Search in sources :

Example 1 with MetadataConfigurationParser

use of ddf.security.samlp.MetadataConfigurationParser in project ddf by codice.

the class IdpEndpoint method parseServiceProviderMetadata.

private void parseServiceProviderMetadata(List<String> serviceProviderMetadata) {
    if (serviceProviderMetadata != null) {
        try {
            MetadataConfigurationParser metadataConfigurationParser = new MetadataConfigurationParser(serviceProviderMetadata, ed -> {
                EntityInformation entityInfo = new EntityInformation.Builder(ed, SUPPORTED_BINDINGS).build();
                if (entityInfo != null) {
                    serviceProviders.put(ed.getEntityID(), entityInfo);
                }
            });
            serviceProviders.putAll(metadataConfigurationParser.getEntryDescriptions().entrySet().stream().map(e -> Maps.immutableEntry(e.getKey(), new EntityInformation.Builder(e.getValue(), SUPPORTED_BINDINGS).build())).filter(e -> nonNull(e.getValue())).collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue)));
        } catch (IOException e) {
            LOGGER.warn("Unable to parse SP metadata configuration. Check the configuration for SP metadata.", e);
        }
    }
}
Also used : RedirectBinding(org.codice.ddf.security.idp.binding.redirect.RedirectBinding) Encoded(javax.ws.rs.Encoded) Produces(javax.ws.rs.Produces) SOAPException(javax.xml.soap.SOAPException) SSOConstants(org.apache.cxf.rs.security.saml.sso.SSOConstants) DOM2Writer(org.apache.wss4j.common.util.DOM2Writer) AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest) EntityInformation(ddf.security.samlp.impl.EntityInformation) BasicAuthenticationHandler(org.codice.ddf.security.handler.basic.BasicAuthenticationHandler) SamlProtocol(ddf.security.samlp.SamlProtocol) ConstraintViolationException(net.shibboleth.utilities.java.support.logic.ConstraintViolationException) WSSecurityException(org.apache.wss4j.common.ext.WSSecurityException) Document(org.w3c.dom.Document) Map(java.util.Map) XMLStreamException(javax.xml.stream.XMLStreamException) RequestedAuthnContext(org.opensaml.saml.saml2.core.RequestedAuthnContext) UriBuilder(javax.ws.rs.core.UriBuilder) UsageType(org.opensaml.security.credential.UsageType) SignableSAMLObject(org.opensaml.saml.common.SignableSAMLObject) Set(java.util.Set) ResponseCreator(org.codice.ddf.security.idp.binding.api.ResponseCreator) StandardCharsets(java.nio.charset.StandardCharsets) SignableXMLObject(org.opensaml.xmlsec.signature.SignableXMLObject) IOUtils(org.apache.commons.io.IOUtils) ResponseUnmarshaller(ddf.security.liberty.paos.impl.ResponseUnmarshaller) HttpUtils(org.codice.ddf.security.common.HttpUtils) CertificateEncodingException(java.security.cert.CertificateEncodingException) GET(javax.ws.rs.GET) LogoutResponse(org.opensaml.saml.saml2.core.LogoutResponse) CookieCache(org.codice.ddf.security.idp.cache.CookieCache) ArrayList(java.util.ArrayList) RequestBuilder(ddf.security.liberty.paos.impl.RequestBuilder) SOAPElement(javax.xml.soap.SOAPElement) SecurityServiceException(ddf.security.service.SecurityServiceException) HttpServletRequest(javax.servlet.http.HttpServletRequest) OpenSAMLUtil(org.apache.wss4j.common.saml.OpenSAMLUtil) BaseAuthenticationToken(org.codice.ddf.security.handler.api.BaseAuthenticationToken) HandlerResult(org.codice.ddf.security.handler.api.HandlerResult) Boon(org.boon.Boon) Request(ddf.security.liberty.paos.Request) IOException(java.io.IOException) ConfigurationService(org.opensaml.core.config.ConfigurationService) Subject(ddf.security.Subject) SimpleSign(ddf.security.samlp.SimpleSign) SAMLAuthenticationToken(org.codice.ddf.security.handler.api.SAMLAuthenticationToken) StringReader(java.io.StringReader) Soap11(org.apache.cxf.binding.soap.Soap11) X509Certificate(java.security.cert.X509Certificate) ServletException(javax.servlet.ServletException) URL(java.net.URL) SOAPHeaderElement(javax.xml.soap.SOAPHeaderElement) XMLInputFactory(javax.xml.stream.XMLInputFactory) DOMUtils(org.apache.cxf.helpers.DOMUtils) SecurityAssertionImpl(ddf.security.assertion.impl.SecurityAssertionImpl) Path(javax.ws.rs.Path) CryptoType(org.apache.wss4j.common.crypto.CryptoType) LoggerFactory(org.slf4j.LoggerFactory) NewCookie(javax.ws.rs.core.NewCookie) SoapRequestDecoder(org.codice.ddf.security.idp.binding.soap.SoapRequestDecoder) XMLObjectProviderRegistry(org.opensaml.core.xml.config.XMLObjectProviderRegistry) LogoutRequest(org.opensaml.saml.saml2.core.LogoutRequest) QueryParam(javax.ws.rs.QueryParam) Consumes(javax.ws.rs.Consumes) SoapBinding(org.codice.ddf.security.idp.binding.soap.SoapBinding) XMLStreamReader(javax.xml.stream.XMLStreamReader) Binding(org.codice.ddf.security.idp.binding.api.Binding) SAAJInInterceptor(org.apache.cxf.binding.soap.saaj.SAAJInInterceptor) PKIAuthenticationTokenFactory(org.codice.ddf.security.handler.api.PKIAuthenticationTokenFactory) SecurityAssertion(ddf.security.assertion.SecurityAssertion) Context(javax.ws.rs.core.Context) ImmutableSet(com.google.common.collect.ImmutableSet) StringUtils.isEmpty(org.apache.commons.lang.StringUtils.isEmpty) ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap) ValidationException(ddf.security.samlp.ValidationException) UUID(java.util.UUID) AuthnContextClassRef(org.opensaml.saml.saml2.core.AuthnContextClassRef) Collectors(java.util.stream.Collectors) SoapMessage(org.apache.cxf.binding.soap.SoapMessage) RequestUnmarshaller(ddf.security.liberty.paos.impl.RequestUnmarshaller) SecurityToken(org.apache.cxf.ws.security.tokenstore.SecurityToken) Base64(java.util.Base64) List(java.util.List) PKIHandler(org.codice.ddf.security.handler.pki.PKIHandler) RequestMarshaller(ddf.security.liberty.paos.impl.RequestMarshaller) Response(javax.ws.rs.core.Response) Optional(java.util.Optional) ResponseMarshaller(ddf.security.liberty.paos.impl.ResponseMarshaller) Objects.nonNull(java.util.Objects.nonNull) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) MetadataConfigurationParser(ddf.security.samlp.MetadataConfigurationParser) RestSecurity(org.codice.ddf.security.common.jaxrs.RestSecurity) PostBinding(org.codice.ddf.security.idp.binding.post.PostBinding) ContextPolicy(org.codice.ddf.security.policy.context.ContextPolicy) ResponseBuilder(ddf.security.liberty.paos.impl.ResponseBuilder) HashMap(java.util.HashMap) StatusCode(org.opensaml.saml.saml2.core.StatusCode) XMLInputFactory2(org.codehaus.stax2.XMLInputFactory2) Node(org.w3c.dom.Node) SAML2Constants(org.apache.wss4j.common.saml.builder.SAML2Constants) Assertion(org.opensaml.saml.saml2.core.Assertion) EncryptionService(ddf.security.encryption.EncryptionService) HtmlResponseTemplate(ddf.security.samlp.impl.HtmlResponseTemplate) Cookie(javax.servlet.http.Cookie) XMLObject(org.opensaml.core.xml.XMLObject) GuestAuthenticationToken(org.codice.ddf.security.handler.api.GuestAuthenticationToken) FormParam(javax.ws.rs.FormParam) POST(javax.ws.rs.POST) Logger(org.slf4j.Logger) Iterator(java.util.Iterator) SystemBaseUrl(org.codice.ddf.configuration.SystemBaseUrl) MalformedURLException(java.net.MalformedURLException) ResponseCreatorImpl(org.codice.ddf.security.idp.binding.api.impl.ResponseCreatorImpl) SamlValidator(ddf.security.samlp.impl.SamlValidator) Maps(com.google.common.collect.Maps) URLEncoder(java.net.URLEncoder) SOAPPart(javax.xml.soap.SOAPPart) Element(org.w3c.dom.Element) SystemCrypto(ddf.security.samlp.SystemCrypto) RelayStates(ddf.security.samlp.impl.RelayStates) SecurityManager(ddf.security.service.SecurityManager) Collections(java.util.Collections) UPAuthenticationToken(org.codice.ddf.security.handler.api.UPAuthenticationToken) InputStream(java.io.InputStream) LogoutMessage(ddf.security.samlp.LogoutMessage) MetadataConfigurationParser(ddf.security.samlp.MetadataConfigurationParser) UriBuilder(javax.ws.rs.core.UriBuilder) RequestBuilder(ddf.security.liberty.paos.impl.RequestBuilder) ResponseBuilder(ddf.security.liberty.paos.impl.ResponseBuilder) EntityInformation(ddf.security.samlp.impl.EntityInformation) IOException(java.io.IOException)

Example 2 with MetadataConfigurationParser

use of ddf.security.samlp.MetadataConfigurationParser in project ddf by codice.

the class IdpMetadata method setMetadata.

public void setMetadata(String metadata) throws WSSecurityException, XMLStreamException, SAMLException, IOException {
    MetadataConfigurationParser metadataConfigurationParser = new MetadataConfigurationParser(Collections.singletonList(metadata), ed -> entryDescriptions.put(ed.getEntityID(), ed));
    entryDescriptions.putAll(metadataConfigurationParser.getEntryDescriptions());
}
Also used : MetadataConfigurationParser(ddf.security.samlp.MetadataConfigurationParser)

Aggregations

MetadataConfigurationParser (ddf.security.samlp.MetadataConfigurationParser)2 ImmutableSet (com.google.common.collect.ImmutableSet)1 Maps (com.google.common.collect.Maps)1 Subject (ddf.security.Subject)1 SecurityAssertion (ddf.security.assertion.SecurityAssertion)1 SecurityAssertionImpl (ddf.security.assertion.impl.SecurityAssertionImpl)1 EncryptionService (ddf.security.encryption.EncryptionService)1 Request (ddf.security.liberty.paos.Request)1 RequestBuilder (ddf.security.liberty.paos.impl.RequestBuilder)1 RequestMarshaller (ddf.security.liberty.paos.impl.RequestMarshaller)1 RequestUnmarshaller (ddf.security.liberty.paos.impl.RequestUnmarshaller)1 ResponseBuilder (ddf.security.liberty.paos.impl.ResponseBuilder)1 ResponseMarshaller (ddf.security.liberty.paos.impl.ResponseMarshaller)1 ResponseUnmarshaller (ddf.security.liberty.paos.impl.ResponseUnmarshaller)1 LogoutMessage (ddf.security.samlp.LogoutMessage)1 SamlProtocol (ddf.security.samlp.SamlProtocol)1 SimpleSign (ddf.security.samlp.SimpleSign)1 SystemCrypto (ddf.security.samlp.SystemCrypto)1 ValidationException (ddf.security.samlp.ValidationException)1 EntityInformation (ddf.security.samlp.impl.EntityInformation)1