Search in sources :

Example 1 with ResourceIDType

use of com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType in project OpenAM by OpenRock.

the class SMDiscoEntryData method setDiscoStr.

public void setDiscoStr(boolean isUserView) throws AMConsoleException {
    try {
        ResourceOfferingType res = discoFac.createResourceOfferingType();
        ResourceIDType rid = discoFac.createResourceIDType();
        // if user resource offering then set resource id type.
        if (isUserView) {
            if ((resourceIdAttribute != null) && resourceIdAttribute.length() > 0) {
                rid.setId(resourceIdAttribute);
            }
            rid.setValue(resourceIdValue);
            res.setEntryID(entryId);
        } else {
            /*
                 * jaxb api requires that we set resource id value to empty
                 * string if there is no value so that it will create empty tag
                 * for Resource ID.
                 */
            rid.setValue("");
        }
        ServiceInstanceType svc = createServiceInstanceEntry();
        List descriptionTypeList = (List) svc.getDescription();
        res.setServiceInstance(svc);
        res.setResourceID(rid);
        if (abstractValue != null && abstractValue.length() > 0) {
            res.setAbstract(abstractValue);
        }
        if (!noOption) {
            res.setOptions(createOptionsEntry());
        }
        DiscoEntryElement de = entryFac.createDiscoEntryElement();
        de.setResourceOffering(res);
        createDirectivesEntry(de, descriptionTypeList);
        String str = convertDiscoEntryToXmlStr(de);
        if (str == null || str.length() == 0) {
            throw new AMConsoleException("discoEntryFailed.message");
        } else {
            discoStr = str;
        }
    } catch (JAXBException e) {
        Throwable t = e.getLinkedException();
        String str = (t != null) ? t.getMessage() : e.toString();
        throw new AMConsoleException(str);
    }
}
Also used : ServiceInstanceType(com.sun.identity.liberty.ws.disco.jaxb.ServiceInstanceType) JAXBException(javax.xml.bind.JAXBException) ResourceOfferingType(com.sun.identity.liberty.ws.disco.jaxb.ResourceOfferingType) ArrayList(java.util.ArrayList) List(java.util.List) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) ResourceIDType(com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType) DiscoEntryElement(com.sun.identity.liberty.ws.disco.plugins.jaxb.DiscoEntryElement)

Example 2 with ResourceIDType

use of com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType in project OpenAM by OpenRock.

the class DiscoEntryHandlerImplUtils method getGlobalDiscoEntries.

/**
     * This is used by the global disocvery service handler to retrieve
     * the resource offerings registered at the realm, org, role etc.
     */
public static void getGlobalDiscoEntries(AMIdentity amIdentity, String attrName, Map discoEntries, String userID) throws Exception {
    Map map = amIdentity.getServiceAttributes("sunIdentityServerDiscoveryService");
    Set attr = (Set) map.get(attrName);
    if (attr == null || attr.isEmpty()) {
        debug.error("DiscoEntryHandlerImplUtils.getServiceDiscoEntries: " + "The resource offerings are not available");
        return;
    }
    if (debug.messageEnabled()) {
        debug.message("DiscoEntryHandlerImplUtils.getServiceDiscoEntries: " + attr);
    }
    Iterator j = attr.iterator();
    String entryStr = null;
    String resIDValue = null;
    DiscoEntryElement entry = null;
    ResourceIDType resID = null;
    ResourceOfferingType resOff = null;
    String entryID = null;
    String providerID = null;
    while (j.hasNext()) {
        entryStr = (String) j.next();
        try {
            entry = (DiscoEntryElement) DiscoUtils.getDiscoUnmarshaller().unmarshal(XMLUtils.createSAXSource(new InputSource(new StringReader(entryStr))));
            resOff = entry.getResourceOffering();
            entryID = resOff.getEntryID();
            if (entryID == null) {
                entryID = SAMLUtils.generateID();
                resOff.setEntryID(entryID);
            }
            ResourceIDType rid = resOff.getResourceID();
            if ((rid == null) || (rid.getValue() == null) || (rid.getValue().equals(""))) {
                com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory discoFac = new com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory();
                resID = discoFac.createResourceIDType();
                resID.setValue(DiscoConstants.IMPLIED_RESOURCE);
                resOff.setResourceID(resID);
            }
            entry.setResourceOffering(resOff);
            discoEntries.put(entryID, entry);
        } catch (Exception e) {
            debug.error("DiscoEntryHandlerImplUtils.getServiceDiscoEntries:" + " Exception for getting entry: " + entryStr + ":", e);
            continue;
        }
    }
}
Also used : InputSource(org.xml.sax.InputSource) HashSet(java.util.HashSet) Set(java.util.Set) ResourceOfferingType(com.sun.identity.liberty.ws.disco.jaxb.ResourceOfferingType) DiscoEntryElement(com.sun.identity.liberty.ws.disco.plugins.jaxb.DiscoEntryElement) JAXBException(javax.xml.bind.JAXBException) Iterator(java.util.Iterator) StringReader(java.io.StringReader) HashMap(java.util.HashMap) Map(java.util.Map) ResourceIDType(com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType)

Example 3 with ResourceIDType

use of com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType in project OpenAM by OpenRock.

the class DiscoveryBootstrap method getResourceOffering.

/**
     * Gets the discovery bootstrap resource offering for the user.
     * @return Discovery Resource Offering String
     * @exception  SAML2Exception if there's any failure.
     */
private String getResourceOffering(String authnContextClassRef, Subject subject, String wscID, String realm) throws SAML2Exception {
    if (SAML2Utils.debug.messageEnabled()) {
        SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering:Init");
    }
    DiscoEntryElement discoEntry = DiscoServiceManager.getBootstrappingDiscoEntry();
    if (discoEntry == null) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("missingUnivID"));
    }
    String[] values = null;
    try {
        values = SessionManager.getProvider().getProperty(session, Constants.UNIVERSAL_IDENTIFIER);
    } catch (SessionException se) {
        throw new SAML2Exception(se);
    }
    if ((values == null) || (values.length == 0)) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("missingDiscoOffering"));
    }
    String univID = values[0];
    try {
        ResourceOfferingType offering = discoEntry.getResourceOffering();
        ServiceInstanceType serviceInstance = offering.getServiceInstance();
        String providerID = serviceInstance.getProviderID();
        if (!DiscoServiceManager.useImpliedResource()) {
            ResourceIDMapper idMapper = DiscoServiceManager.getResourceIDMapper(providerID);
            if (idMapper == null) {
                idMapper = DiscoServiceManager.getDefaultResourceIDMapper();
            }
            ObjectFactory fac = new ObjectFactory();
            ResourceIDType resourceID = fac.createResourceIDType();
            String resourceIDValue = idMapper.getResourceID(providerID, univID);
            if (SAML2Utils.debug.messageEnabled()) {
                SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering: " + "ResourceID Value:" + resourceIDValue);
            }
            resourceID.setValue(resourceIDValue);
            offering.setResourceID(resourceID);
        } else {
            ObjectFactory fac = new com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory();
            ResourceIDType resourceID = fac.createResourceIDType();
            resourceID.setValue(DiscoConstants.IMPLIED_RESOURCE);
            offering.setResourceID(resourceID);
        }
        List discoEntryList = new ArrayList();
        discoEntryList.add(discoEntry);
        SessionSubject sessionSubject = null;
        if (DiscoServiceManager.encryptNIinSessionContext()) {
            IDPSSODescriptorElement idpSSODesc = SAML2Utils.getSAML2MetaManager().getIDPSSODescriptor(realm, providerID);
            EncInfo encInfo = KeyUtil.getEncInfo(idpSSODesc, wscID, SAML2Constants.IDP_ROLE);
            NameIdentifier ni = EncryptedNameIdentifier.getEncryptedNameIdentifier(convertSPNameID(subject.getNameID()), providerID, encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength());
            sessionSubject = new SessionSubject(ni, convertSC(subject.getSubjectConfirmation()), convertIDPNameID(subject.getNameID()));
        } else {
            sessionSubject = new SessionSubject(convertSPNameID(subject.getNameID()), convertSC(subject.getSubjectConfirmation()), convertIDPNameID(subject.getNameID()));
        }
        AuthnContext authnContext = new AuthnContext(authnContextClassRef, null);
        authnContext.setMinorVersion(IFSConstants.FF_12_PROTOCOL_MINOR_VERSION);
        SessionContext invocatorSession = new SessionContext(sessionSubject, authnContext, providerID);
        Map map = DiscoUtils.checkPolicyAndHandleDirectives(univID, null, discoEntryList, null, invocatorSession, wscID, session);
        List offerings = (List) map.get(DiscoUtils.OFFERINGS);
        if (offerings.isEmpty()) {
            if (SAML2Utils.debug.messageEnabled()) {
                SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering:" + "no ResourceOffering");
            }
            throw new SAML2Exception(SAML2Utils.bundle.getString("missingDiscoOffering"));
        }
        ResourceOffering resourceOffering = (ResourceOffering) offerings.get(0);
        assertions = (List) map.get(DiscoUtils.CREDENTIALS);
        if (SAML2Utils.debug.messageEnabled()) {
            SAML2Utils.debug.message("DiscoveryBootstrap.getResourceOffering: " + "Resource Offering:" + resourceOffering);
        }
        return resourceOffering.toString();
    } catch (Exception ex) {
        SAML2Utils.debug.error("DiscoveryBootstrap.getResourceOffering:" + "Exception while creating resource offering.", ex);
        throw new SAML2Exception(ex);
    }
}
Also used : ResourceOffering(com.sun.identity.liberty.ws.disco.ResourceOffering) SessionSubject(com.sun.identity.liberty.ws.security.SessionSubject) NameIdentifier(com.sun.identity.saml.assertion.NameIdentifier) IDPProvidedNameIdentifier(com.sun.identity.federation.message.common.IDPProvidedNameIdentifier) EncryptedNameIdentifier(com.sun.identity.federation.message.common.EncryptedNameIdentifier) ResourceOfferingType(com.sun.identity.liberty.ws.disco.jaxb.ResourceOfferingType) ArrayList(java.util.ArrayList) SessionException(com.sun.identity.plugin.session.SessionException) DiscoEntryElement(com.sun.identity.liberty.ws.disco.plugins.jaxb.DiscoEntryElement) SessionException(com.sun.identity.plugin.session.SessionException) SAMLException(com.sun.identity.saml.common.SAMLException) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) AuthnContext(com.sun.identity.federation.message.common.AuthnContext) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) EncInfo(com.sun.identity.saml2.key.EncInfo) ServiceInstanceType(com.sun.identity.liberty.ws.disco.jaxb.ServiceInstanceType) ResourceIDMapper(com.sun.identity.liberty.ws.interfaces.ResourceIDMapper) ObjectFactory(com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory) SessionContext(com.sun.identity.liberty.ws.security.SessionContext) ArrayList(java.util.ArrayList) List(java.util.List) ResourceIDType(com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType) Map(java.util.Map) IDPSSODescriptorElement(com.sun.identity.saml2.jaxb.metadata.IDPSSODescriptorElement)

Example 4 with ResourceIDType

use of com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType in project OpenAM by OpenRock.

the class SMDiscoveryServiceData method setDiscoEntryData.

private static void setDiscoEntryData(DiscoEntryElement entry, SMDiscoEntryData smDisco) {
    ResourceOfferingType resOff = entry.getResourceOffering();
    ResourceIDType resourceIdType = resOff.getResourceID();
    ServiceInstanceType serviceInstance = resOff.getServiceInstance();
    String providerID = serviceInstance.getProviderID();
    String serviceType = serviceInstance.getServiceType();
    smDisco.entryId = resOff.getEntryID();
    smDisco.resourceIdAttribute = resourceIdType.getId();
    smDisco.resourceIdValue = resourceIdType.getValue();
    smDisco.serviceType = serviceType;
    smDisco.providerId = providerID;
    smDisco.abstractValue = resOff.getAbstract();
    OptionsType optType = resOff.getOptions();
    if (optType != null) {
        smDisco.options = optType.getOption();
        smDisco.noOption = false;
    } else {
        smDisco.noOption = true;
    }
    List list = serviceInstance.getDescription();
    if (list != null && !list.isEmpty()) {
        for (Iterator iter = list.iterator(); iter.hasNext(); ) {
            SMDescriptionData smDesc = new SMDescriptionData();
            DescriptionType desc = (DescriptionType) iter.next();
            smDesc.setDescriptionEntry(desc);
            smDisco.descData.add(smDesc);
        }
    } else {
        debug.error("SMDiscoveryServiceData.setDiscoEntryData: " + "No description exists in the disco entry");
    }
    smDisco.directives = getDirectiveEntry(entry);
}
Also used : ServiceInstanceType(com.sun.identity.liberty.ws.disco.jaxb.ServiceInstanceType) DescriptionType(com.sun.identity.liberty.ws.disco.jaxb.DescriptionType) ResourceOfferingType(com.sun.identity.liberty.ws.disco.jaxb.ResourceOfferingType) Iterator(java.util.Iterator) ArrayList(java.util.ArrayList) List(java.util.List) ResourceIDType(com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType) OptionsType(com.sun.identity.liberty.ws.disco.jaxb.OptionsType)

Example 5 with ResourceIDType

use of com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType in project OpenAM by OpenRock.

the class AuthnSvcUtils method setResourceOfferingAndCredentials.

/**
     * Sets resource offering and credentials to the SASL response based on
     * provided sso token.
     * @param saslResp a SASL response
     * @param message a SOAP message containing a SASL request
     * @param userDN Distinguished Name of the User.
     * @return <code>true</code> if it sets correctly
     */
public static boolean setResourceOfferingAndCredentials(SASLResponse saslResp, Message message, String userDN) {
    try {
        DiscoEntryElement discoEntry = (DiscoEntryElement) DiscoServiceManager.getBootstrappingDiscoEntry();
        ResourceOfferingType offering = discoEntry.getResourceOffering();
        if (!DiscoServiceManager.useImpliedResource()) {
            ServiceInstanceType serviceInstance = offering.getServiceInstance();
            String providerID = serviceInstance.getProviderID();
            ResourceIDMapper idMapper = DiscoServiceManager.getResourceIDMapper(providerID);
            if (idMapper == null) {
                idMapper = DiscoServiceManager.getDefaultResourceIDMapper();
            }
            ObjectFactory fac = new com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory();
            ResourceIDType resourceID = fac.createResourceIDType();
            String resourceIDValue = idMapper.getResourceID(providerID, userDN);
            if (AuthnSvcUtils.debug.messageEnabled()) {
                AuthnSvcUtils.debug.message("AuthnSvcUtils.setResourceOfferingAndCredentials" + "Offering: ResourceID Value:" + resourceIDValue);
            }
            resourceID.setValue(resourceIDValue);
            offering.setResourceID(resourceID);
        } else {
            ObjectFactory fac = new com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory();
            ResourceIDType resourceID = fac.createResourceIDType();
            resourceID.setValue(DiscoConstants.IMPLIED_RESOURCE);
            offering.setResourceID(resourceID);
        }
        List discoEntryList = new ArrayList();
        discoEntryList.add(discoEntry);
        Map map = DiscoUtils.checkPolicyAndHandleDirectives(userDN, message, discoEntryList, null, null, null, message.getToken());
        List offerings = (List) map.get(DiscoUtils.OFFERINGS);
        if (offerings.isEmpty()) {
            if (AuthnSvcUtils.debug.messageEnabled()) {
                AuthnSvcUtils.debug.message("AuthnSvcUtils.setResourceOfferingAndCredentials" + "no ResourceOffering");
            }
            return false;
        }
        ResourceOffering ro = (ResourceOffering) offerings.get(0);
        saslResp.setResourceOffering(ro);
        List assertions = (List) map.get(DiscoUtils.CREDENTIALS);
        if ((assertions != null) && (!assertions.isEmpty())) {
            Iterator iter = assertions.iterator();
            List credentials = new ArrayList();
            while (iter.hasNext()) {
                SecurityAssertion assertion = (SecurityAssertion) iter.next();
                Document doc = XMLUtils.toDOMDocument(assertion.toString(true, true), AuthnSvcUtils.debug);
                credentials.add(doc.getDocumentElement());
            }
            saslResp.setCredentials(credentials);
        }
        return true;
    } catch (Exception ex) {
        debug.error("AuthnSvcUtils.setResourceOfferingAndCredentials:", ex);
        return false;
    }
}
Also used : ResourceOffering(com.sun.identity.liberty.ws.disco.ResourceOffering) ResourceOfferingType(com.sun.identity.liberty.ws.disco.jaxb.ResourceOfferingType) ArrayList(java.util.ArrayList) SecurityAssertion(com.sun.identity.liberty.ws.security.SecurityAssertion) Document(org.w3c.dom.Document) DiscoEntryElement(com.sun.identity.liberty.ws.disco.plugins.jaxb.DiscoEntryElement) ServiceInstanceType(com.sun.identity.liberty.ws.disco.jaxb.ServiceInstanceType) ResourceIDMapper(com.sun.identity.liberty.ws.interfaces.ResourceIDMapper) ObjectFactory(com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory) Iterator(java.util.Iterator) ArrayList(java.util.ArrayList) List(java.util.List) ResourceIDType(com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType) Map(java.util.Map)

Aggregations

ResourceIDType (com.sun.identity.liberty.ws.disco.jaxb.ResourceIDType)5 ResourceOfferingType (com.sun.identity.liberty.ws.disco.jaxb.ResourceOfferingType)5 ServiceInstanceType (com.sun.identity.liberty.ws.disco.jaxb.ServiceInstanceType)4 DiscoEntryElement (com.sun.identity.liberty.ws.disco.plugins.jaxb.DiscoEntryElement)4 ArrayList (java.util.ArrayList)4 List (java.util.List)4 Iterator (java.util.Iterator)3 Map (java.util.Map)3 ResourceOffering (com.sun.identity.liberty.ws.disco.ResourceOffering)2 ObjectFactory (com.sun.identity.liberty.ws.disco.jaxb.ObjectFactory)2 ResourceIDMapper (com.sun.identity.liberty.ws.interfaces.ResourceIDMapper)2 JAXBException (javax.xml.bind.JAXBException)2 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)1 AuthnContext (com.sun.identity.federation.message.common.AuthnContext)1 EncryptedNameIdentifier (com.sun.identity.federation.message.common.EncryptedNameIdentifier)1 IDPProvidedNameIdentifier (com.sun.identity.federation.message.common.IDPProvidedNameIdentifier)1 DescriptionType (com.sun.identity.liberty.ws.disco.jaxb.DescriptionType)1 OptionsType (com.sun.identity.liberty.ws.disco.jaxb.OptionsType)1 SecurityAssertion (com.sun.identity.liberty.ws.security.SecurityAssertion)1 SessionContext (com.sun.identity.liberty.ws.security.SessionContext)1