Search in sources :

Example 11 with ProvisioningException

use of com.tremolosecurity.provisioning.core.ProvisioningException in project OpenUnison by TremoloSecurity.

the class LoadAuthChainsFromK8s method modifyObject.

@Override
public void modifyObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
    String rawJson = item.toJSONString();
    StringBuffer b = new StringBuffer();
    b.setLength(0);
    OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
    try {
        JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
        JSONObject metadata = (JSONObject) newRoot.get("metadata");
        if (metadata == null) {
            throw new ProvisioningException("No metadata");
        }
        String name = (String) metadata.get("name");
        logger.info("Modifying authentication chain " + name);
        try {
            AuthChainType act = this.createAuthChain(item, name);
            synchronized (GlobalEntries.getGlobalEntries().getConfigManager().getAuthChains()) {
                GlobalEntries.getGlobalEntries().getConfigManager().getAuthChains().put(name, act);
            }
            synchronized (GlobalEntries.getGlobalEntries().getConfigManager().getCfg()) {
                AuthChainType curAct = null;
                for (AuthChainType itAct : GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthChains().getChain()) {
                    if (itAct.getName().equals(act.getName())) {
                        curAct = itAct;
                        break;
                    }
                }
                if (curAct != null) {
                    GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthChains().getChain().remove(curAct);
                }
                GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthChains().getChain().add(act);
            }
        } catch (Exception e) {
            logger.warn("Could not initialize authentication chain " + name, e);
        }
    } catch (ParseException e) {
        throw new ProvisioningException("Could not parse custom authorization", e);
    }
}
Also used : JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) JSONParser(org.json.simple.parser.JSONParser) ParseException(org.json.simple.parser.ParseException) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) ParseException(org.json.simple.parser.ParseException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)

Example 12 with ProvisioningException

use of com.tremolosecurity.provisioning.core.ProvisioningException in project OpenUnison by TremoloSecurity.

the class LoadAuthMechsFromK8s method addObject.

@Override
public void addObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
    String rawJson = item.toJSONString();
    StringBuffer b = new StringBuffer();
    b.setLength(0);
    OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
    try {
        JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
        JSONObject metadata = (JSONObject) newRoot.get("metadata");
        if (metadata == null) {
            throw new ProvisioningException("No metadata");
        }
        String name = (String) metadata.get("name");
        logger.info("Adding authentication mechanism " + name);
        try {
            MechanismType mt = this.createAuthMech(item, name);
            GlobalEntries.getGlobalEntries().getConfigManager().addAuthenticationMechanism(mt);
            synchronized (GlobalEntries.getGlobalEntries().getConfigManager().getCfg()) {
                MechanismType curMech = null;
                for (MechanismType itMech : GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthMechs().getMechanism()) {
                    if (itMech.getName().equals(mt.getName())) {
                        curMech = itMech;
                        break;
                    }
                }
                if (curMech != null) {
                    GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthMechs().getMechanism().remove(curMech);
                }
                GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getAuthMechs().getMechanism().add(mt);
            }
        } catch (Exception e) {
            logger.warn("Could not initialize authentication mechanism " + name, e);
            return;
        }
    } catch (ParseException e) {
        throw new ProvisioningException("Could not parse custom authorization", e);
    }
}
Also used : JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) JSONParser(org.json.simple.parser.JSONParser) MechanismType(com.tremolosecurity.config.xml.MechanismType) ParseException(org.json.simple.parser.ParseException) ParseException(org.json.simple.parser.ParseException) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)

Example 13 with ProvisioningException

use of com.tremolosecurity.provisioning.core.ProvisioningException in project OpenUnison by TremoloSecurity.

the class LoadAuthorizationsFromK8s method createCustomAz.

private CustomAzRuleType createCustomAz(JSONObject item, String name) throws ProvisioningException {
    CustomAzRuleType cart = new CustomAzRuleType();
    JSONObject spec = (JSONObject) item.get("spec");
    cart.setName(name);
    cart.setClassName((String) spec.get("className"));
    JSONObject params = (JSONObject) spec.get("params");
    for (Object o : params.keySet()) {
        String keyName = (String) o;
        Object v = params.get(keyName);
        if (v instanceof String) {
            String val = (String) v;
            ParamType pt = new ParamType();
            pt.setName(keyName);
            pt.setValue(val);
            cart.getParams().add(pt);
        } else if (v instanceof JSONArray) {
            for (Object ov : ((JSONArray) v)) {
                ParamType pt = new ParamType();
                pt.setName(keyName);
                pt.setValue((String) ov);
                cart.getParams().add(pt);
            }
        }
    }
    JSONArray secretParams = (JSONArray) spec.get("secretParams");
    if (secretParams != null) {
        try {
            HttpCon nonwatchHttp = this.k8sWatch.getK8s().createClient();
            String token = this.k8sWatch.getK8s().getAuthToken();
            try {
                for (Object ox : secretParams) {
                    JSONObject secretParam = (JSONObject) ox;
                    String paramName = (String) secretParam.get("name");
                    String secretName = (String) secretParam.get("secretName");
                    String secretKey = (String) secretParam.get("secretKey");
                    String secretValue = this.k8sWatch.getSecretValue(secretName, secretKey, token, nonwatchHttp);
                    ParamType pt = new ParamType();
                    pt.setName(paramName);
                    pt.setValue(secretValue);
                    cart.getParams().add(pt);
                }
            } finally {
                nonwatchHttp.getHttp().close();
                nonwatchHttp.getBcm().close();
            }
        } catch (Exception e) {
            throw new ProvisioningException("Could not generate secret params from '" + name + "'", e);
        }
    }
    return cart;
}
Also used : HttpCon(com.tremolosecurity.provisioning.util.HttpCon) JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) JSONArray(org.json.simple.JSONArray) CustomAzRuleType(com.tremolosecurity.config.xml.CustomAzRuleType) JSONObject(org.json.simple.JSONObject) ParamType(com.tremolosecurity.config.xml.ParamType) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) ParseException(org.json.simple.parser.ParseException)

Example 14 with ProvisioningException

use of com.tremolosecurity.provisioning.core.ProvisioningException in project OpenUnison by TremoloSecurity.

the class LoadAuthorizationsFromK8s method modifyObject.

@Override
public void modifyObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
    String rawJson = item.toJSONString();
    StringBuffer b = new StringBuffer();
    b.setLength(0);
    OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
    try {
        JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
        JSONObject metadata = (JSONObject) newRoot.get("metadata");
        if (metadata == null) {
            throw new ProvisioningException("No metadata");
        }
        String name = (String) metadata.get("name");
        logger.info("Modifying custom authorization " + name);
        CustomAzRuleType newAzRuleType = this.createCustomAz(item, name);
        GlobalEntries.getGlobalEntries().getConfigManager().addCustomerAuthorization(newAzRuleType);
    } catch (ParseException e) {
        throw new ProvisioningException("Could not parse custom authorization", e);
    }
}
Also used : JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) JSONParser(org.json.simple.parser.JSONParser) CustomAzRuleType(com.tremolosecurity.config.xml.CustomAzRuleType) ParseException(org.json.simple.parser.ParseException)

Example 15 with ProvisioningException

use of com.tremolosecurity.provisioning.core.ProvisioningException in project OpenUnison by TremoloSecurity.

the class LoadAuthorizationsFromK8s method addObject.

@Override
public void addObject(TremoloType cfg, JSONObject item) throws ProvisioningException {
    String rawJson = item.toJSONString();
    StringBuffer b = new StringBuffer();
    b.setLength(0);
    OpenUnisonConfigLoader.integrateIncludes(b, rawJson);
    try {
        JSONObject newRoot = (JSONObject) new JSONParser().parse(b.toString());
        JSONObject metadata = (JSONObject) newRoot.get("metadata");
        if (metadata == null) {
            throw new ProvisioningException("No metadata");
        }
        String name = (String) metadata.get("name");
        logger.info("Adding custom authorization " + name);
        CustomAzRuleType newAzRuleType = this.createCustomAz(item, name);
        GlobalEntries.getGlobalEntries().getConfigManager().addCustomerAuthorization(newAzRuleType);
    } catch (ParseException e) {
        throw new ProvisioningException("Could not parse custom authorization", e);
    }
}
Also used : JSONObject(org.json.simple.JSONObject) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) JSONParser(org.json.simple.parser.JSONParser) CustomAzRuleType(com.tremolosecurity.config.xml.CustomAzRuleType) ParseException(org.json.simple.parser.ParseException)

Aggregations

ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)265 IOException (java.io.IOException)91 HttpCon (com.tremolosecurity.provisioning.util.HttpCon)79 Attribute (com.tremolosecurity.saml.Attribute)75 Workflow (com.tremolosecurity.provisioning.core.Workflow)67 JSONObject (org.json.simple.JSONObject)67 UnsupportedEncodingException (java.io.UnsupportedEncodingException)57 ClientProtocolException (org.apache.http.client.ClientProtocolException)57 LDAPException (com.novell.ldap.LDAPException)56 ArrayList (java.util.ArrayList)54 ParseException (org.json.simple.parser.ParseException)51 HashMap (java.util.HashMap)50 Gson (com.google.gson.Gson)45 User (com.tremolosecurity.provisioning.core.User)44 JSONParser (org.json.simple.parser.JSONParser)42 SQLException (java.sql.SQLException)39 LDAPAttribute (com.novell.ldap.LDAPAttribute)33 LDAPEntry (com.novell.ldap.LDAPEntry)33 LDAPSearchResults (com.novell.ldap.LDAPSearchResults)30 OpenShiftTarget (com.tremolosecurity.unison.openshiftv3.OpenShiftTarget)28