Example 6 with LDAPConfiguration
use of edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration in project OA4MP by ncsa.
the class LDAPClaimSourceFactory method createScopeHandlers.
/**
* This creates a uniform list of scope handlers for both the access token servlet and the user info servlet.
* It will use a common handler if there is one and use the configured factory to create appropriate ones
* (and populate them with the right runtime environment otherwise.
* @param oa2SE
* @param client
* @return
*/
public static LinkedList<ClaimSource> createScopeHandlers(OA2SE oa2SE, OA2Client client) {
DebugUtil.dbg(LDAPClaimSourceFactory.class, "Starting to create LDAPScopeHandlers per client");
LinkedList<ClaimSource> scopeHandlers = new LinkedList<>();
if (client.getLdaps() == null || client.getLdaps().isEmpty()) {
DebugUtil.dbg(LDAPClaimSourceFactory.class, "using default scope handler=");
if (oa2SE.getClaimSource() instanceof BasicClaimsSourceImpl) {
BasicClaimsSourceImpl bb = (BasicClaimsSourceImpl) oa2SE.getClaimSource();
if (bb.getOa2SE() == null) {
DebugUtil.dbg(LDAPClaimSourceFactory.class, "setting scope handler environment #1");
bb.setOa2SE(oa2SE);
}
}
scopeHandlers.add(oa2SE.getClaimSource());
} else {
for (LDAPConfiguration cfg : client.getLdaps()) {
DebugUtil.dbg(LDAPClaimSourceFactory.class, "Got LDAP configuration for server " + cfg.getServer());
LDAPClaimSourceFactoryRequest req = new LDAPClaimSourceFactoryRequest(oa2SE.getMyLogger(), cfg, client.getScopes());
ClaimSource claimSource = ClaimSourceFactory.newInstance(req);
if (claimSource instanceof BasicClaimsSourceImpl) {
DebugUtil.dbg(LDAPClaimSourceFactory.class, "Scope handler\"" + claimSource.getClass().getSimpleName() + "\" is configured.");
((BasicClaimsSourceImpl) claimSource).setOa2SE(oa2SE);
DebugUtil.dbg(LDAPClaimSourceFactory.class, "setting scope handler environment #2");
}
scopeHandlers.add(claimSource);
}
}
return scopeHandlers;
}
Also used :
ClaimSource(edu.uiuc.ncsa.security.oauth_2_0.server.ClaimSource)
LDAPConfiguration(edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration)
LinkedList(java.util.LinkedList)
Example 7 with LDAPConfiguration
use of edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration in project OA4MP by ncsa.
the class LDAPClaimsSource method main.
public static void main(String[] args) {
try {
String rawLdap = "{\"ldap\":{\"failOnError\":\"false\"," + "\"address\":\"ldap.ncsa.illinois.edu\"," + "\"port\":636," + "\"enabled\":\"true\"," + "\"authorizationType\":\"none\"," + "\"searchName\":\"eppn\"," + "\"searchAttributes\":[{" + "\"name\":\"mail\"," + "\"returnAsList\":false," + "\"returnName\":\"mail\"}," + "{\"name\":\"cn\"," + "\"returnAsList\":false," + "\"returnName\":\"name\"}," + "{\"name\":\"memberOf\"," + "\"returnAsList\":false," + "\"isGroup\":true," + "\"returnName\":\"isMemberOf\"}]," + "\"searchBase\":\"ou=People,dc=ncsa,dc=illinois,dc=edu\"," + "\"contextName\":\"\"," + "\"ssl\":{\"tlsVersion\":\"TLS\",\"useJavaTrustStore\":true}}}";
String rawLdap2 = "{\"ldap\": {\n" + " \"address\": \"registry-test.cilogon.org\",\n" + " \"port\": 636,\n" + " \"enabled\": true,\n" + " \"authorizationType\": \"simple\",\n" + " \"failOnError\": false,\n" + " \"notifyOnFail\": false,\n" + " \"password\": \"Eavjofoop4gikpecUzbooljorUryikwu\",\n" + " \"principal\": \"uid=oa4mp_user,ou=system,o=ImPACT,dc=cilogon,dc=org\",\n" + " \"searchAttributes\": [\n" + " {\n" + " \"name\": \"isMemberOf\",\n" + " \"returnAsList\": true,\n" + " \"returnName\": \"isMemberOf\"\n" + " },\n" + " {\n" + " \"name\": \"employeeNumber\",\n" + " \"returnAsList\": false,\n" + " \"returnName\": \"employeeNumber\"\n" + " }\n" + " ],\n" + " \"searchBase\": \"ou=people,o=ImPACT,dc=cilogon,dc=org\",\n" + " \"searchName\": \"username\",\n" + " \"contextName\": \"\",\n" + " \"ssl\": {\n" + " \"keystore\": {},\n" + " \"useJavaTrustStore\": true,\n" + " \"password\": \"changeit\",\n" + " \"type\": \"jks\"\n" + " }\n" + "}}";
DebugUtil.setIsEnabled(true);
ServiceTransaction st = new ServiceTransaction(BasicIdentifier.newID("foo"));
st.setUsername("jbasney@ncsa.illinois.edu");
JSONObject json = JSONObject.fromObject(rawLdap);
LDAPConfiguration cfg = LDAPConfigurationUtil.fromJSON(json);
LDAPClaimsSource claimsSource = new LDAPClaimsSource(cfg, null);
UserInfo ui = new UserInfo();
ui.getMap().put("username", "jbasney@ncsa.illinois.edu");
ui.getMap().put("eppn", "jbasney@ncsa.illinois.edu");
UserInfo ui2 = claimsSource.process(ui, st);
System.out.println("Result of LDAP query:");
System.out.println(ui2.getMap());
// getGid(cfg, "lsst_users");
} catch (Throwable t) {
t.printStackTrace();
}
}
Also used :
JSONObject(net.sf.json.JSONObject)
ServiceTransaction(edu.uiuc.ncsa.security.delegation.server.ServiceTransaction)
UserInfo(edu.uiuc.ncsa.security.oauth_2_0.UserInfo)
LDAPConfiguration(edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration)
Example 8 with LDAPConfiguration
use of edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration in project OA4MP by ncsa.
the class ClientManagerTest method testLDAPStore2.
/**
* Retrieve a configuration by its client id.
*
* @param ldapStore
* @param clientStore
* @throws Exception
*/
public void testLDAPStore2(LDAPStore<LDAPEntry> ldapStore, ClientStore clientStore) throws Exception {
OA2Client oa2Client = (OA2Client) clientStore.create();
LDAPConfiguration ldap = createLDAP();
LDAPEntry ldapEntry = ldapStore.create();
ldapEntry.setClientID(oa2Client.getIdentifier());
ldapEntry.setConfiguration(ldap);
ldapStore.save(ldapEntry);
LDAPEntry ldapEntry1 = ldapStore.getByClientID(ldapEntry.getClientID());
assert ldapEntry.equals(ldapEntry1);
}
Also used :
OA2Client(edu.uiuc.ncsa.security.oauth_2_0.OA2Client)
LDAPEntry(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.cm.ldap.LDAPEntry)
LDAPConfiguration(edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration)
Example 9 with LDAPConfiguration
use of edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration in project OA4MP by ncsa.
the class ClientManagerTest method testLDAPStore.
public void testLDAPStore(LDAPStore<LDAPEntry> ldapStore, ClientStore clientStore) throws Exception {
OA2Client oa2Client = (OA2Client) clientStore.create();
LDAPConfiguration ldap = createLDAP();
LDAPEntry ldapEntry = ldapStore.create();
ldapEntry.setClientID(oa2Client.getIdentifier());
ldapEntry.setConfiguration(ldap);
ldapStore.save(ldapEntry);
LDAPEntry ldapEntry1 = ldapStore.get(ldapEntry.getIdentifier());
assert ldapEntry.equals(ldapEntry1);
}
Also used :
OA2Client(edu.uiuc.ncsa.security.oauth_2_0.OA2Client)
LDAPEntry(edu.uiuc.ncsa.myproxy.oa4mp.oauth2.cm.ldap.LDAPEntry)
LDAPConfiguration(edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration)
Example 10 with LDAPConfiguration
use of edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration in project OA4MP by ncsa.
the class ClientManagerTest method createLDAP.
protected LDAPConfiguration createLDAP() {
LDAPConfiguration ldap = new LDAPConfiguration();
ldap.setServer("foo.bar.edu");
ldap.setAuthType(LDAPConfigurationUtil.LDAP_AUTH_SIMPLE_KEY);
ldap.setContextName("ou=foo/cn=bar" + System.currentTimeMillis());
for (int i = 0; i < 3; i++) {
LDAPConfigurationUtil.AttributeEntry ae = new LDAPConfigurationUtil.AttributeEntry("source" + i, "target" + i, (i % 2 == 0), false);
ldap.getSearchAttributes().put(ae.sourceName, ae);
}
SSLConfiguration ssl = new SSLConfiguration();
ssl.setKeystorePassword("changeme");
ssl.setKeystoreType("JKS");
ssl.setKeystore("/home/ncsa/dev/csd/config/cacerts2");
ldap.setSslConfiguration(ssl);
System.out.println(DD);
System.out.println("LDAP from config serializer:");
return ldap;
}
Also used :
SSLConfiguration(edu.uiuc.ncsa.security.util.ssl.SSLConfiguration)
LDAPConfiguration(edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration)
LDAPConfigurationUtil(edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfigurationUtil)
Aggregations
LDAPConfiguration (edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfiguration)11
JSONObject (net.sf.json.JSONObject)4
OA2Client (edu.uiuc.ncsa.security.oauth_2_0.OA2Client)3
LinkedList (java.util.LinkedList)3
LDAPEntry (edu.uiuc.ncsa.myproxy.oa4mp.oauth2.cm.ldap.LDAPEntry)2
UserInfo (edu.uiuc.ncsa.security.oauth_2_0.UserInfo)2
Test (org.junit.Test)2
ServiceTransaction (edu.uiuc.ncsa.security.delegation.server.ServiceTransaction)1
ClientApproval (edu.uiuc.ncsa.security.delegation.server.storage.ClientApproval)1
ClaimSource (edu.uiuc.ncsa.security.oauth_2_0.server.ClaimSource)1
LDAPConfigurationUtil (edu.uiuc.ncsa.security.oauth_2_0.server.config.LDAPConfigurationUtil)1
SSLConfiguration (edu.uiuc.ncsa.security.util.ssl.SSLConfiguration)1
BufferedReader (java.io.BufferedReader)1
StringReader (java.io.StringReader)1
NamingEnumeration (javax.naming.NamingEnumeration)1
LdapContext (javax.naming.ldap.LdapContext)1
JSON (net.sf.json.JSON)1
