Examples with CustomAzRuleType com.tremolosecurity.config.xml.CustomAzRuleType used on opensource projects

Search in sources :

Example 1 with CustomAzRuleType

use of com.tremolosecurity.config.xml.CustomAzRuleType in project OpenUnison by TremoloSecurity.

the class LoadAuthorizationsFromK8s method createCustomAz.

private CustomAzRuleType createCustomAz(JSONObject item, String name) throws ProvisioningException {
    CustomAzRuleType cart = new CustomAzRuleType();
    JSONObject spec = (JSONObject) item.get("spec");
    cart.setName(name);
    cart.setClassName((String) spec.get("className"));
    JSONObject params = (JSONObject) spec.get("params");
    for (Object o : params.keySet()) {
        String keyName = (String) o;
        Object v = params.get(keyName);
        if (v instanceof String) {
            String val = (String) v;
            ParamType pt = new ParamType();
            pt.setName(keyName);
            pt.setValue(val);
            cart.getParams().add(pt);
        } else if (v instanceof JSONArray) {
            for (Object ov : ((JSONArray) v)) {
                ParamType pt = new ParamType();
                pt.setName(keyName);
                pt.setValue((String) ov);
                cart.getParams().add(pt);
            }
        }
    }
    JSONArray secretParams = (JSONArray) spec.get("secretParams");
    if (secretParams != null) {
        try {
            HttpCon nonwatchHttp = this.k8sWatch.getK8s().createClient();
            String token = this.k8sWatch.getK8s().getAuthToken();
            try {
                for (Object ox : secretParams) {
                    JSONObject secretParam = (JSONObject) ox;
                    String paramName = (String) secretParam.get("name");
                    String secretName = (String) secretParam.get("secretName");
                    String secretKey = (String) secretParam.get("secretKey");
                    String secretValue = this.k8sWatch.getSecretValue(secretName, secretKey, token, nonwatchHttp);
                    ParamType pt = new ParamType();
                    pt.setName(paramName);
                    pt.setValue(secretValue);
                    cart.getParams().add(pt);
                }
            } finally {
                nonwatchHttp.getHttp().close();
                nonwatchHttp.getBcm().close();
            }
        } catch (Exception e) {
            throw new ProvisioningException("Could not generate secret params from '" + name + "'", e);
        }
    }
    return cart;
}
Also used : HttpCon(com.tremolosecurity.provisioning.util.HttpCon) JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) JSONArray(org.json.simple.JSONArray) CustomAzRuleType(com.tremolosecurity.config.xml.CustomAzRuleType) JSONObject(org.json.simple.JSONObject) ParamType(com.tremolosecurity.config.xml.ParamType) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) ParseException(org.json.simple.parser.ParseException)

Example 2 with CustomAzRuleType

use of com.tremolosecurity.config.xml.CustomAzRuleType in project OpenUnison by TremoloSecurity.

the class LoadAuthorizationsFromK8s method modifyObject.

@Override
public void modifyObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
    String rawJson = item.toJSONString();
    StringBuffer b = new StringBuffer();
    b.setLength(0);
    OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
    try {
        JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
        JSONObject metadata = (JSONObject) newRoot.get("metadata");
        if (metadata == null) {
            throw new ProvisioningException("No metadata");
        }
        String name = (String) metadata.get("name");
        logger.info("Modifying custom authorization " + name);
        CustomAzRuleType newAzRuleType = this.createCustomAz(item, name);
        GlobalEntries.getGlobalEntries().getConfigManager().addCustomerAuthorization(newAzRuleType);
    } catch (ParseException e) {
        throw new ProvisioningException("Could not parse custom authorization", e);
    }
}
Also used : JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) JSONParser(org.json.simple.parser.JSONParser) CustomAzRuleType(com.tremolosecurity.config.xml.CustomAzRuleType) ParseException(org.json.simple.parser.ParseException)

Example 3 with CustomAzRuleType

use of com.tremolosecurity.config.xml.CustomAzRuleType in project OpenUnison by TremoloSecurity.

the class LoadAuthorizationsFromK8s method addObject.

@Override
public void addObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
    String rawJson = item.toJSONString();
    StringBuffer b = new StringBuffer();
    b.setLength(0);
    OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
    try {
        JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
        JSONObject metadata = (JSONObject) newRoot.get("metadata");
        if (metadata == null) {
            throw new ProvisioningException("No metadata");
        }
        String name = (String) metadata.get("name");
        logger.info("Adding custom authorization " + name);
        CustomAzRuleType newAzRuleType = this.createCustomAz(item, name);
        GlobalEntries.getGlobalEntries().getConfigManager().addCustomerAuthorization(newAzRuleType);
    } catch (ParseException e) {
        throw new ProvisioningException("Could not parse custom authorization", e);
    }
}
Also used : JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) JSONParser(org.json.simple.parser.JSONParser) CustomAzRuleType(com.tremolosecurity.config.xml.CustomAzRuleType) ParseException(org.json.simple.parser.ParseException)

Example 4 with CustomAzRuleType

use of com.tremolosecurity.config.xml.CustomAzRuleType in project OpenUnison by TremoloSecurity.

the class UnisonConfigManagerImpl method initialize.

/* (non-Javadoc)
	 * @see com.tremolosecurity.config.util.ConfigManager#initialize()
	 */
/* (non-Javadoc)
	 * @see com.tremolosecurity.config.util.UnisonConfigManager#initialize()
	 */
@Override
public void initialize(String name) throws JAXBException, Exception, IOException, FileNotFoundException, InstantiationException, IllegalAccessException, ClassNotFoundException, LDAPException, KeyStoreException, NoSuchAlgorithmException, CertificateException, ProvisioningException {
    JAXBContext jc = JAXBContext.newInstance("com.tremolosecurity.config.xml");
    Unmarshaller unmarshaller = jc.createUnmarshaller();
    String path = configXML;
    this.threads = new ArrayList<StopableThread>();
    // path = path.substring(path.lastIndexOf('/') - 1);
    // path = path.substring(path.lastIndexOf('/') - 1);
    path = path.substring(0, path.lastIndexOf('/'));
    JAXBElement<TremoloType> autoidmcfg = this.loadUnisonConfiguration(unmarshaller);
    this.cfg = autoidmcfg.getValue();
    this.byHost = new HashMap<String, ArrayList<UrlHolder>>();
    this.cache = new HashMap<String, UrlHolder>();
    this.upgradeManager = (HttpUpgradeRequestManager) Class.forName(this.cfg.getUpgradeHandler()).newInstance();
    String myVdPath = cfg.getMyvdConfig();
    this.loadKeystore(path, myVdPath);
    this.initSSL();
    this.loadMyVD(path, myVdPath);
    if (cfg.getApplications().getErrorPage() != null) {
        for (ErrorPage ep : cfg.getApplications().getErrorPage()) {
            this.errorPages.put(ep.getCode(), ep.getLocation());
        }
    }
    this.customAzRules = new HashMap<String, CustomAuthorization>();
    if (this.cfg.getCustomAzRules() != null) {
        for (CustomAzRuleType azrule : this.cfg.getCustomAzRules().getAzRule()) {
            createCustomAuthorizationRule(azrule);
        }
    }
    loadApplicationObjects();
    this.authChains = new HashMap<String, AuthChainType>();
    if (cfg.getAuthChains() != null) {
        Iterator<AuthChainType> itac = cfg.getAuthChains().getChain().iterator();
        while (itac.hasNext()) {
            AuthChainType ac = itac.next();
            this.authChains.put(ac.getName(), ac);
        }
    }
    this.authMechs = new HashMap<String, MechanismType>();
    if (cfg.getAuthMechs() != null) {
        Iterator<MechanismType> itmt = cfg.getAuthMechs().getMechanism().iterator();
        while (itmt.hasNext()) {
            MechanismType mt = itmt.next();
            authMechs.put(mt.getName(), mt);
        }
    }
    this.resGroups = new HashMap<String, ResultGroupType>();
    if (cfg.getResultGroups() != null) {
        Iterator<ResultGroupType> itrgt = cfg.getResultGroups().getResultGroup().iterator();
        while (itrgt.hasNext()) {
            ResultGroupType rgt = itrgt.next();
            this.resGroups.put(rgt.getName(), rgt);
        }
    }
    this.apps = new HashMap<String, ApplicationType>();
    Iterator<ApplicationType> itApp = cfg.getApplications().getApplication().iterator();
    while (itApp.hasNext()) {
        ApplicationType app = itApp.next();
        this.apps.put(app.getName(), app);
    }
    this.provEnvgine = new ProvisioningEngineImpl(this);
    this.provEnvgine.initWorkFlows();
    this.provEnvgine.initMessageConsumers();
    this.provEnvgine.initScheduler();
    this.provEnvgine.initListeners();
    this.provEnvgine.initReports();
    try {
        if (this.getCfg().getResultGroups() != null && this.getCfg().getResultGroups().getDynamicResultGroups() != null && this.getCfg().getResultGroups().getDynamicResultGroups().isEnabled()) {
            DynamicPortalUrlsType dynamicResultGroups = this.getCfg().getResultGroups().getDynamicResultGroups();
            String className = dynamicResultGroups.getClassName();
            HashMap<String, Attribute> cfgAttrs = new HashMap<String, Attribute>();
            for (ParamType pt : dynamicResultGroups.getParams()) {
                Attribute attr = cfgAttrs.get(pt.getName());
                if (attr == null) {
                    attr = new Attribute(pt.getName());
                    cfgAttrs.put(pt.getName(), attr);
                }
                attr.getValues().add(pt.getValue());
            }
            DynamicResultGroups dynResGroups = (DynamicResultGroups) Class.forName(className).newInstance();
            dynResGroups.loadDynamicResultGroups(this, this.getProvisioningEngine(), cfgAttrs);
        }
    } catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) {
        throw new ProvisioningException("Could not initialize dynamic targets", e);
    }
    try {
        if (this.getCfg().getCustomAzRules() != null && this.getCfg().getCustomAzRules().getDynamicCustomAuthorizations() != null && this.getCfg().getCustomAzRules().getDynamicCustomAuthorizations().isEnabled()) {
            DynamicPortalUrlsType dynamicCustomAuthorization = this.getCfg().getCustomAzRules().getDynamicCustomAuthorizations();
            String className = dynamicCustomAuthorization.getClassName();
            HashMap<String, Attribute> cfgAttrs = new HashMap<String, Attribute>();
            for (ParamType pt : dynamicCustomAuthorization.getParams()) {
                Attribute attr = cfgAttrs.get(pt.getName());
                if (attr == null) {
                    attr = new Attribute(pt.getName());
                    cfgAttrs.put(pt.getName(), attr);
                }
                attr.getValues().add(pt.getValue());
            }
            DynamicAuthorizations dynCustomAz = (DynamicAuthorizations) Class.forName(className).newInstance();
            dynCustomAz.loadDynamicAuthorizations(this, this.getProvisioningEngine(), cfgAttrs);
        }
    } catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) {
        throw new ProvisioningException("Could not initialize dynamic targets", e);
    }
    try {
        if (this.getCfg().getAuthChains() != null && this.getCfg().getAuthChains().getDynamicAuthChains() != null && this.getCfg().getAuthChains().getDynamicAuthChains().isEnabled()) {
            DynamicPortalUrlsType dynamicAuthChains = this.getCfg().getAuthChains().getDynamicAuthChains();
            String className = dynamicAuthChains.getClassName();
            HashMap<String, Attribute> cfgAttrs = new HashMap<String, Attribute>();
            for (ParamType pt : dynamicAuthChains.getParams()) {
                Attribute attr = cfgAttrs.get(pt.getName());
                if (attr == null) {
                    attr = new Attribute(pt.getName());
                    cfgAttrs.put(pt.getName(), attr);
                }
                attr.getValues().add(pt.getValue());
            }
            DynamicAuthChains dynAuthChains = (DynamicAuthChains) Class.forName(className).newInstance();
            dynAuthChains.loadDynamicAuthChains(this, provEnvgine, cfgAttrs);
        }
    } catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) {
        throw new ProvisioningException("Could not initialize dynamic targets", e);
    }
    try {
        if (this.getCfg().getApplications() != null && this.getCfg().getApplications().getDynamicApplications() != null && this.getCfg().getApplications().getDynamicApplications().isEnabled()) {
            DynamicPortalUrlsType dynamicApps = this.getCfg().getApplications().getDynamicApplications();
            String className = dynamicApps.getClassName();
            HashMap<String, Attribute> cfgAttrs = new HashMap<String, Attribute>();
            for (ParamType pt : dynamicApps.getParams()) {
                Attribute attr = cfgAttrs.get(pt.getName());
                if (attr == null) {
                    attr = new Attribute(pt.getName());
                    cfgAttrs.put(pt.getName(), attr);
                }
                attr.getValues().add(pt.getValue());
            }
            DynamicApplications dynApps = (DynamicApplications) Class.forName(className).newInstance();
            dynApps.loadDynamicApplications(this, provEnvgine, cfgAttrs);
        }
    } catch (InstantiationException | IllegalAccessException | ClassNotFoundException e) {
        throw new ProvisioningException("Could not initialize dynamic targets", e);
    }
    this.postInitialize();
}
Also used : ErrorPage(com.tremolosecurity.config.xml.ApplicationsType.ErrorPage) TremoloType(com.tremolosecurity.config.xml.TremoloType) Attribute(com.tremolosecurity.saml.Attribute) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) JAXBContext(javax.xml.bind.JAXBContext) DynamicApplications(com.tremolosecurity.proxy.dynamicloaders.DynamicApplications) ProvisioningEngineImpl(com.tremolosecurity.provisioning.core.ProvisioningEngineImpl) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) StopableThread(com.tremolosecurity.server.StopableThread) CustomAzRuleType(com.tremolosecurity.config.xml.CustomAzRuleType) MechanismType(com.tremolosecurity.config.xml.MechanismType) Unmarshaller(javax.xml.bind.Unmarshaller) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) DynamicAuthChains(com.tremolosecurity.proxy.dynamicloaders.DynamicAuthChains) CustomAuthorization(com.tremolosecurity.proxy.az.CustomAuthorization) AuthMechParamType(com.tremolosecurity.config.xml.AuthMechParamType) ParamType(com.tremolosecurity.config.xml.ParamType) DynamicAuthorizations(com.tremolosecurity.proxy.dynamicloaders.DynamicAuthorizations) ApplicationType(com.tremolosecurity.config.xml.ApplicationType) DynamicResultGroups(com.tremolosecurity.proxy.dynamicloaders.DynamicResultGroups) DynamicPortalUrlsType(com.tremolosecurity.config.xml.DynamicPortalUrlsType) ResultGroupType(com.tremolosecurity.config.xml.ResultGroupType)

Aggregations

CustomAzRuleType (com.tremolosecurity.config.xml.CustomAzRuleType)4 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)4 JSONObject (org.json.simple.JSONObject)3 ParseException (org.json.simple.parser.ParseException)3 ParamType (com.tremolosecurity.config.xml.ParamType)2 JSONParser (org.json.simple.parser.JSONParser)2 ApplicationType (com.tremolosecurity.config.xml.ApplicationType)1 ErrorPage (com.tremolosecurity.config.xml.ApplicationsType.ErrorPage)1 AuthChainType (com.tremolosecurity.config.xml.AuthChainType)1 AuthMechParamType (com.tremolosecurity.config.xml.AuthMechParamType)1 DynamicPortalUrlsType (com.tremolosecurity.config.xml.DynamicPortalUrlsType)1 MechanismType (com.tremolosecurity.config.xml.MechanismType)1 ResultGroupType (com.tremolosecurity.config.xml.ResultGroupType)1 TremoloType (com.tremolosecurity.config.xml.TremoloType)1 ProvisioningEngineImpl (com.tremolosecurity.provisioning.core.ProvisioningEngineImpl)1 HttpCon (com.tremolosecurity.provisioning.util.HttpCon)1 CustomAuthorization (com.tremolosecurity.proxy.az.CustomAuthorization)1 DynamicApplications (com.tremolosecurity.proxy.dynamicloaders.DynamicApplications)1 DynamicAuthChains (com.tremolosecurity.proxy.dynamicloaders.DynamicAuthChains)1 DynamicAuthorizations (com.tremolosecurity.proxy.dynamicloaders.DynamicAuthorizations)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial