use of com.sun.identity.cot.COTException in project OpenAM by OpenRock.
the class SAML2IDPProxyImpl method getPreferredIDP.
/**
* Returns a list of preferred IDP providerIDs.
* @param authnRequest original authnrequest
* @param hostProviderID ProxyIDP providerID.
* @param realm Realm
* @param request HttpServletRequest
* @param response HttpServletResponse
* @return a list of providerID's of the authenticating providers to be
* proxied or <code>null</code> to disable the proxying and continue
* for the localauthenticating provider.
* @exception SAML2Exception if error occurs.
*/
public List getPreferredIDP(AuthnRequest authnRequest, String hostProviderID, String realm, HttpServletRequest request, HttpServletResponse response) throws SAML2Exception {
String classMethod = "SAML2IDPProxyImpl.getPreferredIDP:";
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "Init.");
}
try {
SAML2MetaManager sm = new SAML2MetaManager();
// Retreive MetaData
if (sm == null) {
throw new SAML2Exception(SAML2Utils.bundle.getString("errorMetaManager"));
}
SPSSOConfigElement spEntityCfg = sm.getSPSSOConfig(realm, authnRequest.getIssuer().getValue());
Map spConfigAttrsMap = null;
if (spEntityCfg != null) {
spConfigAttrsMap = SAML2MetaUtils.getAttributes(spEntityCfg);
}
String useIntroductionForProxying = SPSSOFederate.getParameter(spConfigAttrsMap, SAML2Constants.USE_INTRODUCTION_FOR_IDP_PROXY);
List providerIDs = new ArrayList();
if (useIntroductionForProxying == null || !useIntroductionForProxying.equals("true")) {
List proxyIDPs = null;
if ((spConfigAttrsMap != null) && (!spConfigAttrsMap.isEmpty())) {
proxyIDPs = (List) spConfigAttrsMap.get(SAML2Constants.IDP_PROXY_LIST);
}
if (proxyIDPs == null || proxyIDPs.isEmpty()) {
SAML2Utils.debug.error("SAML2IDPProxyImpl.getPrefferedIDP:" + "Preferred IDPs are null.");
return null;
}
providerIDs.add(proxyIDPs.iterator().next());
return providerIDs;
} else {
/* IDP Proxy with introduction cookie case*/
String idpEntityID = null;
List cotList = (List) spConfigAttrsMap.get("cotlist");
String cotListStr = (String) cotList.iterator().next();
CircleOfTrustManager cotManager = new CircleOfTrustManager();
CircleOfTrustDescriptor cotDesc = cotManager.getCircleOfTrust(realm, cotListStr);
String readerURL = cotDesc.getSAML2ReaderServiceURL();
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.message(classMethod + "SAMLv2 idp" + "discovery reader URL = " + readerURL);
}
if (readerURL != null && (!readerURL.equals(""))) {
String rID = SAML2Utils.generateID();
String redirectURL = SAML2Utils.getRedirectURL(readerURL, rID, request);
if (SAML2Utils.debug.messageEnabled()) {
SAML2Utils.debug.error(classMethod + "Redirect url = " + redirectURL);
}
if (redirectURL != null) {
response.sendRedirect(redirectURL);
Map aMap = new HashMap();
SPCache.reqParamHash.put(rID, aMap);
providerIDs.add(rID);
return providerIDs;
}
}
}
return null;
} catch (SAML2MetaException ex) {
SAML2Utils.debug.error(classMethod + "meta Exception in retrieving the preferred IDP", ex);
return null;
} catch (COTException sme) {
SAML2Utils.debug.error(classMethod + "Error retreiving COT ", sme);
return null;
} catch (Exception e) {
SAML2Utils.debug.error(classMethod + "Exception in retrieving the preferred IDP", e);
return null;
}
}
use of com.sun.identity.cot.COTException in project OpenAM by OpenRock.
the class ConfigureGoogleApps method updateSPMeta.
private void updateSPMeta(String realm, String cot, String domainId) throws WorkflowException {
String metadata = "<EntityDescriptor entityID=\"google.com/a/" + domainId + "\"" + " xmlns=\"urn" + ":oasis:names:tc:SAML:2.0:metadata\">" + "<SPSSODescriptor protocolSupportEnumeration=\"urn:oasis:nam" + "es:tc:SAML:2.0:protocol\"> <NameIDFormat>urn:oasis:names:t" + "c:SAML:1.1:nameid-format:unspecified</NameIDFormat>" + "<AssertionConsumerService index=\"1\" Binding=\"urn:oasis:na" + "mes:tc:SAML:2.0:bindings:HTTP-POST\"" + " Location=\"https://www.google.com/a/" + domainId + "/acs\" />" + "</SPSSODescriptor></EntityDescriptor>";
String extendedMeta = null;
try {
EntityDescriptorElement e = SAML2MetaUtils.getEntityDescriptorElement(metadata);
String eId = e.getEntityID();
String metaAlias = generateMetaAliasForSP(realm);
Map map = new HashMap();
map.put(MetaTemplateParameters.P_SP, metaAlias);
extendedMeta = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(eId, map, null, false);
} catch (SAML2MetaException ex) {
throw new WorkflowException(ex.getMessage());
} catch (JAXBException ex) {
throw new WorkflowException(ex.getMessage());
}
String[] results = ImportSAML2MetaData.importData(realm, metadata, extendedMeta);
String entityId = results[1];
if ((cot != null) && (cot.length() > 0)) {
try {
AddProviderToCOT.addToCOT(realm, cot, entityId);
} catch (COTException e) {
throw new WorkflowException(e.getMessage());
}
}
}
use of com.sun.identity.cot.COTException in project OpenAM by OpenRock.
the class ConfigureSalesForceApps method updateSPMeta.
private void updateSPMeta(String entityId, String realm, String cot, List attrMapping) throws WorkflowException {
String extendedMeta = null;
String localMetadata = null;
try {
localMetadata = METADATA.replace(ENTITY_ID_PLACEHOLDER, entityId);
EntityDescriptorElement e = SAML2MetaUtils.getEntityDescriptorElement(localMetadata);
String eId = e.getEntityID();
String metaAlias = generateMetaAliasForSP(realm);
Map map = new HashMap();
map.put(MetaTemplateParameters.P_SP, metaAlias);
extendedMeta = createExtendedDataTemplate(eId, false);
} catch (SAML2MetaException ex) {
throw new WorkflowException(ex.getMessage());
} catch (JAXBException ex) {
throw new WorkflowException(ex.getMessage());
}
String[] results = ImportSAML2MetaData.importData(realm, localMetadata, extendedMeta);
String configuredEntityId = results[1];
if ((cot != null) && (cot.length() > 0)) {
try {
AddProviderToCOT.addToCOT(realm, cot, configuredEntityId);
} catch (COTException e) {
throw new WorkflowException(e.getMessage());
}
}
try {
if (!attrMapping.isEmpty()) {
SAML2MetaManager manager = new SAML2MetaManager();
EntityConfigElement config = manager.getEntityConfig(realm, configuredEntityId);
SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, configuredEntityId);
if (ssoConfig != null) {
ObjectFactory objFactory = new ObjectFactory();
AttributeType avp = objFactory.createAttributeElement();
String key = SAML2Constants.ATTRIBUTE_MAP;
avp.setName(key);
avp.getValue().addAll(attrMapping);
ssoConfig.getAttribute().add(avp);
}
manager.setEntityConfig(realm, config);
}
} catch (SAML2MetaException e) {
throw new WorkflowException(e.getMessage());
} catch (JAXBException e) {
throw new WorkflowException(e.getMessage());
}
}
use of com.sun.identity.cot.COTException in project OpenAM by OpenRock.
the class CreateHostedIDP method execute.
/**
* Creates hosted identity provider.
*
* @param locale Locale of the Request
* @param params Map of creation parameters.
*/
public String execute(Locale locale, Map params) throws WorkflowException {
validateParameters(params);
String metadataFile = getString(params, ParameterKeys.P_META_DATA);
boolean hasMetaData = (metadataFile != null) && (metadataFile.trim().length() > 0);
String metadata = null;
String extendedData = null;
if (hasMetaData) {
String extendedDataFile = getString(params, ParameterKeys.P_EXTENDED_DATA);
metadata = getContent(metadataFile, locale);
extendedData = getContent(extendedDataFile, locale);
} else {
String entityId = getString(params, ParameterKeys.P_ENTITY_ID);
String metaAlias = generateMetaAliasForIDP(getString(params, ParameterKeys.P_REALM));
Map map = new HashMap();
map.put(MetaTemplateParameters.P_IDP, metaAlias);
map.put(MetaTemplateParameters.P_IDP_E_CERT, getString(params, ParameterKeys.P_IDP_E_CERT));
map.put(MetaTemplateParameters.P_IDP_S_CERT, getString(params, ParameterKeys.P_IDP_S_CERT));
try {
metadata = CreateSAML2HostedProviderTemplate.buildMetaDataTemplate(entityId, map, getRequestURL(params));
extendedData = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(entityId, map, getRequestURL(params));
} catch (SAML2MetaException e) {
return e.getMessage();
}
}
String[] results = ImportSAML2MetaData.importData(null, metadata, extendedData);
String realm = results[0];
String entityId = results[1];
String cot = getString(params, ParameterKeys.P_COT);
if ((cot != null) && (cot.length() > 0)) {
try {
AddProviderToCOT.addToCOT(realm, cot, entityId);
} catch (COTException e) {
throw new WorkflowException(e.getMessage());
}
}
try {
List attrMapping = getAttributeMapping(params);
if (!attrMapping.isEmpty()) {
SAML2MetaManager manager = new SAML2MetaManager();
EntityConfigElement config = manager.getEntityConfig(realm, entityId);
IDPSSOConfigElement ssoConfig = manager.getIDPSSOConfig(realm, entityId);
Map attribConfig = SAML2MetaUtils.getAttributes(ssoConfig);
List mappedAttributes = (List) attribConfig.get(SAML2Constants.ATTRIBUTE_MAP);
mappedAttributes.addAll(attrMapping);
manager.setEntityConfig(realm, config);
}
} catch (SAML2MetaException e) {
throw new WorkflowException(e.getMessage());
}
try {
return getMessage("idp.configured", locale) + "|||realm=" + realm + "&entityId=" + URLEncoder.encode(entityId, "UTF-8");
} catch (UnsupportedEncodingException e) {
throw new WorkflowException(e.getMessage());
}
}
use of com.sun.identity.cot.COTException in project OpenAM by OpenRock.
the class CreateHostedSP method execute.
/**
* Creates hosted service provider.
*
* @param locale Locale of the Request
* @param params Map of creation parameters.
*/
public String execute(Locale locale, Map params) throws WorkflowException {
validateParameters(params);
String metadataFile = getString(params, ParameterKeys.P_META_DATA);
String defAttrMappings = getString(params, ParameterKeys.P_DEF_ATTR_MAPPING);
boolean hasMetaData = (metadataFile != null) && (metadataFile.trim().length() > 0);
String metadata = null;
String extendedData = null;
if (hasMetaData) {
String extendedDataFile = getString(params, ParameterKeys.P_EXTENDED_DATA);
metadata = getContent(metadataFile, locale);
extendedData = getContent(extendedDataFile, locale);
} else {
String entityId = getString(params, ParameterKeys.P_ENTITY_ID);
String metaAlias = generateMetaAliasForSP(getString(params, ParameterKeys.P_REALM));
Map map = new HashMap();
map.put(MetaTemplateParameters.P_SP, metaAlias);
map.put(MetaTemplateParameters.P_SP_E_CERT, getString(params, ParameterKeys.P_SP_E_CERT));
try {
metadata = CreateSAML2HostedProviderTemplate.buildMetaDataTemplate(entityId, map, getRequestURL(params));
//metadata = enableSigning(metadata);
extendedData = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(entityId, map, getRequestURL(params));
} catch (SAML2MetaException e) {
return e.getMessage();
}
}
String[] results = ImportSAML2MetaData.importData(null, metadata, extendedData);
String realm = results[0];
String entityId = results[1];
String cot = getString(params, ParameterKeys.P_COT);
if ((cot != null) && (cot.length() > 0)) {
try {
AddProviderToCOT.addToCOT(realm, cot, entityId);
} catch (COTException e) {
throw new WorkflowException(e.getMessage());
}
}
List attrMapping = null;
if (defAttrMappings.equals("true")) {
attrMapping = new ArrayList(1);
attrMapping.add("*=*");
} else {
attrMapping = getAttributeMapping(params);
}
if (!attrMapping.isEmpty()) {
try {
SAML2MetaManager manager = new SAML2MetaManager();
EntityConfigElement config = manager.getEntityConfig(realm, entityId);
SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, entityId);
Map attribConfig = SAML2MetaUtils.getAttributes(ssoConfig);
List mappedAttributes = (List) attribConfig.get(SAML2Constants.ATTRIBUTE_MAP);
mappedAttributes.addAll(attrMapping);
manager.setEntityConfig(realm, config);
} catch (SAML2MetaException e) {
throw new WorkflowException(e.getMessage());
}
}
return "done|||realm=" + realm;
}
Aggregations