Search in sources :

Example 6 with SPSSOConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement in project OpenAM by OpenRock.

the class SAML2IDPProxyImpl method getPreferredIDP.

/**
     * Returns a list of preferred IDP providerIDs.
     * @param authnRequest original authnrequest
     * @param hostProviderID ProxyIDP providerID.
     * @param realm Realm
     * @param request HttpServletRequest
     * @param response HttpServletResponse
     * @return a list of providerID's of the authenticating providers to be
     *     proxied or <code>null</code> to disable the proxying and continue
     *     for the localauthenticating provider.
     * @exception SAML2Exception if error occurs.
     */
public List getPreferredIDP(AuthnRequest authnRequest, String hostProviderID, String realm, HttpServletRequest request, HttpServletResponse response) throws SAML2Exception {
    String classMethod = "SAML2IDPProxyImpl.getPreferredIDP:";
    if (SAML2Utils.debug.messageEnabled()) {
        SAML2Utils.debug.message(classMethod + "Init.");
    }
    try {
        SAML2MetaManager sm = new SAML2MetaManager();
        // Retreive MetaData
        if (sm == null) {
            throw new SAML2Exception(SAML2Utils.bundle.getString("errorMetaManager"));
        }
        SPSSOConfigElement spEntityCfg = sm.getSPSSOConfig(realm, authnRequest.getIssuer().getValue());
        Map spConfigAttrsMap = null;
        if (spEntityCfg != null) {
            spConfigAttrsMap = SAML2MetaUtils.getAttributes(spEntityCfg);
        }
        String useIntroductionForProxying = SPSSOFederate.getParameter(spConfigAttrsMap, SAML2Constants.USE_INTRODUCTION_FOR_IDP_PROXY);
        List providerIDs = new ArrayList();
        if (useIntroductionForProxying == null || !useIntroductionForProxying.equals("true")) {
            List proxyIDPs = null;
            if ((spConfigAttrsMap != null) && (!spConfigAttrsMap.isEmpty())) {
                proxyIDPs = (List) spConfigAttrsMap.get(SAML2Constants.IDP_PROXY_LIST);
            }
            if (proxyIDPs == null || proxyIDPs.isEmpty()) {
                SAML2Utils.debug.error("SAML2IDPProxyImpl.getPrefferedIDP:" + "Preferred IDPs are null.");
                return null;
            }
            providerIDs.add(proxyIDPs.iterator().next());
            return providerIDs;
        } else {
            /* IDP Proxy with introduction cookie case*/
            String idpEntityID = null;
            List cotList = (List) spConfigAttrsMap.get("cotlist");
            String cotListStr = (String) cotList.iterator().next();
            CircleOfTrustManager cotManager = new CircleOfTrustManager();
            CircleOfTrustDescriptor cotDesc = cotManager.getCircleOfTrust(realm, cotListStr);
            String readerURL = cotDesc.getSAML2ReaderServiceURL();
            if (SAML2Utils.debug.messageEnabled()) {
                SAML2Utils.debug.message(classMethod + "SAMLv2 idp" + "discovery reader URL = " + readerURL);
            }
            if (readerURL != null && (!readerURL.equals(""))) {
                String rID = SAML2Utils.generateID();
                String redirectURL = SAML2Utils.getRedirectURL(readerURL, rID, request);
                if (SAML2Utils.debug.messageEnabled()) {
                    SAML2Utils.debug.error(classMethod + "Redirect url = " + redirectURL);
                }
                if (redirectURL != null) {
                    response.sendRedirect(redirectURL);
                    Map aMap = new HashMap();
                    SPCache.reqParamHash.put(rID, aMap);
                    providerIDs.add(rID);
                    return providerIDs;
                }
            }
        }
        return null;
    } catch (SAML2MetaException ex) {
        SAML2Utils.debug.error(classMethod + "meta Exception in retrieving the preferred IDP", ex);
        return null;
    } catch (COTException sme) {
        SAML2Utils.debug.error(classMethod + "Error retreiving COT ", sme);
        return null;
    } catch (Exception e) {
        SAML2Utils.debug.error(classMethod + "Exception in retrieving the preferred IDP", e);
        return null;
    }
}
Also used : CircleOfTrustManager(com.sun.identity.cot.CircleOfTrustManager) HashMap(java.util.HashMap) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) ArrayList(java.util.ArrayList) CircleOfTrustDescriptor(com.sun.identity.cot.CircleOfTrustDescriptor) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) COTException(com.sun.identity.cot.COTException) COTException(com.sun.identity.cot.COTException) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) SAML2Exception(com.sun.identity.saml2.common.SAML2Exception) ArrayList(java.util.ArrayList) List(java.util.List) HashMap(java.util.HashMap) Map(java.util.Map) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException)

Example 7 with SPSSOConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement in project OpenAM by OpenRock.

the class ECPIDPFinder method getPreferredIDP.

/**
     * Returns a list of preferred IDP providerID's.
     * @param authnRequest original authnrequest
     * @param hostProviderID hosted providerID.
     * @param realm Realm
     * @param request HttpServletRequest
     * @param response HttpServletResponse
     * @return a list of IDP providerID's or null if not found.
     * @exception SAML2Exception if error occurs. 
     */
public List getPreferredIDP(AuthnRequest authnRequest, String hostProviderID, String realm, HttpServletRequest request, HttpServletResponse response) throws SAML2Exception {
    SPSSOConfigElement spssoconfig = SAML2Utils.getSAML2MetaManager().getSPSSOConfig(realm, hostProviderID);
    Map attributes = SAML2MetaUtils.getAttributes(spssoconfig);
    List idps = (List) attributes.get(SAML2Constants.ECP_REQUEST_IDP_LIST);
    if ((idps == null) || (idps.isEmpty())) {
        return null;
    }
    return idps;
}
Also used : SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) List(java.util.List) Map(java.util.Map)

Example 8 with SPSSOConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement in project OpenAM by OpenRock.

the class ConfigureSalesForceApps method updateSPMeta.

private void updateSPMeta(String entityId, String realm, String cot, List attrMapping) throws WorkflowException {
    String extendedMeta = null;
    String localMetadata = null;
    try {
        localMetadata = METADATA.replace(ENTITY_ID_PLACEHOLDER, entityId);
        EntityDescriptorElement e = SAML2MetaUtils.getEntityDescriptorElement(localMetadata);
        String eId = e.getEntityID();
        String metaAlias = generateMetaAliasForSP(realm);
        Map map = new HashMap();
        map.put(MetaTemplateParameters.P_SP, metaAlias);
        extendedMeta = createExtendedDataTemplate(eId, false);
    } catch (SAML2MetaException ex) {
        throw new WorkflowException(ex.getMessage());
    } catch (JAXBException ex) {
        throw new WorkflowException(ex.getMessage());
    }
    String[] results = ImportSAML2MetaData.importData(realm, localMetadata, extendedMeta);
    String configuredEntityId = results[1];
    if ((cot != null) && (cot.length() > 0)) {
        try {
            AddProviderToCOT.addToCOT(realm, cot, configuredEntityId);
        } catch (COTException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
    try {
        if (!attrMapping.isEmpty()) {
            SAML2MetaManager manager = new SAML2MetaManager();
            EntityConfigElement config = manager.getEntityConfig(realm, configuredEntityId);
            SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, configuredEntityId);
            if (ssoConfig != null) {
                ObjectFactory objFactory = new ObjectFactory();
                AttributeType avp = objFactory.createAttributeElement();
                String key = SAML2Constants.ATTRIBUTE_MAP;
                avp.setName(key);
                avp.getValue().addAll(attrMapping);
                ssoConfig.getAttribute().add(avp);
            }
            manager.setEntityConfig(realm, config);
        }
    } catch (SAML2MetaException e) {
        throw new WorkflowException(e.getMessage());
    } catch (JAXBException e) {
        throw new WorkflowException(e.getMessage());
    }
}
Also used : HashMap(java.util.HashMap) JAXBException(javax.xml.bind.JAXBException) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) COTException(com.sun.identity.cot.COTException) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) ObjectFactory(com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory) AttributeType(com.sun.identity.saml2.jaxb.entityconfig.AttributeType) HashMap(java.util.HashMap) Map(java.util.Map) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 9 with SPSSOConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement in project OpenAM by OpenRock.

the class CreateHostedSP method execute.

/**
     * Creates hosted service provider.
     *
     * @param locale Locale of the Request
     * @param params Map of creation parameters.
     */
public String execute(Locale locale, Map params) throws WorkflowException {
    validateParameters(params);
    String metadataFile = getString(params, ParameterKeys.P_META_DATA);
    String defAttrMappings = getString(params, ParameterKeys.P_DEF_ATTR_MAPPING);
    boolean hasMetaData = (metadataFile != null) && (metadataFile.trim().length() > 0);
    String metadata = null;
    String extendedData = null;
    if (hasMetaData) {
        String extendedDataFile = getString(params, ParameterKeys.P_EXTENDED_DATA);
        metadata = getContent(metadataFile, locale);
        extendedData = getContent(extendedDataFile, locale);
    } else {
        String entityId = getString(params, ParameterKeys.P_ENTITY_ID);
        String metaAlias = generateMetaAliasForSP(getString(params, ParameterKeys.P_REALM));
        Map map = new HashMap();
        map.put(MetaTemplateParameters.P_SP, metaAlias);
        map.put(MetaTemplateParameters.P_SP_E_CERT, getString(params, ParameterKeys.P_SP_E_CERT));
        try {
            metadata = CreateSAML2HostedProviderTemplate.buildMetaDataTemplate(entityId, map, getRequestURL(params));
            //metadata = enableSigning(metadata);
            extendedData = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(entityId, map, getRequestURL(params));
        } catch (SAML2MetaException e) {
            return e.getMessage();
        }
    }
    String[] results = ImportSAML2MetaData.importData(null, metadata, extendedData);
    String realm = results[0];
    String entityId = results[1];
    String cot = getString(params, ParameterKeys.P_COT);
    if ((cot != null) && (cot.length() > 0)) {
        try {
            AddProviderToCOT.addToCOT(realm, cot, entityId);
        } catch (COTException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
    List attrMapping = null;
    if (defAttrMappings.equals("true")) {
        attrMapping = new ArrayList(1);
        attrMapping.add("*=*");
    } else {
        attrMapping = getAttributeMapping(params);
    }
    if (!attrMapping.isEmpty()) {
        try {
            SAML2MetaManager manager = new SAML2MetaManager();
            EntityConfigElement config = manager.getEntityConfig(realm, entityId);
            SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, entityId);
            Map attribConfig = SAML2MetaUtils.getAttributes(ssoConfig);
            List mappedAttributes = (List) attribConfig.get(SAML2Constants.ATTRIBUTE_MAP);
            mappedAttributes.addAll(attrMapping);
            manager.setEntityConfig(realm, config);
        } catch (SAML2MetaException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
    return "done|||realm=" + realm;
}
Also used : HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) COTException(com.sun.identity.cot.COTException) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) List(java.util.List) ArrayList(java.util.ArrayList) Map(java.util.Map) HashMap(java.util.HashMap) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Example 10 with SPSSOConfigElement

use of com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement in project OpenAM by OpenRock.

the class CreateRemoteSP method execute.

/**
     * Creates remote service provider.
     *
     * @param locale Locale of the request.
     * @param params Map of creation parameters.
     */
@Override
public String execute(Locale locale, Map params) throws WorkflowException {
    validateParameters(params);
    String realm = getString(params, ParameterKeys.P_REALM);
    String metadataFile = getString(params, ParameterKeys.P_META_DATA);
    String metadata = getContent(metadataFile, locale);
    String extendedMeta = null;
    List attrMapping = getAttributeMapping(params);
    if (!attrMapping.isEmpty()) {
        try {
            EntityDescriptorElement e = SAML2MetaUtils.getEntityDescriptorElement(metadata);
            String eId = e.getEntityID();
            extendedMeta = createExtendedDataTemplate(eId, false);
        } catch (SAML2MetaException ex) {
            throw new WorkflowException(ex.getMessage());
        } catch (JAXBException ex) {
            throw new WorkflowException(ex.getMessage());
        }
    }
    String[] results = ImportSAML2MetaData.importData(realm, metadata, extendedMeta);
    String entityId = results[1];
    String cot = getString(params, ParameterKeys.P_COT);
    if ((cot != null) && (cot.length() > 0)) {
        try {
            AddProviderToCOT.addToCOT(realm, cot, entityId);
        } catch (COTException e) {
            throw new WorkflowException(e.getMessage());
        }
    }
    try {
        if (!attrMapping.isEmpty()) {
            SAML2MetaManager manager = new SAML2MetaManager();
            EntityConfigElement config = manager.getEntityConfig(realm, entityId);
            SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, entityId);
            if (ssoConfig != null) {
                ObjectFactory objFactory = new ObjectFactory();
                AttributeType avp = objFactory.createAttributeElement();
                String key = SAML2Constants.ATTRIBUTE_MAP;
                avp.setName(key);
                avp.getValue().addAll(attrMapping);
                ssoConfig.getAttribute().add(avp);
            }
            manager.setEntityConfig(realm, config);
        }
    } catch (SAML2MetaException e) {
        throw new WorkflowException(e.getMessage());
    } catch (JAXBException e) {
        throw new WorkflowException(e.getMessage());
    }
    return getMessage("sp.configured", locale);
}
Also used : JAXBException(javax.xml.bind.JAXBException) SPSSOConfigElement(com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement) COTException(com.sun.identity.cot.COTException) SAML2MetaManager(com.sun.identity.saml2.meta.SAML2MetaManager) EntityDescriptorElement(com.sun.identity.saml2.jaxb.metadata.EntityDescriptorElement) ObjectFactory(com.sun.identity.saml2.jaxb.entityconfig.ObjectFactory) AttributeType(com.sun.identity.saml2.jaxb.entityconfig.AttributeType) List(java.util.List) SAML2MetaException(com.sun.identity.saml2.meta.SAML2MetaException) EntityConfigElement(com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)

Aggregations

SPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.SPSSOConfigElement)38 SAML2MetaException (com.sun.identity.saml2.meta.SAML2MetaException)25 List (java.util.List)24 Map (java.util.Map)20 HashMap (java.util.HashMap)18 ArrayList (java.util.ArrayList)16 SAML2MetaManager (com.sun.identity.saml2.meta.SAML2MetaManager)14 SAML2Exception (com.sun.identity.saml2.common.SAML2Exception)13 SAML2TokenRepositoryException (org.forgerock.openam.federation.saml2.SAML2TokenRepositoryException)11 SPSSODescriptorElement (com.sun.identity.saml2.jaxb.metadata.SPSSODescriptorElement)10 COTException (com.sun.identity.cot.COTException)8 Iterator (java.util.Iterator)8 SessionException (com.sun.identity.plugin.session.SessionException)7 EntityConfigElement (com.sun.identity.saml2.jaxb.entityconfig.EntityConfigElement)6 IDPSSOConfigElement (com.sun.identity.saml2.jaxb.entityconfig.IDPSSOConfigElement)6 IOException (java.io.IOException)6 PrivateKey (java.security.PrivateKey)6 AuthnRequest (com.sun.identity.saml2.protocol.AuthnRequest)5 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)4 CircleOfTrustDescriptor (com.sun.identity.cot.CircleOfTrustDescriptor)4