use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class ManagerAuthorization method findMyManager.
private User findMyManager(User me) throws Exception {
Attribute mgrAttr = me.getAttribs().get(this.managerID);
if (mgrAttr == null) {
return null;
} else {
if (this.managerIDDN) {
ArrayList<String> attrs = new ArrayList<String>();
attrs.addAll(me.getAttribs().keySet());
if (!attrs.isEmpty() && !attrs.contains("*")) {
attrs.add(this.configManager.getCfg().getProvisioning().getApprovalDB().getUserIdAttribute());
}
LDAPSearchResults res = this.configManager.getMyVD().search(mgrAttr.getValues().get(0), 0, "(objectClass=*)", attrs);
if (!res.hasMore()) {
return null;
} else {
LDAPEntry entry = res.next();
User manager = new User(entry);
manager.setUserID(manager.getAttribs().get(this.configManager.getCfg().getProvisioning().getApprovalDB().getUserIdAttribute()).getValues().get(0));
manager.getAttribs().put(DISTINGUISHED_NAME, new Attribute(DISTINGUISHED_NAME, entry.getDN()));
return manager;
}
} else {
String filter = equal(this.configManager.getCfg().getProvisioning().getApprovalDB().getUserIdAttribute(), mgrAttr.getValues().get(0)).toString();
ArrayList<String> attrs = new ArrayList<String>();
attrs.addAll(me.getAttribs().keySet());
if (!attrs.isEmpty() && !attrs.contains("*")) {
attrs.add(this.configManager.getCfg().getProvisioning().getApprovalDB().getUserIdAttribute());
}
LDAPSearchResults res = this.configManager.getMyVD().search(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getLdapRoot(), 2, filter, attrs);
if (!res.hasMore()) {
return null;
} else {
LDAPEntry entry = res.next();
User manager = new User(entry);
manager.setUserID(manager.getAttribs().get(this.configManager.getCfg().getProvisioning().getApprovalDB().getUserIdAttribute()).getValues().get(0));
manager.getAttribs().put(DISTINGUISHED_NAME, new Attribute(DISTINGUISHED_NAME, entry.getDN()));
return manager;
}
}
}
}
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class AzSys method processRequestResult.
public void processRequestResult(ServletRequest request, ServletResponse response, ResultGroupType resGrouping, AuthInfo authData) throws ServletException, InstantiationException, IllegalAccessException, ClassNotFoundException {
String redir = null;
if (resGrouping == null) {
return;
}
Iterator<ResultType> it = resGrouping.getResult().iterator();
while (it.hasNext()) {
ResultType rt = it.next();
if (rt.getType().equals("header")) {
String val = rt.getValue();
String name, value;
name = val.substring(0, val.indexOf('='));
value = val.substring(val.indexOf('=') + 1);
HashMap<String, Attribute> headers = (HashMap<String, Attribute>) request.getAttribute(AzSys.AUTO_IDM_HTTP_HEADERS);
if (headers == null) {
headers = new HashMap<String, Attribute>();
request.setAttribute(AzSys.AUTO_IDM_HTTP_HEADERS, headers);
}
Attribute attrib = headers.get(name);
if (attrib == null) {
attrib = new Attribute(name);
headers.put(attrib.getName(), attrib);
}
if (rt.getSource().equalsIgnoreCase("static")) {
attrib.getValues().add(value);
} else if (rt.getSource().equalsIgnoreCase("user")) {
if (authData.getAttribs().get(value) != null) {
attrib.getValues().addAll(authData.getAttribs().get(value).getValues());
}
} else if (rt.getSource().equalsIgnoreCase("custom")) {
CustomResult cr = (CustomResult) Class.forName(value).newInstance();
attrib.getValues().add(cr.getResultValue((HttpServletRequest) request, (HttpServletResponse) response));
} else {
attrib.getValues().add("");
}
}
}
}
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class SMSAuth method doGet.
@Override
public void doGet(HttpServletRequest request, HttpServletResponse response, AuthStep as) throws IOException, ServletException {
HttpSession session = ((HttpServletRequest) request).getSession();
HashMap<String, Attribute> authParams = (HashMap<String, Attribute>) session.getAttribute(ProxyConstants.AUTH_MECH_PARAMS);
String from = authParams.get("fromNumber").getValues().get(0);
String toAttrName = authParams.get("toAttrName").getValues().get(0);
String redirectForm = authParams.get("redirectForm").getValues().get(0);
String message = authParams.get("message").getValues().get(0);
// Key Options
if (authParams.get("keyLength") == null) {
throw new ServletException("Key Length not set");
}
int keyLen = Integer.parseInt(authParams.get("keyLength").getValues().get(0));
boolean useLowerCase = authParams.get("useLowerCase") != null && authParams.get("useLowerCase").getValues().get(0).equalsIgnoreCase("true");
boolean useUpperCase = authParams.get("useUpperCase") != null && authParams.get("useUpperCase").getValues().get(0).equalsIgnoreCase("true");
boolean useNumbers = authParams.get("useNumbers") != null && authParams.get("useNumbers").getValues().get(0).equalsIgnoreCase("true");
// authParams.get("useSpecial") != null && authParams.get("useSpecial").getValues().get(0).equalsIgnoreCase("true");
boolean useSpecial = false;
if (!(useLowerCase || useUpperCase || useNumbers || useSpecial)) {
throw new ServletException("At least one character type must be chosen");
}
UrlHolder holder = (UrlHolder) request.getAttribute(ProxyConstants.AUTOIDM_CFG);
RequestHolder reqHolder = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getHolder();
String urlChain = holder.getUrl().getAuthChain();
AuthChainType act = holder.getConfig().getAuthChains().get(reqHolder.getAuthChainName());
AuthMechType amt = act.getAuthMech().get(as.getId());
if (session.getAttribute("TREMOLO_SMS_KEY") == null) {
GenPasswd gp = new GenPasswd(keyLen, useUpperCase, useLowerCase, useNumbers, useSpecial);
AuthInfo user = ((AuthController) session.getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
String to = user.getAttribs().get(toAttrName).getValues().get(0);
String key = gp.getPassword();
message = message.replaceAll("[$][{]key[}]", key);
session.setAttribute("TREMOLO_SMS_KEY", key);
sendSMS(authParams, from, message, to);
}
response.sendRedirect(redirectForm);
}
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class LastMileUtil method addLastMile.
public static void addLastMile(ConfigManager cfg, String username, String userNameAttr, HttpRequestBase req, String keyAlias, boolean addHeader) throws Exception {
if (!addHeader) {
return;
}
String uri = req.getURI().getPath();
DateTime now = new DateTime();
DateTime notBefore = now.minus(5 * 60 * 1000);
DateTime notAfter = now.plus(5 * 60 * 1000);
LastMile lm = new LastMile(uri, notBefore, notAfter, 0, "nochain");
lm.getAttributes().add(new Attribute(userNameAttr, username));
SecretKey sk = cfg.getSecretKey(keyAlias);
String header = lm.generateLastMileToken(sk);
req.addHeader("tremoloHeader", header);
}
use of com.tremolosecurity.saml.Attribute in project OpenUnison by TremoloSecurity.
the class AmazonSimpleDBProvider method createUser.
@Override
public void createUser(User user, Set<String> attributes, Map<String, Object> request) throws ProvisioningException {
int approvalID = 0;
if (request.containsKey("APPROVAL_ID")) {
approvalID = (Integer) request.get("APPROVAL_ID");
}
Workflow workflow = (Workflow) request.get("WORKFLOW");
Iterator<String> it = user.getAttribs().keySet().iterator();
String userid = null;
ArrayList<ReplaceableAttribute> attrs = new ArrayList<ReplaceableAttribute>();
while (it.hasNext()) {
String attrName = it.next();
if (attributes.contains(attrName)) {
Attribute attr = user.getAttribs().get(attrName);
Iterator<String> vals = attr.getValues().iterator();
while (vals.hasNext()) {
attrs.add(new ReplaceableAttribute(attr.getName().toLowerCase(), vals.next(), false));
}
}
if (attrName.equalsIgnoreCase(this.uidAttrName)) {
userid = user.getAttribs().get(attrName).getValues().get(0);
}
}
if (userid == null) {
throw new ProvisioningException("No valid userid attribute");
}
sdb.putAttributes(new PutAttributesRequest(this.userDomain, userid, attrs));
this.cfgMgr.getProvisioningEngine().logAction(this.name, true, ActionType.Add, approvalID, workflow, "userName", userid);
for (String attrName : user.getAttribs().keySet()) {
Attribute attr = user.getAttribs().get(attrName);
if (!attributes.contains(attr.getName())) {
continue;
}
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, attrName, user.getAttribs().get(attrName).getValues().get(0));
}
boolean ok = false;
while (!ok) {
try {
Thread.sleep(10);
} catch (InterruptedException e) {
}
try {
if (this.findUser(userid, attributes, request) != null) {
ok = true;
} else {
}
} catch (Exception e) {
}
}
Iterator<String> groupNames = user.getGroups().iterator();
while (groupNames.hasNext()) {
String groupName = groupNames.next();
SelectResult res = this.sdb.select(new SelectRequest(this.getGroupSelect(groupName)));
if (res.getItems().size() == 0) {
attrs = new ArrayList<ReplaceableAttribute>();
attrs.add(new ReplaceableAttribute("cn", groupName, false));
sdb.putAttributes(new PutAttributesRequest(groupDomain, groupName, attrs));
}
attrs = new ArrayList<ReplaceableAttribute>();
attrs.add(new ReplaceableAttribute(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getGroupMemberAttribute(), userid, false));
sdb.putAttributes(new PutAttributesRequest(this.groupDomain, groupName, attrs));
this.cfgMgr.getProvisioningEngine().logAction(this.name, false, ActionType.Add, approvalID, workflow, "group", groupName);
ok = false;
while (!ok) {
try {
Thread.sleep(1000);
} catch (InterruptedException e) {
}
StringBuffer select = new StringBuffer();
select.append("SELECT ").append(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getGroupMemberAttribute()).append(" FROM `").append(this.groupDomain).append("` WHERE cn='").append(groupName).append("' AND ").append(GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getGroupMemberAttribute()).append("='").append(userid).append("'");
res = this.sdb.select(new SelectRequest(select.toString()));
ok = res.getItems().size() > 0;
}
}
}
Aggregations