Search in sources :

Example 11 with MechanismType

use of com.tremolosecurity.config.xml.MechanismType in project OpenUnison by TremoloSecurity.

the class LoadAuthMechsFromK8s method modifyObject.

@Override
public void modifyObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
    String rawJson = item.toJSONString();
    StringBuffer b = new StringBuffer();
    b.setLength(0);
    OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
    try {
        JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
        JSONObject metadata = (JSONObject) newRoot.get("metadata");
        if (metadata == null) {
            throw new ProvisioningException("No metadata");
        }
        String name = (String) metadata.get("name");
        logger.info("Modifying authentication mechanism " + name);
        try {
            MechanismType mt = this.createAuthMech(item, name);
            GlobalEntries.getGlobalEntries().getConfigManager().addAuthenticationMechanism(mt);
            synchronized (GlobalEntries.getGlobalEntries().getConfigManager().getCfg()) {
                MechanismType curMech = null;
                for (MechanismType itMech : GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthMechs().getMechanism()) {
                    if (itMech.getName().equals(mt.getName())) {
                        curMech = itMech;
                        break;
                    }
                }
                if (curMech != null) {
                    GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthMechs().getMechanism().remove(curMech);
                }
                GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthMechs().getMechanism().add(mt);
            }
        } catch (Exception e) {
            logger.warn("Could not initialize authentication mechanism " + name, e);
            return;
        }
    } catch (ParseException e) {
        throw new ProvisioningException("Could not parse custom authorization", e);
    }
}
Also used : JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) JSONParser(org.json.simple.parser.JSONParser) MechanismType(com.tremolosecurity.config.xml.MechanismType) ParseException(org.json.simple.parser.ParseException) ParseException(org.json.simple.parser.ParseException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)

Example 12 with MechanismType

use of com.tremolosecurity.config.xml.MechanismType in project OpenUnison by TremoloSecurity.

the class LoadAuthMechsFromK8s method createAuthMech.

private MechanismType createAuthMech(JSONObject item, String name) throws Exception {
    MechanismType mechType = new MechanismType();
    JSONObject spec = (JSONObject) item.get("spec");
    mechType.setName(name);
    mechType.setClassName((String) spec.get("className"));
    mechType.setUri((String) spec.get("uri"));
    mechType.setInit(new ConfigType());
    mechType.setParams(new ParamListType());
    JSONObject params = (JSONObject) spec.get("init");
    for (Object o : params.keySet()) {
        String keyName = (String) o;
        Object v = params.get(keyName);
        if (v instanceof String) {
            String val = (String) v;
            ParamType pt = new ParamType();
            pt.setName(keyName);
            pt.setValue(val);
            mechType.getInit().getParam().add(pt);
        } else if (v instanceof JSONArray) {
            for (Object ov : ((JSONArray) v)) {
                ParamType pt = new ParamType();
                pt.setName(keyName);
                pt.setValue((String) ov);
                mechType.getInit().getParam().add(pt);
            }
        }
    }
    JSONArray secretParams = (JSONArray) spec.get("secretParams");
    if (secretParams != null) {
        HttpCon nonwatchHttp = this.k8sWatch.getK8s().createClient();
        String token = this.k8sWatch.getK8s().getAuthToken();
        try {
            for (Object o : secretParams) {
                JSONObject secretParam = (JSONObject) o;
                String paramName = (String) secretParam.get("name");
                String secretName = (String) secretParam.get("secretName");
                String secretKey = (String) secretParam.get("secretKey");
                String secretValue = this.k8sWatch.getSecretValue(secretName, secretKey, token, nonwatchHttp);
                ParamType pt = new ParamType();
                pt.setName(paramName);
                pt.setValue(secretValue);
                mechType.getInit().getParam().add(pt);
            }
        } finally {
            nonwatchHttp.getHttp().close();
            nonwatchHttp.getBcm().close();
        }
    }
    return mechType;
}
Also used : HttpCon(com.tremolosecurity.provisioning.util.HttpCon) JSONObject(org.json.simple.JSONObject) ParamListType(com.tremolosecurity.config.xml.ParamListType) JSONArray(org.json.simple.JSONArray) MechanismType(com.tremolosecurity.config.xml.MechanismType) JSONObject(org.json.simple.JSONObject) ConfigType(com.tremolosecurity.config.xml.ConfigType) ParamType(com.tremolosecurity.config.xml.ParamType)

Aggregations

MechanismType (com.tremolosecurity.config.xml.MechanismType)12 AuthChainType (com.tremolosecurity.config.xml.AuthChainType)7 AuthMechType (com.tremolosecurity.config.xml.AuthMechType)7 HashMap (java.util.HashMap)6 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)5 Attribute (com.tremolosecurity.saml.Attribute)5 ServletException (javax.servlet.ServletException)5 ParamWithValueType (com.tremolosecurity.config.xml.ParamWithValueType)4 ConfigManager (com.tremolosecurity.config.util.ConfigManager)3 AuthMechParamType (com.tremolosecurity.config.xml.AuthMechParamType)3 ParamType (com.tremolosecurity.config.xml.ParamType)3 IOException (java.io.IOException)3 LDAPException (com.novell.ldap.LDAPException)2 UrlHolder (com.tremolosecurity.config.util.UrlHolder)2 ConfigType (com.tremolosecurity.config.xml.ConfigType)2 DynamicPortalUrlsType (com.tremolosecurity.config.xml.DynamicPortalUrlsType)2 ParamListType (com.tremolosecurity.config.xml.ParamListType)2 ProxyRequest (com.tremolosecurity.proxy.ProxyRequest)2 AnonAuth (com.tremolosecurity.proxy.auth.AnonAuth)2 AuthController (com.tremolosecurity.proxy.auth.AuthController)2