use of com.tremolosecurity.proxy.az.AzRule in project OpenUnison by TremoloSecurity.
the class TokenData method loadStaticTrusts.
private void loadStaticTrusts(HashMap<String, HashMap<String, Attribute>> trustCfg) throws Exception {
this.trusts = new HashMap<String, OpenIDConnectTrust>();
for (String trustName : trustCfg.keySet()) {
HashMap<String, Attribute> attrs = trustCfg.get(trustName);
OpenIDConnectTrust trust = new OpenIDConnectTrust();
trust.setClientID(attrs.get("clientID").getValues().get(0));
trust.setClientSecret(attrs.get("clientSecret").getValues().get(0));
trust.getRedirectURI().addAll(attrs.get("redirectURI").getValues());
trust.setCodeLastmileKeyName(attrs.get("codeLastMileKeyName").getValues().get(0));
trust.setAuthChain(attrs.get("authChainName") != null ? attrs.get("authChainName").getValues().get(0) : null);
trust.setCodeTokenTimeToLive(Long.parseLong(attrs.get("codeTokenSkewMilis").getValues().get(0)));
trust.setAccessTokenTimeToLive(Long.parseLong(attrs.get("accessTokenTimeToLive").getValues().get(0)));
trust.setAccessTokenSkewMillis(Long.parseLong(attrs.get("accessTokenSkewMillis").getValues().get(0)));
trust.setSignedUserInfo(attrs.get("signedUserInfo") != null && attrs.get("signedUserInfo").getValues().get(0).equalsIgnoreCase("true"));
trust.setSts(attrs.get("isSts") != null && attrs.get("isSts").getValues().get(0).equalsIgnoreCase("true"));
if (trust.isSts()) {
Attribute clientAzRuleCfg = attrs.get("clientAzRules");
if (clientAzRuleCfg != null) {
for (String ruleCfg : clientAzRuleCfg.getValues()) {
StringTokenizer toker = new StringTokenizer(ruleCfg, ";", false);
toker.hasMoreTokens();
String scope = toker.nextToken();
toker.hasMoreTokens();
String constraint = toker.nextToken();
try {
AzRule rule = new AzRule(scope, constraint, null, GlobalEntries.getGlobalEntries().getConfigManager(), null);
trust.getClientAzRules().add(rule);
} catch (ProvisioningException e) {
throw new ServletException("Could not create az rule", e);
}
}
}
Attribute allowedAudiences = attrs.get("authorizedAudiences");
if (allowedAudiences != null) {
trust.getAllowedAudiences().addAll(allowedAudiences.getValues());
}
Attribute subjectAzRuleCfg = attrs.get("subjectAzRules");
if (subjectAzRuleCfg != null) {
for (String ruleCfg : subjectAzRuleCfg.getValues()) {
StringTokenizer toker = new StringTokenizer(ruleCfg, ";", false);
toker.hasMoreTokens();
String scope = toker.nextToken();
toker.hasMoreTokens();
String constraint = toker.nextToken();
try {
AzRule rule = new AzRule(scope, constraint, null, GlobalEntries.getGlobalEntries().getConfigManager(), null);
trust.getSubjectAzRules().add(rule);
} catch (ProvisioningException e) {
throw new ServletException("Could not create az rule", e);
}
}
}
trust.setStsImpersonation(attrs.get("stsImpersonation") != null && attrs.get("stsImpersonation").getValues().get(0).equalsIgnoreCase("true"));
trust.setStsDelegation(attrs.get("stsDelegation") != null && attrs.get("stsDelegation").getValues().get(0).equalsIgnoreCase("true"));
}
Attribute enableClientCredentialsGrant = attrs.get("enableClientCredentialsGrant");
if (enableClientCredentialsGrant != null) {
trust.setEnableClientCredentialGrant(enableClientCredentialsGrant.getValues().get(0).equalsIgnoreCase("true"));
}
if (attrs.get("verifyRedirect") == null) {
trust.setVerifyRedirect(true);
} else {
trust.setVerifyRedirect(attrs.get("verifyRedirect").getValues().get(0).equalsIgnoreCase("true"));
}
trust.setTrustName(trustName);
if (attrs.get("publicEndpoint") != null && attrs.get("publicEndpoint").getValues().get(0).equalsIgnoreCase("true")) {
trust.setPublicEndpoint(true);
}
trusts.put(trust.getClientID(), trust);
}
}
Aggregations