=
+                  </X509Certificate>
+                </X509Data>
+              </KeyInfo>
+            </ds:Signature>
+          </saml:Assertion>
+        </trust:RequestedSecurityToken>
+        <trust:RequestedAttachedReference>
+          <o:SecurityTokenReference
+            k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
+            xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+            xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
+            <o:KeyIdentifier
+              ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e</o:KeyIdentifier>
+          </o:SecurityTokenReference>
+        </trust:RequestedAttachedReference>
+        <trust:RequestedUnattachedReference>
+          <o:SecurityTokenReference
+            k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
+            xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
+            xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
+            <o:KeyIdentifier
+              ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">_3ad77714-87a7-4ec5-b3e8-dfd2ef68a49e</o:KeyIdentifier>
+          </o:SecurityTokenReference>
+        </trust:RequestedUnattachedReference>
+        <trust:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</trust:TokenType>
+        <trust:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</trust:RequestType>
+        <trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType>
+      </trust:RequestSecurityTokenResponse>
+    </trust:RequestSecurityTokenResponseCollection>
+  </s:Body>
+</s:Envelope>