Example 11 with AzRule
use of com.tremolosecurity.proxy.az.AzRule in project OpenUnison by TremoloSecurity.
the class TokenData method loadStaticTrusts.
private void loadStaticTrusts(HashMap<String, HashMap<String, Attribute>> trustCfg) throws Exception {
this.trusts = new HashMap<String, OpenIDConnectTrust>();
for (String trustName : trustCfg.keySet()) {
HashMap<String, Attribute> attrs = trustCfg.get(trustName);
OpenIDConnectTrust trust = new OpenIDConnectTrust();
trust.setClientID(attrs.get("clientID").getValues().get(0));
trust.setClientSecret(attrs.get("clientSecret").getValues().get(0));
trust.getRedirectURI().addAll(attrs.get("redirectURI").getValues());
trust.setCodeLastmileKeyName(attrs.get("codeLastMileKeyName").getValues().get(0));
trust.setAuthChain(attrs.get("authChainName") != null ? attrs.get("authChainName").getValues().get(0) : null);
trust.setCodeTokenTimeToLive(Long.parseLong(attrs.get("codeTokenSkewMilis").getValues().get(0)));
trust.setAccessTokenTimeToLive(Long.parseLong(attrs.get("accessTokenTimeToLive").getValues().get(0)));
trust.setAccessTokenSkewMillis(Long.parseLong(attrs.get("accessTokenSkewMillis").getValues().get(0)));
trust.setSignedUserInfo(attrs.get("signedUserInfo") != null && attrs.get("signedUserInfo").getValues().get(0).equalsIgnoreCase("true"));
trust.setSts(attrs.get("isSts") != null && attrs.get("isSts").getValues().get(0).equalsIgnoreCase("true"));
if (trust.isSts()) {
Attribute clientAzRuleCfg = attrs.get("clientAzRules");
if (clientAzRuleCfg != null) {
for (String ruleCfg : clientAzRuleCfg.getValues()) {
StringTokenizer toker = new StringTokenizer(ruleCfg, ";", false);
toker.hasMoreTokens();
String scope = toker.nextToken();
toker.hasMoreTokens();
String constraint = toker.nextToken();
try {
AzRule rule = new AzRule(scope, constraint, null, GlobalEntries.getGlobalEntries().getConfigManager(), null);
trust.getClientAzRules().add(rule);
} catch (ProvisioningException e) {
throw new ServletException("Could not create az rule", e);
}
}
}
Attribute allowedAudiences = attrs.get("authorizedAudiences");
if (allowedAudiences != null) {
trust.getAllowedAudiences().addAll(allowedAudiences.getValues());
}
Attribute subjectAzRuleCfg = attrs.get("subjectAzRules");
if (subjectAzRuleCfg != null) {
for (String ruleCfg : subjectAzRuleCfg.getValues()) {
StringTokenizer toker = new StringTokenizer(ruleCfg, ";", false);
toker.hasMoreTokens();
String scope = toker.nextToken();
toker.hasMoreTokens();
String constraint = toker.nextToken();
try {
AzRule rule = new AzRule(scope, constraint, null, GlobalEntries.getGlobalEntries().getConfigManager(), null);
trust.getSubjectAzRules().add(rule);
} catch (ProvisioningException e) {
throw new ServletException("Could not create az rule", e);
}
}
}
trust.setStsImpersonation(attrs.get("stsImpersonation") != null && attrs.get("stsImpersonation").getValues().get(0).equalsIgnoreCase("true"));
trust.setStsDelegation(attrs.get("stsDelegation") != null && attrs.get("stsDelegation").getValues().get(0).equalsIgnoreCase("true"));
}
Attribute enableClientCredentialsGrant = attrs.get("enableClientCredentialsGrant");
if (enableClientCredentialsGrant != null) {
trust.setEnableClientCredentialGrant(enableClientCredentialsGrant.getValues().get(0).equalsIgnoreCase("true"));
}
if (attrs.get("verifyRedirect") == null) {
trust.setVerifyRedirect(true);
} else {
trust.setVerifyRedirect(attrs.get("verifyRedirect").getValues().get(0).equalsIgnoreCase("true"));
}
trust.setTrustName(trustName);
if (attrs.get("publicEndpoint") != null && attrs.get("publicEndpoint").getValues().get(0).equalsIgnoreCase("true")) {
trust.setPublicEndpoint(true);
}
trusts.put(trust.getClientID(), trust);
}
}
Also used :
ServletException(javax.servlet.ServletException)
StringTokenizer(java.util.StringTokenizer)
Attribute(com.tremolosecurity.saml.Attribute)
LDAPAttribute(com.novell.ldap.LDAPAttribute)
ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException)
AzRule(com.tremolosecurity.proxy.az.AzRule)
Aggregations
AzRule (com.tremolosecurity.proxy.az.AzRule)11
ArrayList (java.util.ArrayList)7
AzRuleType (com.tremolosecurity.config.xml.AzRuleType)6
ConfigManager (com.tremolosecurity.config.util.ConfigManager)5
OrgType (com.tremolosecurity.config.xml.OrgType)5
ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)4
Attribute (com.tremolosecurity.saml.Attribute)4
HashMap (java.util.HashMap)4
Gson (com.google.gson.Gson)3
LDAPAttribute (com.novell.ldap.LDAPAttribute)3
Organization (com.tremolosecurity.provisioning.service.util.Organization)3
AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)3
AzSys (com.tremolosecurity.proxy.auth.AzSys)3
IOException (java.io.IOException)3
ServletException (javax.servlet.ServletException)3
LDAPAttributeSet (com.novell.ldap.LDAPAttributeSet)2
LDAPEntry (com.novell.ldap.LDAPEntry)2
LDAPException (com.novell.ldap.LDAPException)2
LDAPSearchResults (com.novell.ldap.LDAPSearchResults)2
PortalUrlType (com.tremolosecurity.config.xml.PortalUrlType)2
