use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.
the class ConfigureSalesForceApps method updateSPMeta.
private void updateSPMeta(String entityId, String realm, String cot, List attrMapping) throws WorkflowException {
String extendedMeta = null;
String localMetadata = null;
try {
localMetadata = METADATA.replace(ENTITY_ID_PLACEHOLDER, entityId);
EntityDescriptorElement e = SAML2MetaUtils.getEntityDescriptorElement(localMetadata);
String eId = e.getEntityID();
String metaAlias = generateMetaAliasForSP(realm);
Map map = new HashMap();
map.put(MetaTemplateParameters.P_SP, metaAlias);
extendedMeta = createExtendedDataTemplate(eId, false);
} catch (SAML2MetaException ex) {
throw new WorkflowException(ex.getMessage());
} catch (JAXBException ex) {
throw new WorkflowException(ex.getMessage());
}
String[] results = ImportSAML2MetaData.importData(realm, localMetadata, extendedMeta);
String configuredEntityId = results[1];
if ((cot != null) && (cot.length() > 0)) {
try {
AddProviderToCOT.addToCOT(realm, cot, configuredEntityId);
} catch (COTException e) {
throw new WorkflowException(e.getMessage());
}
}
try {
if (!attrMapping.isEmpty()) {
SAML2MetaManager manager = new SAML2MetaManager();
EntityConfigElement config = manager.getEntityConfig(realm, configuredEntityId);
SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, configuredEntityId);
if (ssoConfig != null) {
ObjectFactory objFactory = new ObjectFactory();
AttributeType avp = objFactory.createAttributeElement();
String key = SAML2Constants.ATTRIBUTE_MAP;
avp.setName(key);
avp.getValue().addAll(attrMapping);
ssoConfig.getAttribute().add(avp);
}
manager.setEntityConfig(realm, config);
}
} catch (SAML2MetaException e) {
throw new WorkflowException(e.getMessage());
} catch (JAXBException e) {
throw new WorkflowException(e.getMessage());
}
}
use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.
the class CreateHostedIDP method execute.
/**
* Creates hosted identity provider.
*
* @param locale Locale of the Request
* @param params Map of creation parameters.
*/
public String execute(Locale locale, Map params) throws WorkflowException {
validateParameters(params);
String metadataFile = getString(params, ParameterKeys.P_META_DATA);
boolean hasMetaData = (metadataFile != null) && (metadataFile.trim().length() > 0);
String metadata = null;
String extendedData = null;
if (hasMetaData) {
String extendedDataFile = getString(params, ParameterKeys.P_EXTENDED_DATA);
metadata = getContent(metadataFile, locale);
extendedData = getContent(extendedDataFile, locale);
} else {
String entityId = getString(params, ParameterKeys.P_ENTITY_ID);
String metaAlias = generateMetaAliasForIDP(getString(params, ParameterKeys.P_REALM));
Map map = new HashMap();
map.put(MetaTemplateParameters.P_IDP, metaAlias);
map.put(MetaTemplateParameters.P_IDP_E_CERT, getString(params, ParameterKeys.P_IDP_E_CERT));
map.put(MetaTemplateParameters.P_IDP_S_CERT, getString(params, ParameterKeys.P_IDP_S_CERT));
try {
metadata = CreateSAML2HostedProviderTemplate.buildMetaDataTemplate(entityId, map, getRequestURL(params));
extendedData = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(entityId, map, getRequestURL(params));
} catch (SAML2MetaException e) {
return e.getMessage();
}
}
String[] results = ImportSAML2MetaData.importData(null, metadata, extendedData);
String realm = results[0];
String entityId = results[1];
String cot = getString(params, ParameterKeys.P_COT);
if ((cot != null) && (cot.length() > 0)) {
try {
AddProviderToCOT.addToCOT(realm, cot, entityId);
} catch (COTException e) {
throw new WorkflowException(e.getMessage());
}
}
try {
List attrMapping = getAttributeMapping(params);
if (!attrMapping.isEmpty()) {
SAML2MetaManager manager = new SAML2MetaManager();
EntityConfigElement config = manager.getEntityConfig(realm, entityId);
IDPSSOConfigElement ssoConfig = manager.getIDPSSOConfig(realm, entityId);
Map attribConfig = SAML2MetaUtils.getAttributes(ssoConfig);
List mappedAttributes = (List) attribConfig.get(SAML2Constants.ATTRIBUTE_MAP);
mappedAttributes.addAll(attrMapping);
manager.setEntityConfig(realm, config);
}
} catch (SAML2MetaException e) {
throw new WorkflowException(e.getMessage());
}
try {
return getMessage("idp.configured", locale) + "|||realm=" + realm + "&entityId=" + URLEncoder.encode(entityId, "UTF-8");
} catch (UnsupportedEncodingException e) {
throw new WorkflowException(e.getMessage());
}
}
use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.
the class CreateHostedSP method execute.
/**
* Creates hosted service provider.
*
* @param locale Locale of the Request
* @param params Map of creation parameters.
*/
public String execute(Locale locale, Map params) throws WorkflowException {
validateParameters(params);
String metadataFile = getString(params, ParameterKeys.P_META_DATA);
String defAttrMappings = getString(params, ParameterKeys.P_DEF_ATTR_MAPPING);
boolean hasMetaData = (metadataFile != null) && (metadataFile.trim().length() > 0);
String metadata = null;
String extendedData = null;
if (hasMetaData) {
String extendedDataFile = getString(params, ParameterKeys.P_EXTENDED_DATA);
metadata = getContent(metadataFile, locale);
extendedData = getContent(extendedDataFile, locale);
} else {
String entityId = getString(params, ParameterKeys.P_ENTITY_ID);
String metaAlias = generateMetaAliasForSP(getString(params, ParameterKeys.P_REALM));
Map map = new HashMap();
map.put(MetaTemplateParameters.P_SP, metaAlias);
map.put(MetaTemplateParameters.P_SP_E_CERT, getString(params, ParameterKeys.P_SP_E_CERT));
try {
metadata = CreateSAML2HostedProviderTemplate.buildMetaDataTemplate(entityId, map, getRequestURL(params));
//metadata = enableSigning(metadata);
extendedData = CreateSAML2HostedProviderTemplate.createExtendedDataTemplate(entityId, map, getRequestURL(params));
} catch (SAML2MetaException e) {
return e.getMessage();
}
}
String[] results = ImportSAML2MetaData.importData(null, metadata, extendedData);
String realm = results[0];
String entityId = results[1];
String cot = getString(params, ParameterKeys.P_COT);
if ((cot != null) && (cot.length() > 0)) {
try {
AddProviderToCOT.addToCOT(realm, cot, entityId);
} catch (COTException e) {
throw new WorkflowException(e.getMessage());
}
}
List attrMapping = null;
if (defAttrMappings.equals("true")) {
attrMapping = new ArrayList(1);
attrMapping.add("*=*");
} else {
attrMapping = getAttributeMapping(params);
}
if (!attrMapping.isEmpty()) {
try {
SAML2MetaManager manager = new SAML2MetaManager();
EntityConfigElement config = manager.getEntityConfig(realm, entityId);
SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, entityId);
Map attribConfig = SAML2MetaUtils.getAttributes(ssoConfig);
List mappedAttributes = (List) attribConfig.get(SAML2Constants.ATTRIBUTE_MAP);
mappedAttributes.addAll(attrMapping);
manager.setEntityConfig(realm, config);
} catch (SAML2MetaException e) {
throw new WorkflowException(e.getMessage());
}
}
return "done|||realm=" + realm;
}
use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.
the class CreateRemoteSP method execute.
/**
* Creates remote service provider.
*
* @param locale Locale of the request.
* @param params Map of creation parameters.
*/
@Override
public String execute(Locale locale, Map params) throws WorkflowException {
validateParameters(params);
String realm = getString(params, ParameterKeys.P_REALM);
String metadataFile = getString(params, ParameterKeys.P_META_DATA);
String metadata = getContent(metadataFile, locale);
String extendedMeta = null;
List attrMapping = getAttributeMapping(params);
if (!attrMapping.isEmpty()) {
try {
EntityDescriptorElement e = SAML2MetaUtils.getEntityDescriptorElement(metadata);
String eId = e.getEntityID();
extendedMeta = createExtendedDataTemplate(eId, false);
} catch (SAML2MetaException ex) {
throw new WorkflowException(ex.getMessage());
} catch (JAXBException ex) {
throw new WorkflowException(ex.getMessage());
}
}
String[] results = ImportSAML2MetaData.importData(realm, metadata, extendedMeta);
String entityId = results[1];
String cot = getString(params, ParameterKeys.P_COT);
if ((cot != null) && (cot.length() > 0)) {
try {
AddProviderToCOT.addToCOT(realm, cot, entityId);
} catch (COTException e) {
throw new WorkflowException(e.getMessage());
}
}
try {
if (!attrMapping.isEmpty()) {
SAML2MetaManager manager = new SAML2MetaManager();
EntityConfigElement config = manager.getEntityConfig(realm, entityId);
SPSSOConfigElement ssoConfig = manager.getSPSSOConfig(realm, entityId);
if (ssoConfig != null) {
ObjectFactory objFactory = new ObjectFactory();
AttributeType avp = objFactory.createAttributeElement();
String key = SAML2Constants.ATTRIBUTE_MAP;
avp.setName(key);
avp.getValue().addAll(attrMapping);
ssoConfig.getAttribute().add(avp);
}
manager.setEntityConfig(realm, config);
}
} catch (SAML2MetaException e) {
throw new WorkflowException(e.getMessage());
} catch (JAXBException e) {
throw new WorkflowException(e.getMessage());
}
return getMessage("sp.configured", locale);
}
use of com.sun.identity.saml2.meta.SAML2MetaException in project OpenAM by OpenRock.
the class SAML2Proxy method getUrl.
private static String getUrl(HttpServletRequest request, HttpServletResponse response) throws IOException {
if (request == null || response == null) {
DEBUG.error("SAML2Proxy: Null request or response");
return getUrlWithError(request, BAD_REQUEST);
}
try {
SAMLUtils.checkHTTPContentLength(request);
} catch (ServletException se) {
DEBUG.error("SAML2Proxy: content length too large");
return getUrlWithError(request, BAD_REQUEST);
}
if (FSUtils.needSetLBCookieAndRedirect(request, response, false)) {
return getUrlWithError(request, MISSING_COOKIE);
}
// get entity id and orgName
String requestURL = request.getRequestURL().toString();
String metaAlias = SAML2MetaUtils.getMetaAliasByUri(requestURL);
SAML2MetaManager metaManager = SAML2Utils.getSAML2MetaManager();
String hostEntityId;
if (metaManager == null) {
DEBUG.error("SAML2Proxy: Unable to obtain metaManager");
return getUrlWithError(request, MISSING_META_MANAGER);
}
try {
hostEntityId = metaManager.getEntityByMetaAlias(metaAlias);
if (hostEntityId == null) {
throw new SAML2MetaException("Caught Instantly");
}
} catch (SAML2MetaException sme) {
DEBUG.warning("SAML2Proxy: unable to find hosted entity with metaAlias: {} Exception: {}", metaAlias, sme.toString());
return getUrlWithError(request, META_DATA_ERROR);
}
String realm = SAML2MetaUtils.getRealmByMetaAlias(metaAlias);
if (StringUtils.isEmpty(realm)) {
realm = "/";
}
ResponseInfo respInfo;
try {
respInfo = SPACSUtils.getResponse(request, response, realm, hostEntityId, metaManager);
} catch (SAML2Exception se) {
DEBUG.error("SAML2Proxy: Unable to obtain SAML response", se);
return getUrlWithError(request, SAML_GET_RESPONSE_ERROR, se.getL10NMessage(request.getLocale()));
}
Map smap;
try {
// check Response/Assertion and get back a Map of relevant data
smap = SAML2Utils.verifyResponse(request, response, respInfo.getResponse(), realm, hostEntityId, respInfo.getProfileBinding());
} catch (SAML2Exception se) {
DEBUG.error("SAML2Proxy: An error occurred while verifying the SAML response", se);
return getUrlWithError(request, SAML_VERIFY_RESPONSE_ERROR, se.getL10NMessage(request.getLocale()));
}
String key = generateKey();
//survival time is one hour
SAML2ResponseData data = new SAML2ResponseData((String) smap.get(SAML2Constants.SESSION_INDEX), (Subject) smap.get(SAML2Constants.SUBJECT), (Assertion) smap.get(SAML2Constants.POST_ASSERTION), respInfo);
if (SAML2FailoverUtils.isSAML2FailoverEnabled()) {
try {
//counted in seconds
long sessionExpireTime = System.currentTimeMillis() / 1000 + SPCache.interval;
SAML2FailoverUtils.saveSAML2TokenWithoutSecondaryKey(key, data, sessionExpireTime);
} catch (SAML2TokenRepositoryException e) {
DEBUG.error("An error occurred while persisting the SAML token", e);
return getUrlWithError(request, SAML_FAILOVER_DISABLED_ERROR);
}
} else {
SAML2Store.saveTokenWithKey(key, data);
}
return getUrlWithKey(request, key);
}
Aggregations