use of org.apache.commons.lang3.StringUtils.isBlank in project cas by apereo.
the class CoreAuthenticationUtils method newCredentialSelectionPredicate.
/**
* Gets credential selection predicate.
*
* @param selectionCriteria the selection criteria
* @return the credential selection predicate
*/
public static Predicate<Credential> newCredentialSelectionPredicate(final String selectionCriteria) {
try {
if (StringUtils.isBlank(selectionCriteria)) {
return credential -> true;
}
if (selectionCriteria.endsWith(".groovy")) {
final ResourceLoader loader = new DefaultResourceLoader();
final Resource resource = loader.getResource(selectionCriteria);
if (resource != null) {
final String script = IOUtils.toString(resource.getInputStream(), StandardCharsets.UTF_8);
final GroovyClassLoader classLoader = new GroovyClassLoader(Beans.class.getClassLoader(), new CompilerConfiguration(), true);
final Class<Predicate> clz = classLoader.parseClass(script);
return clz.getDeclaredConstructor().newInstance();
}
}
final Class predicateClazz = ClassUtils.getClass(selectionCriteria);
return (Predicate<org.apereo.cas.authentication.Credential>) predicateClazz.getDeclaredConstructor().newInstance();
} catch (final Exception e) {
final Predicate<String> predicate = Pattern.compile(selectionCriteria).asPredicate();
return credential -> predicate.test(credential.getId());
}
}
use of org.apache.commons.lang3.StringUtils.isBlank in project cas by apereo.
the class OidcDefaultJsonWebKeystoreCacheLoader method buildJsonWebKeySet.
/**
* Build json web key set.
*
* @return the json web key set
*/
private Optional<JsonWebKeySet> buildJsonWebKeySet() {
try {
LOGGER.debug("Loading default JSON web key from [{}]", this.jwksFile);
if (this.jwksFile != null) {
LOGGER.debug("Retrieving default JSON web key from [{}]", this.jwksFile);
final JsonWebKeySet jsonWebKeySet = buildJsonWebKeySet(this.jwksFile);
if (jsonWebKeySet == null || jsonWebKeySet.getJsonWebKeys().isEmpty()) {
LOGGER.warn("No JSON web keys could be found");
return Optional.empty();
}
final long badKeysCount = jsonWebKeySet.getJsonWebKeys().stream().filter(k -> StringUtils.isBlank(k.getAlgorithm()) && StringUtils.isBlank(k.getKeyId()) && StringUtils.isBlank(k.getKeyType())).count();
if (badKeysCount == jsonWebKeySet.getJsonWebKeys().size()) {
LOGGER.warn("No valid JSON web keys could be found");
return Optional.empty();
}
final RsaJsonWebKey webKey = getJsonSigningWebKeyFromJwks(jsonWebKeySet);
if (webKey.getPrivateKey() == null) {
LOGGER.warn("JSON web key retrieved [{}] has no associated private key", webKey.getKeyId());
return Optional.empty();
}
return Optional.of(jsonWebKeySet);
}
} catch (final Exception e) {
LOGGER.debug(e.getMessage(), e);
}
return Optional.empty();
}
use of org.apache.commons.lang3.StringUtils.isBlank in project cas by apereo.
the class OidcServiceJsonWebKeystoreCacheLoader method buildJsonWebKeySet.
private Optional<JsonWebKeySet> buildJsonWebKeySet(final OidcRegisteredService service) {
try {
LOGGER.debug("Loading JSON web key from [{}]", service.getJwks());
final Resource resource = this.resourceLoader.getResource(service.getJwks());
final JsonWebKeySet jsonWebKeySet = buildJsonWebKeySet(resource);
if (jsonWebKeySet == null || jsonWebKeySet.getJsonWebKeys().isEmpty()) {
LOGGER.warn("No JSON web keys could be found for [{}]", service);
return Optional.empty();
}
final long badKeysCount = jsonWebKeySet.getJsonWebKeys().stream().filter(k -> StringUtils.isBlank(k.getAlgorithm()) && StringUtils.isBlank(k.getKeyId()) && StringUtils.isBlank(k.getKeyType())).count();
if (badKeysCount == jsonWebKeySet.getJsonWebKeys().size()) {
LOGGER.warn("No valid JSON web keys could be found for [{}]", service);
return Optional.empty();
}
final RsaJsonWebKey webKey = getJsonSigningWebKeyFromJwks(jsonWebKeySet);
if (webKey.getPublicKey() == null) {
LOGGER.warn("JSON web key retrieved [{}] has no associated public key", webKey.getKeyId());
return Optional.empty();
}
return Optional.of(jsonWebKeySet);
} catch (final Exception e) {
LOGGER.error(e.getMessage(), e);
}
return Optional.empty();
}
use of org.apache.commons.lang3.StringUtils.isBlank in project cas by apereo.
the class DelegatedClientFactory method configureCasClient.
/**
* Configure cas client.
*
* @param properties the properties
*/
protected void configureCasClient(final Collection<BaseClient> properties) {
final AtomicInteger index = new AtomicInteger();
pac4jProperties.getCas().stream().filter(cas -> StringUtils.isNotBlank(cas.getLoginUrl())).forEach(cas -> {
final CasConfiguration cfg = new CasConfiguration(cas.getLoginUrl(), CasProtocol.valueOf(cas.getProtocol()));
final CasClient client = new CasClient(cfg);
final int count = index.intValue();
if (StringUtils.isBlank(cas.getClientName())) {
client.setName(client.getClass().getSimpleName() + count);
}
configureClient(client, cas);
index.incrementAndGet();
LOGGER.debug("Created client [{}]", client);
properties.add(client);
});
}
use of org.apache.commons.lang3.StringUtils.isBlank in project cas by apereo.
the class DelegatedClientFactory method configureSamlClient.
/**
* Configure saml client.
*
* @param properties the properties
*/
protected void configureSamlClient(final Collection<BaseClient> properties) {
final AtomicInteger index = new AtomicInteger();
pac4jProperties.getSaml().stream().filter(saml -> StringUtils.isNotBlank(saml.getKeystorePath()) && StringUtils.isNotBlank(saml.getIdentityProviderMetadataPath()) && StringUtils.isNotBlank(saml.getServiceProviderEntityId()) && StringUtils.isNotBlank(saml.getServiceProviderMetadataPath())).forEach(saml -> {
final SAML2ClientConfiguration cfg = new SAML2ClientConfiguration(saml.getKeystorePath(), saml.getKeystorePassword(), saml.getPrivateKeyPassword(), saml.getIdentityProviderMetadataPath());
cfg.setMaximumAuthenticationLifetime(saml.getMaximumAuthenticationLifetime());
cfg.setServiceProviderEntityId(saml.getServiceProviderEntityId());
cfg.setServiceProviderMetadataPath(saml.getServiceProviderMetadataPath());
cfg.setDestinationBindingType(saml.getDestinationBinding());
cfg.setForceAuth(saml.isForceAuth());
cfg.setPassive(saml.isPassive());
cfg.setWantsAssertionsSigned(saml.isWantsAssertionsSigned());
cfg.setAttributeConsumingServiceIndex(saml.getAttributeConsumingServiceIndex());
if (saml.getAssertionConsumerServiceIndex() >= 0) {
cfg.setAssertionConsumerServiceIndex(saml.getAssertionConsumerServiceIndex());
}
if (StringUtils.isNotBlank(saml.getAuthnContextClassRef())) {
cfg.setComparisonType(saml.getAuthnContextComparisonType().toUpperCase());
cfg.setAuthnContextClassRef(saml.getAuthnContextClassRef());
}
if (StringUtils.isNotBlank(saml.getKeystoreAlias())) {
cfg.setKeystoreAlias(saml.getKeystoreAlias());
}
if (StringUtils.isNotBlank(saml.getNameIdPolicyFormat())) {
cfg.setNameIdPolicyFormat(saml.getNameIdPolicyFormat());
}
final SAML2Client client = new SAML2Client(cfg);
final int count = index.intValue();
if (StringUtils.isBlank(saml.getClientName())) {
client.setName(client.getClass().getSimpleName() + count);
}
configureClient(client, saml);
index.incrementAndGet();
LOGGER.debug("Created delegated client [{}]", client);
properties.add(client);
});
}
Aggregations