Example 56 with CriteriaSet
use of net.shibboleth.utilities.java.support.resolver.CriteriaSet in project cas by apereo.
the class SamlRegisteredServiceCachedMetadataEndpoint method invalidate.
/**
* Invalidate.
*
* @param serviceId the service id
*/
@DeleteOperation
@Operation(summary = "Invalidate SAML2 metadata cache using an entity id.", parameters = { @Parameter(name = "serviceId") })
public void invalidate(@Nullable final String serviceId) {
if (StringUtils.isBlank(serviceId)) {
cachingMetadataResolver.invalidate();
} else {
val registeredService = findRegisteredService(serviceId);
val criteriaSet = new CriteriaSet();
criteriaSet.add(new EntityIdCriterion(serviceId));
criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
cachingMetadataResolver.invalidate(registeredService, criteriaSet);
}
}
Also used :
lombok.val(lombok.val)
CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet)
EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion)
EntityRoleCriterion(org.opensaml.saml.criterion.EntityRoleCriterion)
DeleteOperation(org.springframework.boot.actuate.endpoint.annotation.DeleteOperation)
ReadOperation(org.springframework.boot.actuate.endpoint.annotation.ReadOperation)
DeleteOperation(org.springframework.boot.actuate.endpoint.annotation.DeleteOperation)
Operation(io.swagger.v3.oas.annotations.Operation)
Example 57 with CriteriaSet
use of net.shibboleth.utilities.java.support.resolver.CriteriaSet in project cas by apereo.
the class SamlRegisteredServiceCacheKeyTests method verifyCacheKeyDynamicMetadata.
@Test
public void verifyCacheKeyDynamicMetadata() {
val criteriaSet = new CriteriaSet();
val entityIdCriterion = new EntityIdCriterion("https://carmenwiki.osu.edu/shibboleth");
criteriaSet.add(entityIdCriterion);
criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
val service = new SamlRegisteredService();
service.setName("Example");
service.setId(1000);
service.setServiceId(".+");
service.setMetadataLocation("https://mdq.something.net/entities/{0}");
val result1 = new SamlRegisteredServiceCacheKey(service, criteriaSet);
assertNotNull(result1.getId());
assertNotNull(result1.toString());
assertEquals(entityIdCriterion.getEntityId(), result1.getCacheKey());
val result2 = new SamlRegisteredServiceCacheKey(service, criteriaSet);
assertEquals(result1, result2);
}
Also used :
lombok.val(lombok.val)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet)
EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion)
EntityRoleCriterion(org.opensaml.saml.criterion.EntityRoleCriterion)
Test(org.junit.jupiter.api.Test)
Example 58 with CriteriaSet
use of net.shibboleth.utilities.java.support.resolver.CriteriaSet in project cas by apereo.
the class SamlRegisteredServiceMetadataResolverCacheLoaderTests method verifyFileByExpression.
@Test
public void verifyFileByExpression() throws Exception {
val mdFile = File.createTempFile("spsamlmetadata", ".xml");
val content = IOUtils.toString(new ClassPathResource("sample-sp.xml").getInputStream(), StandardCharsets.UTF_8);
FileUtils.writeStringToFile(mdFile, content, StandardCharsets.UTF_8);
System.setProperty("SP_REF", mdFile.getCanonicalPath());
val props = new SamlIdPProperties();
props.getMetadata().getFileSystem().setLocation(new FileSystemResource(FileUtils.getTempDirectory()).getFile().getCanonicalPath());
val plan = new DefaultSamlRegisteredServiceMetadataResolutionPlan();
plan.registerMetadataResolver(new FileSystemResourceMetadataResolver(props, openSamlConfigBean));
val loader = new SamlRegisteredServiceMetadataResolverCacheLoader(openSamlConfigBean, httpClient, plan);
val service = new SamlRegisteredService();
service.setName("Example");
service.setId(1000);
service.setServiceId("https://example.org/saml");
service.setMetadataLocation("${#systemProperties['SP_REF']}");
val key = new SamlRegisteredServiceCacheKey(service, new CriteriaSet());
assertNotNull(loader.load(key));
}
Also used :
lombok.val(lombok.val)
SamlIdPProperties(org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties)
DefaultSamlRegisteredServiceMetadataResolutionPlan(org.apereo.cas.support.saml.services.idp.metadata.plan.DefaultSamlRegisteredServiceMetadataResolutionPlan)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet)
FileSystemResource(org.springframework.core.io.FileSystemResource)
FileSystemResourceMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.FileSystemResourceMetadataResolver)
ClassPathResource(org.springframework.core.io.ClassPathResource)
Test(org.junit.jupiter.api.Test)
Example 59 with CriteriaSet
use of net.shibboleth.utilities.java.support.resolver.CriteriaSet in project cas by apereo.
the class SamlRegisteredServiceMetadataResolverCacheLoaderTests method verifyClasspathByExpression.
@Test
public void verifyClasspathByExpression() throws Exception {
System.setProperty("SP_REF", "classpath:sample-sp.xml");
val props = new SamlIdPProperties();
props.getMetadata().getFileSystem().setLocation(new FileSystemResource(FileUtils.getTempDirectory()).getFile().getCanonicalPath());
val plan = new DefaultSamlRegisteredServiceMetadataResolutionPlan();
plan.registerMetadataResolver(new ClasspathResourceMetadataResolver(props, openSamlConfigBean));
val loader = new SamlRegisteredServiceMetadataResolverCacheLoader(openSamlConfigBean, httpClient, plan);
val service = new SamlRegisteredService();
service.setName("Example");
service.setId(1000);
service.setServiceId("https://example.org/saml");
service.setMetadataLocation("${#systemProperties['SP_REF']}");
val key = new SamlRegisteredServiceCacheKey(service, new CriteriaSet());
assertNotNull(loader.load(key));
}
Also used :
lombok.val(lombok.val)
ClasspathResourceMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.resolver.ClasspathResourceMetadataResolver)
SamlIdPProperties(org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties)
DefaultSamlRegisteredServiceMetadataResolutionPlan(org.apereo.cas.support.saml.services.idp.metadata.plan.DefaultSamlRegisteredServiceMetadataResolutionPlan)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet)
FileSystemResource(org.springframework.core.io.FileSystemResource)
Test(org.junit.jupiter.api.Test)
Example 60 with CriteriaSet
use of net.shibboleth.utilities.java.support.resolver.CriteriaSet in project cas by apereo.
the class SamlRegisteredServiceMetadataExpirationPolicyTests method verifyPolicyByServiceExpirationPolicy.
@Test
@SuppressWarnings("JavaTimeDefaultTimeZone")
public void verifyPolicyByServiceExpirationPolicy() throws Exception {
val policy = new SamlRegisteredServiceMetadataExpirationPolicy(Beans.newDuration("PT5M"));
val props = new SamlIdPProperties();
props.getMetadata().getFileSystem().setLocation(new FileSystemResource(FileUtils.getTempDirectory()).getFile().getCanonicalPath());
val service = new SamlRegisteredService();
service.setExpirationPolicy(new DefaultRegisteredServiceExpirationPolicy().setExpirationDate(LocalDate.now(Clock.systemDefaultZone()).plusDays(1).toString()));
service.setMetadataExpirationDuration(StringUtils.EMPTY);
service.setServiceId("https://carmenwiki.osu.edu/shibboleth");
service.setMetadataLocation("classpath:GroovyMetadataResolver.groovy");
val cacheKey = new SamlRegisteredServiceCacheKey(service, new CriteriaSet());
val resolver = mock(MetadataResolver.class);
val entity = mock(EntityDescriptor.class);
when(entity.getCacheDuration()).thenReturn(null);
when(resolver.resolveSingle(argThat(argument -> argument != null && argument.size() == 1))).thenReturn(entity);
when(resolver.resolveSingle(argThat(argument -> argument != null && argument.size() > 1))).thenReturn(null);
assertNotEquals(policy.getDefaultExpiration(), policy.expireAfterCreate(cacheKey, resolver, System.currentTimeMillis()));
}
Also used :
lombok.val(lombok.val)
DefaultRegisteredServiceExpirationPolicy(org.apereo.cas.services.DefaultRegisteredServiceExpirationPolicy)
SamlIdPProperties(org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties)
BaseSamlIdPServicesTests(org.apereo.cas.support.saml.services.BaseSamlIdPServicesTests)
lombok.val(lombok.val)
FileSystemResource(org.springframework.core.io.FileSystemResource)
FileUtils(org.apache.commons.io.FileUtils)
Beans(org.apereo.cas.configuration.support.Beans)
MetadataResolver(org.opensaml.saml.metadata.resolver.MetadataResolver)
SamlRegisteredServiceCacheKey(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCacheKey)
StringUtils(org.apache.commons.lang3.StringUtils)
Test(org.junit.jupiter.api.Test)
Mockito(org.mockito.Mockito)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
Duration(java.time.Duration)
LocalDate(java.time.LocalDate)
Assertions(org.junit.jupiter.api.Assertions)
CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet)
Clock(java.time.Clock)
SamlRegisteredServiceMetadataExpirationPolicy(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceMetadataExpirationPolicy)
Tag(org.junit.jupiter.api.Tag)
EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor)
SamlRegisteredServiceCacheKey(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCacheKey)
SamlIdPProperties(org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties)
DefaultRegisteredServiceExpirationPolicy(org.apereo.cas.services.DefaultRegisteredServiceExpirationPolicy)
SamlRegisteredServiceMetadataExpirationPolicy(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceMetadataExpirationPolicy)
SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService)
CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet)
FileSystemResource(org.springframework.core.io.FileSystemResource)
Test(org.junit.jupiter.api.Test)
Aggregations
CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)68
lombok.val (lombok.val)44
EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)40
EntityRoleCriterion (org.opensaml.saml.criterion.EntityRoleCriterion)28
SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)18
Test (org.junit.jupiter.api.Test)16
UsageCriterion (org.opensaml.security.criteria.UsageCriterion)11
SamlIdPProperties (org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties)10
EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)10
ArrayList (java.util.ArrayList)9
SignatureSigningConfigurationCriterion (org.opensaml.xmlsec.criterion.SignatureSigningConfigurationCriterion)9
MetadataResolver (org.opensaml.saml.metadata.resolver.MetadataResolver)8
SAMLMetadataSignatureSigningParametersResolver (org.opensaml.saml.security.impl.SAMLMetadataSignatureSigningParametersResolver)8
SneakyThrows (lombok.SneakyThrows)7
StringUtils (org.apache.commons.lang3.StringUtils)7
SignatureSigningParameters (org.opensaml.xmlsec.SignatureSigningParameters)7
FileSystemResource (org.springframework.core.io.FileSystemResource)7
SamlException (org.apereo.cas.support.saml.SamlException)6
EvaluableEntityRoleEntityDescriptorCriterion (org.opensaml.saml.metadata.criteria.entity.impl.EvaluableEntityRoleEntityDescriptorCriterion)6
Credential (org.opensaml.security.credential.Credential)6
