Search in sources :

Example 36 with StringUtils.isBlank

use of org.apache.commons.lang3.StringUtils.isBlank in project cas by apereo.

the class CoreAuthenticationUtils method newCredentialSelectionPredicate.

/**
 * Gets credential selection predicate.
 *
 * @param selectionCriteria the selection criteria
 * @return the credential selection predicate
 */
public static Predicate<Credential> newCredentialSelectionPredicate(final String selectionCriteria) {
    try {
        if (StringUtils.isBlank(selectionCriteria)) {
            return credential -> true;
        }
        if (selectionCriteria.endsWith(".groovy")) {
            final ResourceLoader loader = new DefaultResourceLoader();
            final Resource resource = loader.getResource(selectionCriteria);
            if (resource != null) {
                final String script = IOUtils.toString(resource.getInputStream(), StandardCharsets.UTF_8);
                final GroovyClassLoader classLoader = new GroovyClassLoader(Beans.class.getClassLoader(), new CompilerConfiguration(), true);
                final Class<Predicate> clz = classLoader.parseClass(script);
                return clz.getDeclaredConstructor().newInstance();
            }
        }
        final Class predicateClazz = ClassUtils.getClass(selectionCriteria);
        return (Predicate<org.apereo.cas.authentication.Credential>) predicateClazz.getDeclaredConstructor().newInstance();
    } catch (final Exception e) {
        final Predicate<String> predicate = Pattern.compile(selectionCriteria).asPredicate();
        return credential -> predicate.test(credential.getId());
    }
}
Also used : ArrayListMultimap(com.google.common.collect.ArrayListMultimap) ResourceLoader(org.springframework.core.io.ResourceLoader) Predicate(java.util.function.Predicate) Beans(org.apereo.cas.configuration.support.Beans) Multimap(com.google.common.collect.Multimap) CompilerConfiguration(org.codehaus.groovy.control.CompilerConfiguration) StringUtils(org.apache.commons.lang3.StringUtils) StandardCharsets(java.nio.charset.StandardCharsets) UtilityClass(lombok.experimental.UtilityClass) IOUtils(org.apache.commons.io.IOUtils) ClassUtils(org.apache.commons.lang3.ClassUtils) Slf4j(lombok.extern.slf4j.Slf4j) List(java.util.List) DefaultResourceLoader(org.springframework.core.io.DefaultResourceLoader) Map(java.util.Map) CollectionUtils(org.apereo.cas.util.CollectionUtils) Pattern(java.util.regex.Pattern) Splitter(com.google.common.base.Splitter) GroovyClassLoader(groovy.lang.GroovyClassLoader) Resource(org.springframework.core.io.Resource) ResourceLoader(org.springframework.core.io.ResourceLoader) DefaultResourceLoader(org.springframework.core.io.DefaultResourceLoader) Resource(org.springframework.core.io.Resource) Predicate(java.util.function.Predicate) GroovyClassLoader(groovy.lang.GroovyClassLoader) Beans(org.apereo.cas.configuration.support.Beans) CompilerConfiguration(org.codehaus.groovy.control.CompilerConfiguration) UtilityClass(lombok.experimental.UtilityClass) DefaultResourceLoader(org.springframework.core.io.DefaultResourceLoader)

Example 37 with StringUtils.isBlank

use of org.apache.commons.lang3.StringUtils.isBlank in project cas by apereo.

the class OidcDefaultJsonWebKeystoreCacheLoader method buildJsonWebKeySet.

/**
 * Build json web key set.
 *
 * @return the json web key set
 */
private Optional<JsonWebKeySet> buildJsonWebKeySet() {
    try {
        LOGGER.debug("Loading default JSON web key from [{}]", this.jwksFile);
        if (this.jwksFile != null) {
            LOGGER.debug("Retrieving default JSON web key from [{}]", this.jwksFile);
            final JsonWebKeySet jsonWebKeySet = buildJsonWebKeySet(this.jwksFile);
            if (jsonWebKeySet == null || jsonWebKeySet.getJsonWebKeys().isEmpty()) {
                LOGGER.warn("No JSON web keys could be found");
                return Optional.empty();
            }
            final long badKeysCount = jsonWebKeySet.getJsonWebKeys().stream().filter(k -> StringUtils.isBlank(k.getAlgorithm()) && StringUtils.isBlank(k.getKeyId()) && StringUtils.isBlank(k.getKeyType())).count();
            if (badKeysCount == jsonWebKeySet.getJsonWebKeys().size()) {
                LOGGER.warn("No valid JSON web keys could be found");
                return Optional.empty();
            }
            final RsaJsonWebKey webKey = getJsonSigningWebKeyFromJwks(jsonWebKeySet);
            if (webKey.getPrivateKey() == null) {
                LOGGER.warn("JSON web key retrieved [{}] has no associated private key", webKey.getKeyId());
                return Optional.empty();
            }
            return Optional.of(jsonWebKeySet);
        }
    } catch (final Exception e) {
        LOGGER.debug(e.getMessage(), e);
    }
    return Optional.empty();
}
Also used : IOUtils(org.apache.commons.io.IOUtils) Slf4j(lombok.extern.slf4j.Slf4j) CacheLoader(com.github.benmanes.caffeine.cache.CacheLoader) RsaJsonWebKey(org.jose4j.jwk.RsaJsonWebKey) Optional(java.util.Optional) AllArgsConstructor(lombok.AllArgsConstructor) StringUtils(org.apache.commons.lang3.StringUtils) JsonWebKeySet(org.jose4j.jwk.JsonWebKeySet) StandardCharsets(java.nio.charset.StandardCharsets) Resource(org.springframework.core.io.Resource) RsaJsonWebKey(org.jose4j.jwk.RsaJsonWebKey) JsonWebKeySet(org.jose4j.jwk.JsonWebKeySet)

Example 38 with StringUtils.isBlank

use of org.apache.commons.lang3.StringUtils.isBlank in project cas by apereo.

the class OidcServiceJsonWebKeystoreCacheLoader method buildJsonWebKeySet.

private Optional<JsonWebKeySet> buildJsonWebKeySet(final OidcRegisteredService service) {
    try {
        LOGGER.debug("Loading JSON web key from [{}]", service.getJwks());
        final Resource resource = this.resourceLoader.getResource(service.getJwks());
        final JsonWebKeySet jsonWebKeySet = buildJsonWebKeySet(resource);
        if (jsonWebKeySet == null || jsonWebKeySet.getJsonWebKeys().isEmpty()) {
            LOGGER.warn("No JSON web keys could be found for [{}]", service);
            return Optional.empty();
        }
        final long badKeysCount = jsonWebKeySet.getJsonWebKeys().stream().filter(k -> StringUtils.isBlank(k.getAlgorithm()) && StringUtils.isBlank(k.getKeyId()) && StringUtils.isBlank(k.getKeyType())).count();
        if (badKeysCount == jsonWebKeySet.getJsonWebKeys().size()) {
            LOGGER.warn("No valid JSON web keys could be found for [{}]", service);
            return Optional.empty();
        }
        final RsaJsonWebKey webKey = getJsonSigningWebKeyFromJwks(jsonWebKeySet);
        if (webKey.getPublicKey() == null) {
            LOGGER.warn("JSON web key retrieved [{}] has no associated public key", webKey.getKeyId());
            return Optional.empty();
        }
        return Optional.of(jsonWebKeySet);
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
    }
    return Optional.empty();
}
Also used : IOUtils(org.apache.commons.io.IOUtils) Slf4j(lombok.extern.slf4j.Slf4j) OidcRegisteredService(org.apereo.cas.services.OidcRegisteredService) ResourceLoader(org.springframework.core.io.ResourceLoader) CacheLoader(com.github.benmanes.caffeine.cache.CacheLoader) RsaJsonWebKey(org.jose4j.jwk.RsaJsonWebKey) Autowired(org.springframework.beans.factory.annotation.Autowired) Optional(java.util.Optional) StringUtils(org.apache.commons.lang3.StringUtils) JsonWebKeySet(org.jose4j.jwk.JsonWebKeySet) StandardCharsets(java.nio.charset.StandardCharsets) Resource(org.springframework.core.io.Resource) Resource(org.springframework.core.io.Resource) RsaJsonWebKey(org.jose4j.jwk.RsaJsonWebKey) JsonWebKeySet(org.jose4j.jwk.JsonWebKeySet)

Example 39 with StringUtils.isBlank

use of org.apache.commons.lang3.StringUtils.isBlank in project cas by apereo.

the class DelegatedClientFactory method configureCasClient.

/**
 * Configure cas client.
 *
 * @param properties the properties
 */
protected void configureCasClient(final Collection<BaseClient> properties) {
    final AtomicInteger index = new AtomicInteger();
    pac4jProperties.getCas().stream().filter(cas -> StringUtils.isNotBlank(cas.getLoginUrl())).forEach(cas -> {
        final CasConfiguration cfg = new CasConfiguration(cas.getLoginUrl(), CasProtocol.valueOf(cas.getProtocol()));
        final CasClient client = new CasClient(cfg);
        final int count = index.intValue();
        if (StringUtils.isBlank(cas.getClientName())) {
            client.setName(client.getClass().getSimpleName() + count);
        }
        configureClient(client, cas);
        index.incrementAndGet();
        LOGGER.debug("Created client [{}]", client);
        properties.add(client);
    });
}
Also used : Pac4jBaseClientProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jBaseClientProperties) WindowsLiveClient(org.pac4j.oauth.client.WindowsLiveClient) AzureAdClient(org.pac4j.oidc.client.AzureAdClient) CasConfiguration(org.pac4j.cas.config.CasConfiguration) CasClient(org.pac4j.cas.client.CasClient) BitbucketClient(org.pac4j.oauth.client.BitbucketClient) SneakyThrows(lombok.SneakyThrows) Google2Client(org.pac4j.oauth.client.Google2Client) OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration) RequiredArgsConstructor(lombok.RequiredArgsConstructor) SAML2Client(org.pac4j.saml.client.SAML2Client) WordPressClient(org.pac4j.oauth.client.WordPressClient) StringUtils(org.apache.commons.lang3.StringUtils) YahooClient(org.pac4j.oauth.client.YahooClient) AzureAdOidcConfiguration(org.pac4j.oidc.config.AzureAdOidcConfiguration) LinkedIn2Client(org.pac4j.oauth.client.LinkedIn2Client) OidcClient(org.pac4j.oidc.client.OidcClient) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) PayPalClient(org.pac4j.oauth.client.PayPalClient) LinkedHashSet(java.util.LinkedHashSet) GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient) FacebookClient(org.pac4j.oauth.client.FacebookClient) KeycloakOidcClient(org.pac4j.oidc.client.KeycloakOidcClient) Verb(com.github.scribejava.core.model.Verb) Collection(java.util.Collection) Pac4jDelegatedAuthenticationProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jDelegatedAuthenticationProperties) Set(java.util.Set) JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm) GenericOAuth20Client(org.pac4j.oauth.client.GenericOAuth20Client) Slf4j(lombok.extern.slf4j.Slf4j) BaseClient(org.pac4j.core.client.BaseClient) TwitterClient(org.pac4j.oauth.client.TwitterClient) Pac4jOidcProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jOidcProperties) KeycloakOidcConfiguration(org.pac4j.oidc.config.KeycloakOidcConfiguration) CasProtocol(org.pac4j.cas.config.CasProtocol) FoursquareClient(org.pac4j.oauth.client.FoursquareClient) GitHubClient(org.pac4j.oauth.client.GitHubClient) OrcidClient(org.pac4j.oauth.client.OrcidClient) DropBoxClient(org.pac4j.oauth.client.DropBoxClient) SAML2ClientConfiguration(org.pac4j.saml.client.SAML2ClientConfiguration) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) CasConfiguration(org.pac4j.cas.config.CasConfiguration) CasClient(org.pac4j.cas.client.CasClient)

Example 40 with StringUtils.isBlank

use of org.apache.commons.lang3.StringUtils.isBlank in project cas by apereo.

the class DelegatedClientFactory method configureSamlClient.

/**
 * Configure saml client.
 *
 * @param properties the properties
 */
protected void configureSamlClient(final Collection<BaseClient> properties) {
    final AtomicInteger index = new AtomicInteger();
    pac4jProperties.getSaml().stream().filter(saml -> StringUtils.isNotBlank(saml.getKeystorePath()) && StringUtils.isNotBlank(saml.getIdentityProviderMetadataPath()) && StringUtils.isNotBlank(saml.getServiceProviderEntityId()) && StringUtils.isNotBlank(saml.getServiceProviderMetadataPath())).forEach(saml -> {
        final SAML2ClientConfiguration cfg = new SAML2ClientConfiguration(saml.getKeystorePath(), saml.getKeystorePassword(), saml.getPrivateKeyPassword(), saml.getIdentityProviderMetadataPath());
        cfg.setMaximumAuthenticationLifetime(saml.getMaximumAuthenticationLifetime());
        cfg.setServiceProviderEntityId(saml.getServiceProviderEntityId());
        cfg.setServiceProviderMetadataPath(saml.getServiceProviderMetadataPath());
        cfg.setDestinationBindingType(saml.getDestinationBinding());
        cfg.setForceAuth(saml.isForceAuth());
        cfg.setPassive(saml.isPassive());
        cfg.setWantsAssertionsSigned(saml.isWantsAssertionsSigned());
        cfg.setAttributeConsumingServiceIndex(saml.getAttributeConsumingServiceIndex());
        if (saml.getAssertionConsumerServiceIndex() >= 0) {
            cfg.setAssertionConsumerServiceIndex(saml.getAssertionConsumerServiceIndex());
        }
        if (StringUtils.isNotBlank(saml.getAuthnContextClassRef())) {
            cfg.setComparisonType(saml.getAuthnContextComparisonType().toUpperCase());
            cfg.setAuthnContextClassRef(saml.getAuthnContextClassRef());
        }
        if (StringUtils.isNotBlank(saml.getKeystoreAlias())) {
            cfg.setKeystoreAlias(saml.getKeystoreAlias());
        }
        if (StringUtils.isNotBlank(saml.getNameIdPolicyFormat())) {
            cfg.setNameIdPolicyFormat(saml.getNameIdPolicyFormat());
        }
        final SAML2Client client = new SAML2Client(cfg);
        final int count = index.intValue();
        if (StringUtils.isBlank(saml.getClientName())) {
            client.setName(client.getClass().getSimpleName() + count);
        }
        configureClient(client, saml);
        index.incrementAndGet();
        LOGGER.debug("Created delegated client [{}]", client);
        properties.add(client);
    });
}
Also used : Pac4jBaseClientProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jBaseClientProperties) WindowsLiveClient(org.pac4j.oauth.client.WindowsLiveClient) AzureAdClient(org.pac4j.oidc.client.AzureAdClient) CasConfiguration(org.pac4j.cas.config.CasConfiguration) CasClient(org.pac4j.cas.client.CasClient) BitbucketClient(org.pac4j.oauth.client.BitbucketClient) SneakyThrows(lombok.SneakyThrows) Google2Client(org.pac4j.oauth.client.Google2Client) OidcConfiguration(org.pac4j.oidc.config.OidcConfiguration) RequiredArgsConstructor(lombok.RequiredArgsConstructor) SAML2Client(org.pac4j.saml.client.SAML2Client) WordPressClient(org.pac4j.oauth.client.WordPressClient) StringUtils(org.apache.commons.lang3.StringUtils) YahooClient(org.pac4j.oauth.client.YahooClient) AzureAdOidcConfiguration(org.pac4j.oidc.config.AzureAdOidcConfiguration) LinkedIn2Client(org.pac4j.oauth.client.LinkedIn2Client) OidcClient(org.pac4j.oidc.client.OidcClient) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) PayPalClient(org.pac4j.oauth.client.PayPalClient) LinkedHashSet(java.util.LinkedHashSet) GoogleOidcClient(org.pac4j.oidc.client.GoogleOidcClient) FacebookClient(org.pac4j.oauth.client.FacebookClient) KeycloakOidcClient(org.pac4j.oidc.client.KeycloakOidcClient) Verb(com.github.scribejava.core.model.Verb) Collection(java.util.Collection) Pac4jDelegatedAuthenticationProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jDelegatedAuthenticationProperties) Set(java.util.Set) JWSAlgorithm(com.nimbusds.jose.JWSAlgorithm) GenericOAuth20Client(org.pac4j.oauth.client.GenericOAuth20Client) Slf4j(lombok.extern.slf4j.Slf4j) BaseClient(org.pac4j.core.client.BaseClient) TwitterClient(org.pac4j.oauth.client.TwitterClient) Pac4jOidcProperties(org.apereo.cas.configuration.model.support.pac4j.Pac4jOidcProperties) KeycloakOidcConfiguration(org.pac4j.oidc.config.KeycloakOidcConfiguration) CasProtocol(org.pac4j.cas.config.CasProtocol) FoursquareClient(org.pac4j.oauth.client.FoursquareClient) GitHubClient(org.pac4j.oauth.client.GitHubClient) OrcidClient(org.pac4j.oauth.client.OrcidClient) DropBoxClient(org.pac4j.oauth.client.DropBoxClient) SAML2ClientConfiguration(org.pac4j.saml.client.SAML2ClientConfiguration) AtomicInteger(java.util.concurrent.atomic.AtomicInteger) SAML2Client(org.pac4j.saml.client.SAML2Client) SAML2ClientConfiguration(org.pac4j.saml.client.SAML2ClientConfiguration)

Aggregations

StringUtils (org.apache.commons.lang3.StringUtils)54 List (java.util.List)33 Collectors (java.util.stream.Collectors)29 Map (java.util.Map)28 Set (java.util.Set)27 ArrayList (java.util.ArrayList)23 Optional (java.util.Optional)22 Collections (java.util.Collections)19 Logger (org.slf4j.Logger)19 LoggerFactory (org.slf4j.LoggerFactory)19 IOException (java.io.IOException)18 HashSet (java.util.HashSet)18 Collection (java.util.Collection)16 HashMap (java.util.HashMap)16 StopWatch (org.apache.commons.lang3.time.StopWatch)13 Autowired (org.springframework.beans.factory.annotation.Autowired)11 Slf4j (lombok.extern.slf4j.Slf4j)10 InputStream (java.io.InputStream)9 Inject (javax.inject.Inject)8 RegisteredTemplate (com.thinkbiganalytics.feedmgr.rest.model.RegisteredTemplate)7