Search in sources :

Example 6 with COTException

use of com.sun.identity.cot.COTException in project OpenAM by OpenRock.

the class SAML2IDPProxyImpl method getPreferredIDP.

/**
     * Returns a list of preferred IDP providerIDs.
     * @param authnRequest original authnrequest
     * @param hostProviderID ProxyIDP providerID.
     * @param realm Realm
     * @param request HttpServletRequest
     * @param response HttpServletResponse
     * @return a list of providerID's of the authenticating providers to be
     *     proxied or <code>null</code> to disable the proxying and continue
     *     for the localauthenticating provider.
     * @exception SAML2Exception if error occurs.
     */
public List getPreferredIDP(AuthnRequest authnRequest, String hostProviderID, String realm, HttpServletRequest request, HttpServletResponse response) throws SAML2Exception {
    String classMethod = "SAML2IDPProxyImpl.getPreferredIDP:";
    if (SAML2Utils.debug.messageEnabled()) {
        SAML2Utils.debug.message(classMethod + "Init.");
    }
    try {
        SAML2MetaManager sm = new SAML2MetaManager();
        // Retreive MetaData
        if (sm == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("errorMetaManager"));
        }
        SPSSOConfigElement spEntityCfg = sm.getSPSSOConfig(realm, authnRequest.getIssuer().getValue());
        Map spConfigAttrsMap = null;
        if (spEntityCfg != null) {
            spConfigAttrsMap = SAML2MetaUtils.getAttributes(spEntityCfg);
        }
        String useIntroductionForProxying = SPSSOFederate.getParameter(spConfigAttrsMap, SAML2Constants.USE_INTRODUCTION_FOR_IDP_PROXY);
        List providerIDs = new ArrayList();
        if (useIntroductionForProxying == null || !useIntroductionForProxying.equals("true")) {
            List proxyIDPs = null;
            if ((spConfigAttrsMap != null) && (!spConfigAttrsMap.isEmpty())) {
                proxyIDPs = (List) spConfigAttrsMap.get(SAML2Constants.IDP_PROXY_LIST);
            }
            if (proxyIDPs == null || proxyIDPs.isEmpty()) {
                SAML2Utils.debug.error("SAML2IDPProxyImpl.getPrefferedIDP:" + "Preferred IDPs are null.");
                return null;
            }
            providerIDs.add(proxyIDPs.iterator().next());
            return providerIDs;
        } else {
            /* IDP Proxy with introduction cookie case*/
            String idpEntityID = null;
            List cotList = (List) spConfigAttrsMap.get("cotlist");
            String cotListStr = (String) cotList.iterator().next();
            CircleOfTrustManager cotManager = new CircleOfTrustManager();
            CircleOfTrustDescriptor cotDesc = cotManager.getCircleOfTrust(realm, cotListStr);
            String readerURL = cotDesc.getSAML2ReaderServiceURL();
            if (SAML2Utils.debug.messageEnabled()) {
                SAML2Utils.debug.message(classMethod + "SAMLv2 idp" + "discovery reader URL = " + readerURL);
            }
            if (readerURL != null && (!readerURL.equals(""))) {
                String rID = SAML2Utils.generateID();
                String redirectURL = SAML2Utils.getRedirectURL(readerURL, rID, request);
                if (SAML2Utils.debug.messageEnabled()) {
                    SAML2Utils.debug.error(classMethod + "Redirect url = " + redirectURL);
                }
                if (redirectURL != null) {
                    response.sendRedirect(redirectURL);
                    Map aMap = new HashMap();
                    SPCache.reqParamHash.put(rID, aMap);
                    providerIDs.add(rID);
                    return providerIDs;
                }
            }
        }
        return null;
    } catch (SAML2MetaException ex) {
        SAML2Utils.debug.error(classMethod + "meta Exception in retrieving the preferred IDP", ex);
        return null;
    } catch (COTException sme) {
        SAML2Utils.debug.error(classMethod + "Error retreiving COT ", sme);
        return null;
    } catch (Exception e) {
        SAML2Utils.debug.error(classMethod + "Exception in retrieving the preferred IDP", e);
        return null;
    }
}
Also used : CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager) HashMap(java.util.HashMap) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) ArrayList(java.util.ArrayList) CircleOfTrustDescriptor(com.sun.identity.cot.CircleOfTrustDescriptor) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) COTException(com.sun.identity.cot.COTException) COTException(com.sun.identity.cot.COTException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) ArrayList(java.util.ArrayList) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 7 with COTException

use of com.sun.identity.cot.COTException in project OpenAM by OpenRock.

the class ConfigureGoogleApps method updateSPMeta.

private void updateSPMeta(String realm, String cot, String domainId) throws WorkflowException {
    String metadata = "<EntityDescriptor entityID=\"google.com/a/" + domainId + "\"" + " xmlns=\"urn" + ":oasis:names:tc:SAML:2.0:metadata\">" + "<SPSSODescriptor protocolSupportEnumeration=\"urn:oasis:nam" + "es:tc:SAML:2.0:protocol\"> <NameIDFormat>urn:oasis:names:t" + "c:SAML:1.1:nameid-format:unspecified</NameIDFormat>" + "<AssertionConsumerService index=\"1\" Binding=\"urn:oasis:na" + "mes:tc:SAML:2.0:bindings:HTTP-POST\"" + " Location=\"https://www.google.com/a/" + domainId + "/acs\" />" + "</SPSSODescriptor></EntityDescriptor>";
    String extendedMeta = null;
    try {
        EntityDescriptorElement e = SAML2MetaUtils.getEntityDescriptorElement(metadata);
        String eId = e.getEntityID();
        String metaAlias = generateMetaAliasForSP(realm);
        Map map = new HashMap();
        map.put(MetaTemplateParameters.P_SP, metaAlias);
        extendedMeta = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(eId, map, null, false);
    } catch (SAML2MetaException ex) {
        throw new WorkflowException(ex.getMessage());
    } catch (JAXBException ex) {
        throw new WorkflowException(ex.getMessage());
    }
    String[] results = ImportSAML2MetaData.importData(realm, metadata, extendedMeta);
    String entityId = results[1];
    if ((cot != null) && (cot.length() > 0)) {
        try {
            AddProviderToCOT.addToCOT(realm, cot, entityId);
        } catch (COTException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
}
Also used : HashMap(java.util.HashMap) JAXBException(javax.xml.bind.JAXBException) COTException(com.sun.identity.cot.COTException) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) HashMap(java.util.HashMap) Map(java.util.Map) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 8 with COTException

use of com.sun.identity.cot.COTException in project OpenAM by OpenRock.

the class ConfigureSalesForceApps method updateSPMeta.

private void updateSPMeta(String entityId, String realm, String cot, List attrMapping) throws WorkflowException {
    String extendedMeta = null;
    String localMetadata = null;
    try {
        localMetadata = METADATA.replace(ENTITY_ID_PLACEHOLDER, entityId);
        EntityDescriptorElement e = SAML2MetaUtils.getEntityDescriptorElement(localMetadata);
        String eId = e.getEntityID();
        String metaAlias = generateMetaAliasForSP(realm);
        Map map = new HashMap();
        map.put(MetaTemplateParameters.P_SP, metaAlias);
        extendedMeta = createExtendedDataTemplate(eId, false);
    } catch (SAML2MetaException ex) {
        throw new WorkflowException(ex.getMessage());
    } catch (JAXBException ex) {
        throw new WorkflowException(ex.getMessage());
    }
    String[] results = ImportSAML2MetaData.importData(realm, localMetadata, extendedMeta);
    String configuredEntityId = results[1];
    if ((cot != null) && (cot.length() > 0)) {
        try {
            AddProviderToCOT.addToCOT(realm, cot, configuredEntityId);
        } catch (COTException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
    try {
        if (!attrMapping.isEmpty()) {
            SAML2MetaManager manager = new SAML2MetaManager();
            EntityConfigElement config = manager.getEntityConfig(realm, configuredEntityId);
            SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, configuredEntityId);
            if (ssoConfig != null) {
                ObjectFactory objFactory = new ObjectFactory();
                AttributeType avp = objFactory.createAttributeElement();
                String key = SAML2Constants.ATTRIBUTE_MAP;
                avp.setName(key);
                avp.getValue().addAll(attrMapping);
                ssoConfig.getAttribute().add(avp);
            }
            manager.setEntityConfig(realm, config);
        }
    } catch (SAML2MetaException e) {
        throw new WorkflowException(e.getMessage());
    } catch (JAXBException e) {
        throw new WorkflowException(e.getMessage());
    }
}
Also used : HashMap(java.util.HashMap) JAXBException(javax.xml.bind.JAXBException) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) COTException(com.sun.identity.cot.COTException) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) ObjectFactory(com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory) AttributeType(com.sun.identity.saml2.jaxb.entityconfig.AttributeType) HashMap(java.util.HashMap) Map(java.util.Map) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 9 with COTException

use of com.sun.identity.cot.COTException in project OpenAM by OpenRock.

the class CreateHostedIDP method execute.

/**
     * Creates hosted identity provider.
     *
     * @param locale Locale of the Request
     * @param params Map of creation parameters.
     */
public String execute(Locale locale, Map params) throws WorkflowException {
    validateParameters(params);
    String metadataFile = getString(params, ParameterKeys.P_META_DATA);
    boolean hasMetaData = (metadataFile != null) && (metadataFile.trim().length() > 0);
    String metadata = null;
    String extendedData = null;
    if (hasMetaData) {
        String extendedDataFile = getString(params, ParameterKeys.P_EXTENDED_DATA);
        metadata = getContent(metadataFile, locale);
        extendedData = getContent(extendedDataFile, locale);
    } else {
        String entityId = getString(params, ParameterKeys.P_ENTITY_ID);
        String metaAlias = generateMetaAliasForIDP(getString(params, ParameterKeys.P_REALM));
        Map map = new HashMap();
        map.put(MetaTemplateParameters.P_IDP, metaAlias);
        map.put(MetaTemplateParameters.P_IDP_E_CERT, getString(params, ParameterKeys.P_IDP_E_CERT));
        map.put(MetaTemplateParameters.P_IDP_S_CERT, getString(params, ParameterKeys.P_IDP_S_CERT));
        try {
            metadata = CreateSAML2HostedProviderTemplate.buildMetaDataTemplate(entityId, map, getRequestURL(params));
            extendedData = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(entityId, map, getRequestURL(params));
        } catch (SAML2MetaException e) {
            return e.getMessage();
        }
    }
    String[] results = ImportSAML2MetaData.importData(null, metadata, extendedData);
    String realm = results[0];
    String entityId = results[1];
    String cot = getString(params, ParameterKeys.P_COT);
    if ((cot != null) && (cot.length() > 0)) {
        try {
            AddProviderToCOT.addToCOT(realm, cot, entityId);
        } catch (COTException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
    try {
        List attrMapping = getAttributeMapping(params);
        if (!attrMapping.isEmpty()) {
            SAML2MetaManager manager = new SAML2MetaManager();
            EntityConfigElement config = manager.getEntityConfig(realm, entityId);
            IDPSSOConfigElement ssoConfig = manager.getIDPSSOConfig(realm, entityId);
            Map attribConfig = SAML2MetaUtils.getAttributes(ssoConfig);
            List mappedAttributes = (List) attribConfig.get(SAML2Constants.ATTRIBUTE_MAP);
            mappedAttributes.addAll(attrMapping);
            manager.setEntityConfig(realm, config);
        }
    } catch (SAML2MetaException e) {
        throw new WorkflowException(e.getMessage());
    }
    try {
        return getMessage("idp.configured", locale) + "|||realm=" + realm + "&entityId=" + URLEncoder.encode(entityId, "UTF-8");
    } catch (UnsupportedEncodingException e) {
        throw new WorkflowException(e.getMessage());
    }
}
Also used : HashMap(java.util.HashMap) UnsupportedEncodingException(java.io.UnsupportedEncodingException) IDPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement) COTException(com.sun.identity.cot.COTException) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 10 with COTException

use of com.sun.identity.cot.COTException in project OpenAM by OpenRock.

the class CreateHostedSP method execute.

/**
     * Creates hosted service provider.
     *
     * @param locale Locale of the Request
     * @param params Map of creation parameters.
     */
public String execute(Locale locale, Map params) throws WorkflowException {
    validateParameters(params);
    String metadataFile = getString(params, ParameterKeys.P_META_DATA);
    String defAttrMappings = getString(params, ParameterKeys.P_DEF_ATTR_MAPPING);
    boolean hasMetaData = (metadataFile != null) && (metadataFile.trim().length() > 0);
    String metadata = null;
    String extendedData = null;
    if (hasMetaData) {
        String extendedDataFile = getString(params, ParameterKeys.P_EXTENDED_DATA);
        metadata = getContent(metadataFile, locale);
        extendedData = getContent(extendedDataFile, locale);
    } else {
        String entityId = getString(params, ParameterKeys.P_ENTITY_ID);
        String metaAlias = generateMetaAliasForSP(getString(params, ParameterKeys.P_REALM));
        Map map = new HashMap();
        map.put(MetaTemplateParameters.P_SP, metaAlias);
        map.put(MetaTemplateParameters.P_SP_E_CERT, getString(params, ParameterKeys.P_SP_E_CERT));
        try {
            metadata = CreateSAML2HostedProviderTemplate.buildMetaDataTemplate(entityId, map, getRequestURL(params));
            //metadata = enableSigning(metadata);
            extendedData = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(entityId, map, getRequestURL(params));
        } catch (SAML2MetaException e) {
            return e.getMessage();
        }
    }
    String[] results = ImportSAML2MetaData.importData(null, metadata, extendedData);
    String realm = results[0];
    String entityId = results[1];
    String cot = getString(params, ParameterKeys.P_COT);
    if ((cot != null) && (cot.length() > 0)) {
        try {
            AddProviderToCOT.addToCOT(realm, cot, entityId);
        } catch (COTException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
    List attrMapping = null;
    if (defAttrMappings.equals("true")) {
        attrMapping = new ArrayList(1);
        attrMapping.add("*=*");
    } else {
        attrMapping = getAttributeMapping(params);
    }
    if (!attrMapping.isEmpty()) {
        try {
            SAML2MetaManager manager = new SAML2MetaManager();
            EntityConfigElement config = manager.getEntityConfig(realm, entityId);
            SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, entityId);
            Map attribConfig = SAML2MetaUtils.getAttributes(ssoConfig);
            List mappedAttributes = (List) attribConfig.get(SAML2Constants.ATTRIBUTE_MAP);
            mappedAttributes.addAll(attrMapping);
            manager.setEntityConfig(realm, config);
        } catch (SAML2MetaException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
    return "done|||realm=" + realm;
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) COTException(com.sun.identity.cot.COTException) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) List(java.util.List) ArrayList(java.util.ArrayList) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Aggregations

COTException (com.sun.identity.cot.COTException)42 CircleOfTrustManager (com.sun.identity.cot.CircleOfTrustManager)29 Set (java.util.Set)18 Iterator (java.util.Iterator)16 CircleOfTrustDescriptor (com.sun.identity.cot.CircleOfTrustDescriptor)15 List (java.util.List)15 Map (java.util.Map)14 ArrayList (java.util.ArrayList)13 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)12 HashMap (java.util.HashMap)11 CLIException (com.sun.identity.cli.CLIException)10 HashSet (java.util.HashSet)10 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)9 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)9 SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)7 EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)6 IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)5 JAXBException (javax.xml.bind.JAXBException)5 IDFFMetaManager (com.sun.identity.federation.meta.IDFFMetaManager)4 EntityDescriptorElement (com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement)4