Example 1 with ParamType
use of com.tremolosecurity.config.xml.ParamType in project OpenUnison by TremoloSecurity.
the class LoadApplicationsFromK8s method createIdpOnUrl.
private void createIdpOnUrl(JSONObject jsonUrl, UrlType url) throws ProvisioningException, Exception {
IdpType idp = new IdpType();
JSONObject jsonIdp = (JSONObject) jsonUrl.get("idp");
url.setIdp(idp);
idp.setClassName((String) jsonIdp.get("className"));
JSONObject params = (JSONObject) jsonIdp.get("params");
if (params != null) {
for (Object x : params.keySet()) {
String paramName = (String) x;
Object z = params.get(paramName);
if (z instanceof String) {
ParamType pt = new ParamType();
pt.setName(paramName);
pt.setValue((String) z);
idp.getParams().add(pt);
} else {
JSONArray values = (JSONArray) z;
for (Object y : values) {
ParamType pt = new ParamType();
pt.setName(paramName);
pt.setValue((String) y);
idp.getParams().add(pt);
}
}
}
}
JSONArray secretParams = (JSONArray) jsonIdp.get("secretParams");
if (secretParams != null) {
HttpCon nonwatchHttp = this.k8sWatch.getK8s().createClient();
String token = this.k8sWatch.getK8s().getAuthToken();
try {
for (Object ox : secretParams) {
JSONObject secretParam = (JSONObject) ox;
String paramName = (String) secretParam.get("name");
String secretName = (String) secretParam.get("secretName");
String secretKey = (String) secretParam.get("secretKey");
String secretValue = this.k8sWatch.getSecretValue(secretName, secretKey, token, nonwatchHttp);
ParamType pt = new ParamType();
pt.setName(paramName);
pt.setValue(secretValue);
idp.getParams().add(pt);
}
} finally {
nonwatchHttp.getHttp().close();
nonwatchHttp.getBcm().close();
}
}
JSONObject mappings = (JSONObject) jsonIdp.get("mappings");
if (mappings != null) {
IdpMappingType idpMappingType = new IdpMappingType();
idpMappingType.setStrict(getBoolValue(mappings.get("strict"), true));
JSONArray jsonMap = (JSONArray) mappings.get("map");
if (jsonMap != null) {
for (Object x : jsonMap) {
JSONObject map = (JSONObject) x;
ProvisionMappingType pmt = new ProvisionMappingType();
pmt.setTargetAttributeName((String) map.get("targetAttributeName"));
pmt.setTargetAttributeSource((String) map.get("targetAttributeSource"));
pmt.setSourceType((String) map.get("sourceType"));
idpMappingType.getMapping().add(pmt);
}
}
idp.setMappings(idpMappingType);
}
JSONArray jsonTrusts = (JSONArray) jsonIdp.get("trusts");
if (jsonTrusts != null) {
TrustsType tt = new TrustsType();
for (Object o : jsonTrusts) {
JSONObject jsonTrust = (JSONObject) o;
TrustType trust = new TrustType();
trust.setName((String) jsonTrust.get("name"));
params = (JSONObject) jsonTrust.get("params");
if (params != null) {
for (Object x : params.keySet()) {
String paramName = (String) x;
Object z = params.get(paramName);
if (z instanceof String) {
ParamType pt = new ParamType();
pt.setName(paramName);
pt.setValue((String) z);
trust.getParam().add(pt);
} else {
JSONArray values = (JSONArray) z;
for (Object y : values) {
ParamType pt = new ParamType();
pt.setName(paramName);
pt.setValue((String) y);
trust.getParam().add(pt);
}
}
}
}
secretParams = (JSONArray) jsonTrust.get("secretParams");
if (secretParams != null) {
HttpCon nonwatchHttp = this.k8sWatch.getK8s().createClient();
String token = this.k8sWatch.getK8s().getAuthToken();
try {
for (Object ox : secretParams) {
JSONObject secretParam = (JSONObject) ox;
String paramName = (String) secretParam.get("name");
String secretName = (String) secretParam.get("secretName");
String secretKey = (String) secretParam.get("secretKey");
String secretValue = this.k8sWatch.getSecretValue(secretName, secretKey, token, nonwatchHttp);
ParamType pt = new ParamType();
pt.setName(paramName);
pt.setValue(secretValue);
trust.getParam().add(pt);
}
} finally {
nonwatchHttp.getHttp().close();
nonwatchHttp.getBcm().close();
}
}
tt.getTrust().add(trust);
}
idp.setTrusts(tt);
}
}
Also used :
IdpType(com.tremolosecurity.config.xml.IdpType)
TrustsType(com.tremolosecurity.config.xml.TrustsType)
HttpCon(com.tremolosecurity.provisioning.util.HttpCon)
JSONObject(org.json.simple.JSONObject)
JSONArray(org.json.simple.JSONArray)
TrustType(com.tremolosecurity.config.xml.TrustType)
JSONObject(org.json.simple.JSONObject)
ProvisionMappingType(com.tremolosecurity.config.xml.ProvisionMappingType)
IdpMappingType(com.tremolosecurity.config.xml.IdpMappingType)
AuthMechParamType(com.tremolosecurity.config.xml.AuthMechParamType)
ParamType(com.tremolosecurity.config.xml.ParamType)
Example 2 with ParamType
use of com.tremolosecurity.config.xml.ParamType in project OpenUnison by TremoloSecurity.
the class OpenShiftTarget method initRemoteOidc.
private void initRemoteOidc(Map<String, Attribute> cfg, ConfigManager cfgMgr, String name) throws ProvisioningException {
this.oidcIdp = this.loadOption("oidcIdp", cfg, false);
this.oidcIssuerHost = this.loadOptionalAttributeValue("oidcIssuerHost", "oidcIssuerHost", cfg, null);
this.oidcSub = this.loadOption("oidcSub", cfg, false);
this.oidcAudience = this.loadOption("oidcAudience", cfg, false);
for (ApplicationType at : cfgMgr.getCfg().getApplications().getApplication()) {
if (at.getName().equals(this.oidcIdp)) {
for (ParamType pt : at.getUrls().getUrl().get(0).getIdp().getParams()) {
if (pt.getName().equals("jwtSigningKey")) {
this.oidcCertName = pt.getValue();
}
}
if (this.oidcIssuerHost == null) {
this.oidcIssuerHost = at.getUrls().getUrl().get(0).getHost().get(0);
}
this.oidcIssuer = "https://" + this.oidcIssuerHost + at.getUrls().getUrl().get(0).getUri();
}
}
}
Also used :
ApplicationType(com.tremolosecurity.config.xml.ApplicationType)
ParamType(com.tremolosecurity.config.xml.ParamType)
Example 3 with ParamType
use of com.tremolosecurity.config.xml.ParamType in project OpenUnison by TremoloSecurity.
the class LoadAuthorizationsFromK8s method createCustomAz.
private CustomAzRuleType createCustomAz(JSONObject item, String name) throws ProvisioningException {
CustomAzRuleType cart = new CustomAzRuleType();
JSONObject spec = (JSONObject) item.get("spec");
cart.setName(name);
cart.setClassName((String) spec.get("className"));
JSONObject params = (JSONObject) spec.get("params");
for (Object o : params.keySet()) {
String keyName = (String) o;
Object v = params.get(keyName);
if (v instanceof String) {
String val = (String) v;
ParamType pt = new ParamType();
pt.setName(keyName);
pt.setValue(val);
cart.getParams().add(pt);
} else if (v instanceof JSONArray) {
for (Object ov : ((JSONArray) v)) {
ParamType pt = new ParamType();
pt.setName(keyName);
pt.setValue((String) ov);
cart.getParams().add(pt);
}
}
}
JSONArray secretParams = (JSONArray) spec.get("secretParams");
if (secretParams != null) {
try {
HttpCon nonwatchHttp = this.k8sWatch.getK8s().createClient();
String token = this.k8sWatch.getK8s().getAuthToken();
try {
for (Object ox : secretParams) {
JSONObject secretParam = (JSONObject) ox;
String paramName = (String) secretParam.get("name");
String secretName = (String) secretParam.get("secretName");
String secretKey = (String) secretParam.get("secretKey");
String secretValue = this.k8sWatch.getSecretValue(secretName, secretKey, token, nonwatchHttp);
ParamType pt = new ParamType();
pt.setName(paramName);
pt.setValue(secretValue);
cart.getParams().add(pt);
}
} finally {
nonwatchHttp.getHttp().close();
nonwatchHttp.getBcm().close();
}
} catch (Exception e) {
throw new ProvisioningException("Could not generate secret params from '" + name + "'", e);
}
}
return cart;
}
Also used :
HttpCon(com.tremolosecurity.provisioning.util.HttpCon)
JSONObject(org.json.simple.JSONObject)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
JSONArray(org.json.simple.JSONArray)
CustomAzRuleType(com.tremolosecurity.config.xml.CustomAzRuleType)
JSONObject(org.json.simple.JSONObject)
ParamType(com.tremolosecurity.config.xml.ParamType)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
ParseException(org.json.simple.parser.ParseException)
Example 4 with ParamType
use of com.tremolosecurity.config.xml.ParamType in project OpenUnison by TremoloSecurity.
the class LoadTargetsFromK8s method createTarget.
private TargetType createTarget(JSONObject item, String name) throws ProvisioningException {
TargetType target = new TargetType();
target.setName(name);
target.setParams(new TargetConfigType());
HttpCon nonwatchHttp = null;
JSONObject spec = (JSONObject) item.get("spec");
try {
nonwatchHttp = this.k8sWatch.getK8s().createClient();
String token = this.k8sWatch.getK8s().getAuthToken();
StringBuffer b = new StringBuffer();
b.setLength(0);
OpenUnisonConfigLoader.integrateIncludes(b, (String) spec.get("className"));
target.setClassName(b.toString());
JSONArray params = (JSONArray) spec.get("params");
for (Object o : params) {
JSONObject param = (JSONObject) o;
ParamType pt = new ParamType();
b.setLength(0);
OpenUnisonConfigLoader.integrateIncludes(b, (String) param.get("name"));
pt.setName(b.toString());
b.setLength(0);
OpenUnisonConfigLoader.integrateIncludes(b, (String) param.get("value"));
pt.setValue(b.toString());
target.getParams().getParam().add(pt);
}
JSONArray secretParams = (JSONArray) spec.get("secretParams");
for (Object o : secretParams) {
JSONObject secretParam = (JSONObject) o;
String paramName = (String) secretParam.get("name");
String secretName = (String) secretParam.get("secretName");
String secretKey = (String) secretParam.get("secretKey");
String secretValue = this.k8sWatch.getSecretValue(secretName, secretKey, token, nonwatchHttp);
ParamType pt = new ParamType();
pt.setName(paramName);
pt.setValue(secretValue);
target.getParams().getParam().add(pt);
}
JSONArray attrs = (JSONArray) spec.get("targetAttributes");
for (Object o : attrs) {
JSONObject attr = (JSONObject) o;
TargetAttributeType ta = new TargetAttributeType();
b.setLength(0);
OpenUnisonConfigLoader.integrateIncludes(b, (String) attr.get("name"));
ta.setName(b.toString());
b.setLength(0);
OpenUnisonConfigLoader.integrateIncludes(b, (String) attr.get("source"));
ta.setSource(b.toString());
ta.setSourceType((String) attr.get("sourceType"));
ta.setTargetType((String) attr.get("targetType"));
target.getTargetAttribute().add(ta);
}
synchronized (this.tremolo.getProvisioning().getTargets().getTarget()) {
int found = -1;
int ii = 0;
for (TargetType tt : this.tremolo.getProvisioning().getTargets().getTarget()) {
if (tt.getName().equals(target.getName())) {
found = ii;
break;
}
ii++;
}
if (found >= 0) {
this.tremolo.getProvisioning().getTargets().getTarget().remove(found);
}
this.tremolo.getProvisioning().getTargets().getTarget().add(target);
}
return target;
} catch (Exception e) {
throw new ProvisioningException("Could not add target '" + name + "'", e);
} finally {
if (nonwatchHttp != null) {
try {
nonwatchHttp.getHttp().close();
} catch (IOException e) {
}
nonwatchHttp.getBcm().close();
}
}
}
Also used :
JSONArray(org.json.simple.JSONArray)
IOException(java.io.IOException)
ParamType(com.tremolosecurity.config.xml.ParamType)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
IOException(java.io.IOException)
TargetAttributeType(com.tremolosecurity.config.xml.TargetAttributeType)
HttpCon(com.tremolosecurity.provisioning.util.HttpCon)
JSONObject(org.json.simple.JSONObject)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
TargetType(com.tremolosecurity.config.xml.TargetType)
TargetConfigType(com.tremolosecurity.config.xml.TargetConfigType)
JSONObject(org.json.simple.JSONObject)
Example 5 with ParamType
use of com.tremolosecurity.config.xml.ParamType in project OpenUnison by TremoloSecurity.
the class LastMessageTime method emptyDLQ.
public static void emptyDLQ(TremoloType config, String dlqName) throws Exception {
if (config.getProvisioning().getQueueConfig().isIsUseInternalQueue()) {
throw new Exception("This feature is not available for interal queues");
}
try {
String dlqSessionID = UUID.randomUUID().toString();
logger.info("DLQ Run : " + dlqSessionID);
logger.info("Connecting to " + config.getProvisioning().getQueueConfig().getConnectionFactory());
ConnectionFactory cf = (ConnectionFactory) Class.forName(config.getProvisioning().getQueueConfig().getConnectionFactory()).newInstance();
for (ParamType pt : config.getProvisioning().getQueueConfig().getParam()) {
String methodName = "set" + pt.getName().toUpperCase().charAt(0) + pt.getName().substring(1);
Method m = Class.forName(config.getProvisioning().getQueueConfig().getConnectionFactory()).getMethod(methodName, String.class);
m.invoke(cf, pt.getValue());
}
javax.jms.Connection con = cf.createConnection();
con.start();
logger.info("Connected");
logger.info("Creating queue " + dlqName);
Session session = con.createSession(false, Session.CLIENT_ACKNOWLEDGE);
Queue queue = session.createQueue(dlqName);
MessageConsumer consumer = session.createConsumer(queue);
logger.info("Checking for messages");
final Bool runDone = new Bool(false);
LastMessageTime last = new LastMessageTime();
last.lastMessageTime = System.currentTimeMillis();
HashMap<String, MessageProducer> qs = new HashMap<String, MessageProducer>();
consumer.setMessageListener(receivedMessage -> {
try {
logger.info("Processing message : " + receivedMessage.getJMSMessageID());
synchronized (last) {
last.lastMessageTime = System.currentTimeMillis();
}
if (receivedMessage.getStringProperty("dlqRunID") != null && receivedMessage.getStringProperty("dlqRunID").equalsIgnoreCase(dlqSessionID)) {
logger.info("Message already processed, stopping the run");
runDone.setValue(true);
return;
}
if (receivedMessage.getBooleanProperty("unisonignore")) {
if (logger.isDebugEnabled()) {
logger.debug("ignoring message");
}
receivedMessage.acknowledge();
receivedMessage = consumer.receive(1000);
return;
}
String originalQueue = receivedMessage.getStringProperty("OriginalQueue");
logger.info("Adding message " + receivedMessage.getJMSMessageID() + " to queue " + originalQueue);
TextMessage m = session.createTextMessage();
m.setStringProperty("dlqRunID", dlqSessionID);
m.setText(((TextMessage) receivedMessage).getText());
Enumeration enumer = receivedMessage.getPropertyNames();
while (enumer.hasMoreElements()) {
String propName = (String) enumer.nextElement();
m.setObjectProperty(propName, receivedMessage.getObjectProperty(propName));
}
if (qs.containsKey(originalQueue)) {
qs.get(originalQueue).send(m);
} else {
Queue q = session.createQueue(originalQueue);
MessageProducer lmp = session.createProducer(q);
qs.put(originalQueue, lmp);
lmp.send(m);
}
receivedMessage.acknowledge();
// session.commit();
logger.info("Message Sent");
} catch (JMSException e) {
runDone.setValue(true);
logger.error("Could not process message", e);
}
});
while (!runDone.getValue()) {
logger.info("Sleeping for 1 second...");
Thread.sleep(1000);
synchronized (last) {
if (System.currentTimeMillis() - last.lastMessageTime > 1000) {
logger.info("No new messages for 1 second, ending run");
runDone.setValue(true);
}
}
}
for (String key : qs.keySet()) {
qs.get(key).close();
}
consumer.close();
session.close();
con.close();
logger.info("Queue Emptied");
} catch (Throwable t) {
logger.warn("Error while clearing DLQ", t);
}
}
Also used :
MessageConsumer(javax.jms.MessageConsumer)
Enumeration(java.util.Enumeration)
HashMap(java.util.HashMap)
JMSException(javax.jms.JMSException)
Method(java.lang.reflect.Method)
JMSException(javax.jms.JMSException)
ParamType(com.tremolosecurity.config.xml.ParamType)
ConnectionFactory(javax.jms.ConnectionFactory)
Bool(net.sourceforge.myvd.types.Bool)
MessageProducer(javax.jms.MessageProducer)
Queue(javax.jms.Queue)
TextMessage(javax.jms.TextMessage)
Session(javax.jms.Session)
Aggregations
ParamType (com.tremolosecurity.config.xml.ParamType)27
HashMap (java.util.HashMap)17
Attribute (com.tremolosecurity.saml.Attribute)14
IOException (java.io.IOException)12
LDAPAttribute (com.novell.ldap.LDAPAttribute)8
AuthMechParamType (com.tremolosecurity.config.xml.AuthMechParamType)7
DynamicPortalUrlsType (com.tremolosecurity.config.xml.DynamicPortalUrlsType)7
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)7
FileNotFoundException (java.io.FileNotFoundException)7
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)7
JAXBException (javax.xml.bind.JAXBException)7
JSONObject (org.json.simple.JSONObject)7
JSONArray (org.json.simple.JSONArray)6
ApplicationType (com.tremolosecurity.config.xml.ApplicationType)5
TrustType (com.tremolosecurity.config.xml.TrustType)5
ServletException (javax.servlet.ServletException)5
LDAPException (com.novell.ldap.LDAPException)4
HttpCon (com.tremolosecurity.provisioning.util.HttpCon)4
KeyStoreException (java.security.KeyStoreException)4
UnrecoverableKeyException (java.security.UnrecoverableKeyException)4
