Examples with Saml2ModuleAuthenticationImpl com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl used on opensource projects

Search in sources :

Example 1 with Saml2ModuleAuthenticationImpl

use of com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl in project midpoint by Evolveum.

the class MidpointSaml2WebSsoAuthenticationRequestFilter method doFilterInternal.

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    super.doFilterInternal(request, response, filterChain);
    RequestMatcher.MatchResult matcher = this.redirectMatcher.matcher(request);
    if (!matcher.isMatch()) {
        return;
    }
    Saml2AuthenticationRequestContext context = this.authenticationRequestContextResolver.resolve(request);
    if (context == null) {
        return;
    }
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication instanceof MidpointAuthentication) {
        MidpointAuthentication mpAuthentication = (MidpointAuthentication) authentication;
        Saml2ModuleAuthenticationImpl moduleAuthentication = (Saml2ModuleAuthenticationImpl) mpAuthentication.getProcessingModuleAuthentication();
        moduleAuthentication.setRequestState(RequestState.SENDED);
    }
}
Also used : RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) MidpointAuthentication(com.evolveum.midpoint.authentication.api.config.MidpointAuthentication) Authentication(org.springframework.security.core.Authentication) Saml2ModuleAuthenticationImpl(com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl) MidpointAuthentication(com.evolveum.midpoint.authentication.api.config.MidpointAuthentication) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)

Example 2 with Saml2ModuleAuthenticationImpl

use of com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl in project midpoint by Evolveum.

the class MidpointSaml2LogoutRequestResolver method resolve.

@Override
public Saml2LogoutRequest resolve(HttpServletRequest httpServletRequest, Authentication authentication) {
    Saml2AuthenticationToken token = null;
    if (authentication instanceof MidpointAuthentication) {
        ModuleAuthentication authModule = ((MidpointAuthentication) authentication).getProcessingModuleAuthentication();
        if (authModule instanceof Saml2ModuleAuthenticationImpl) {
            if (authModule.getAuthentication() instanceof Saml2AuthenticationToken) {
                token = (Saml2AuthenticationToken) authModule.getAuthentication();
            } else if ((authModule.getAuthentication() instanceof PreAuthenticatedAuthenticationToken || authModule.getAuthentication() instanceof AnonymousAuthenticationToken) && authModule.getAuthentication().getDetails() instanceof Saml2AuthenticationToken) {
                token = (Saml2AuthenticationToken) authModule.getAuthentication().getDetails();
            }
        }
    } else if (authentication instanceof AnonymousAuthenticationToken && authentication.getDetails() instanceof Saml2AuthenticationToken) {
        token = (Saml2AuthenticationToken) authentication.getDetails();
    }
    if (token != null) {
        AuthenticatedPrincipal principal = token.getDetails() instanceof AuthenticatedPrincipal ? (AuthenticatedPrincipal) token.getDetails() : null;
        if (!(principal instanceof Saml2AuthenticatedPrincipal)) {
            String name = token.getRelyingPartyRegistration().getEntityId();
            String relyingPartyRegistrationId = token.getRelyingPartyRegistration().getRegistrationId();
            principal = new Saml2AuthenticatedPrincipal() {

                @Override
                public String getName() {
                    return name;
                }

                @Override
                public String getRelyingPartyRegistrationId() {
                    return relyingPartyRegistrationId;
                }
            };
        }
        return resolver.resolve(httpServletRequest, new Saml2Authentication(principal, token.getSaml2Response(), null));
    }
    return resolver.resolve(httpServletRequest, authentication);
}
Also used : ModuleAuthentication(com.evolveum.midpoint.authentication.api.config.ModuleAuthentication) Saml2Authentication(org.springframework.security.saml2.provider.service.authentication.Saml2Authentication) PreAuthenticatedAuthenticationToken(org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken) Saml2ModuleAuthenticationImpl(com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl) AnonymousAuthenticationToken(org.springframework.security.authentication.AnonymousAuthenticationToken) MidpointAuthentication(com.evolveum.midpoint.authentication.api.config.MidpointAuthentication) Saml2AuthenticationToken(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken) Saml2AuthenticatedPrincipal(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal) Saml2AuthenticatedPrincipal(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal) AuthenticatedPrincipal(org.springframework.security.core.AuthenticatedPrincipal)

Example 3 with Saml2ModuleAuthenticationImpl

use of com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl in project midpoint by Evolveum.

the class Saml2Provider method internalAuthentication.

@Override
protected Authentication internalAuthentication(Authentication authentication, List requireAssignment, AuthenticationChannel channel, Class focusType) throws AuthenticationException {
    Authentication token;
    if (authentication instanceof Saml2AuthenticationToken) {
        Saml2AuthenticationToken samlAuthenticationToken = (Saml2AuthenticationToken) authentication;
        Saml2Authentication samlAuthentication;
        try {
            samlAuthentication = (Saml2Authentication) openSamlProvider.authenticate(samlAuthenticationToken);
        } catch (AuthenticationException e) {
            getAuditProvider().auditLoginFailure(null, null, createConnectEnvironment(getChannel()), e.getMessage());
            throw e;
        }
        Saml2ModuleAuthenticationImpl samlModule = (Saml2ModuleAuthenticationImpl) AuthUtil.getProcessingModule();
        try {
            DefaultSaml2AuthenticatedPrincipal principal = (DefaultSaml2AuthenticatedPrincipal) samlAuthentication.getPrincipal();
            samlAuthenticationToken.setDetails(principal);
            Map<String, List<Object>> attributes = principal.getAttributes();
            String enteredUsername;
            SamlAdditionalConfiguration config = samlModule.getAdditionalConfiguration().get(samlAuthenticationToken.getRelyingPartyRegistration().getRegistrationId());
            String nameOfSamlAttribute = config.getNameOfUsernameAttribute();
            enteredUsername = defineEnteredUsername(attributes, nameOfSamlAttribute);
            token = getPreAuthenticationToken(enteredUsername, focusType, requireAssignment, channel);
        } catch (AuthenticationException e) {
            samlModule.setAuthentication(samlAuthenticationToken);
            LOGGER.info("Authentication with saml module failed: {}", e.getMessage());
            throw e;
        }
    } else {
        LOGGER.error("Unsupported authentication {}", authentication);
        throw new AuthenticationServiceException("web.security.provider.unavailable");
    }
    MidPointPrincipal principal = (MidPointPrincipal) token.getPrincipal();
    LOGGER.debug("User '{}' authenticated ({}), authorities: {}", authentication.getPrincipal(), authentication.getClass().getSimpleName(), principal.getAuthorities());
    return token;
}
Also used : AuthenticationException(org.springframework.security.core.AuthenticationException) Saml2Authentication(org.springframework.security.saml2.provider.service.authentication.Saml2Authentication) Authentication(org.springframework.security.core.Authentication) Saml2Authentication(org.springframework.security.saml2.provider.service.authentication.Saml2Authentication) SamlAdditionalConfiguration(com.evolveum.midpoint.authentication.impl.module.configuration.SamlAdditionalConfiguration) DefaultSaml2AuthenticatedPrincipal(org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal) Saml2ModuleAuthenticationImpl(com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl) List(java.util.List) Saml2AuthenticationToken(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken) AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException) MidPointPrincipal(com.evolveum.midpoint.security.api.MidPointPrincipal)

Example 4 with Saml2ModuleAuthenticationImpl

use of com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl in project midpoint by Evolveum.

the class Saml2ModuleFactory method createEmptyModuleAuthentication.

public ModuleAuthenticationImpl createEmptyModuleAuthentication(SamlModuleWebSecurityConfiguration configuration, ServletRequest request) {
    Saml2ModuleAuthenticationImpl moduleAuthentication = new Saml2ModuleAuthenticationImpl();
    List<IdentityProvider> providers = new ArrayList<>();
    configuration.getRelyingPartyRegistrationRepository().forEach(p -> {
        String authRequestPrefixUrl = request.getServletContext().getContextPath() + configuration.getPrefixOfModule() + RemoteModuleAuthenticationImpl.AUTHENTICATION_REQUEST_PROCESSING_URL_SUFFIX_WITH_REG_ID;
        SamlAdditionalConfiguration config = configuration.getAdditionalConfiguration().get(p.getRegistrationId());
        IdentityProvider mp = new IdentityProvider().setLinkText(config.getLinkText()).setRedirectLink(authRequestPrefixUrl.replace("{registrationId}", p.getRegistrationId()));
        providers.add(mp);
    });
    moduleAuthentication.setProviders(providers);
    moduleAuthentication.setAdditionalConfiguration(configuration.getAdditionalConfiguration());
    moduleAuthentication.setNameOfModule(configuration.getNameOfModule());
    moduleAuthentication.setPrefix(configuration.getPrefixOfModule());
    return moduleAuthentication;
}
Also used : SamlAdditionalConfiguration(com.evolveum.midpoint.authentication.impl.module.configuration.SamlAdditionalConfiguration) ArrayList(java.util.ArrayList) Saml2ModuleAuthenticationImpl(com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl) IdentityProvider(com.evolveum.midpoint.authentication.api.IdentityProvider)

Aggregations

Saml2ModuleAuthenticationImpl (com.evolveum.midpoint.authentication.impl.module.authentication.Saml2ModuleAuthenticationImpl)4 MidpointAuthentication (com.evolveum.midpoint.authentication.api.config.MidpointAuthentication)2 SamlAdditionalConfiguration (com.evolveum.midpoint.authentication.impl.module.configuration.SamlAdditionalConfiguration)2 Authentication (org.springframework.security.core.Authentication)2 Saml2Authentication (org.springframework.security.saml2.provider.service.authentication.Saml2Authentication)2 Saml2AuthenticationToken (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationToken)2 IdentityProvider (com.evolveum.midpoint.authentication.api.IdentityProvider)1 ModuleAuthentication (com.evolveum.midpoint.authentication.api.config.ModuleAuthentication)1 MidPointPrincipal (com.evolveum.midpoint.security.api.MidPointPrincipal)1 ArrayList (java.util.ArrayList)1 List (java.util.List)1 AnonymousAuthenticationToken (org.springframework.security.authentication.AnonymousAuthenticationToken)1 AuthenticationServiceException (org.springframework.security.authentication.AuthenticationServiceException)1 AuthenticatedPrincipal (org.springframework.security.core.AuthenticatedPrincipal)1 AuthenticationException (org.springframework.security.core.AuthenticationException)1 DefaultSaml2AuthenticatedPrincipal (org.springframework.security.saml2.provider.service.authentication.DefaultSaml2AuthenticatedPrincipal)1 Saml2AuthenticatedPrincipal (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal)1 Saml2AuthenticationRequestContext (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)1 PreAuthenticatedAuthenticationToken (org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationToken)1 AntPathRequestMatcher (org.springframework.security.web.util.matcher.AntPathRequestMatcher)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial