Search in sources :

Example 1 with AbstractSamlSPProperties

use of org.apereo.cas.configuration.model.support.saml.sps.AbstractSamlSPProperties in project cas by apereo.

the class SamlSPUtils method newSamlServiceProviderService.

/**
     * New saml service provider registration.
     *
     * @param sp       the properties
     * @param resolver the resolver
     * @return the saml registered service
     */
public static SamlRegisteredService newSamlServiceProviderService(final AbstractSamlSPProperties sp, final SamlRegisteredServiceCachingMetadataResolver resolver) {
    if (StringUtils.isBlank(sp.getMetadata())) {
        LOGGER.debug("Skipped registration of [{}] since no metadata location is found", sp.getName());
        return null;
    }
    try {
        final SamlRegisteredService service = new SamlRegisteredService();
        service.setName(sp.getName());
        service.setDescription(sp.getDescription());
        service.setEvaluationOrder(Integer.MIN_VALUE);
        service.setMetadataLocation(sp.getMetadata());
        final List<String> attributesToRelease = new ArrayList<>(sp.getAttributes());
        if (StringUtils.isNotBlank(sp.getNameIdAttribute())) {
            attributesToRelease.add(sp.getNameIdAttribute());
            service.setUsernameAttributeProvider(new PrincipalAttributeRegisteredServiceUsernameProvider(sp.getNameIdAttribute()));
        }
        if (StringUtils.isNotBlank(sp.getNameIdFormat())) {
            service.setRequiredNameIdFormat(sp.getNameIdFormat());
        }
        final Map<String, String> attributes = Beans.transformPrincipalAttributesListIntoMap(attributesToRelease);
        service.setAttributeReleasePolicy(new ReturnMappedAttributeReleasePolicy(attributes));
        service.setMetadataCriteriaRoles(SPSSODescriptor.DEFAULT_ELEMENT_NAME.getLocalPart());
        service.setMetadataCriteriaRemoveEmptyEntitiesDescriptors(true);
        service.setMetadataCriteriaRemoveRolelessEntityDescriptors(true);
        if (StringUtils.isNotBlank(sp.getSignatureLocation())) {
            service.setMetadataSignatureLocation(sp.getSignatureLocation());
        }
        final List<String> entityIDList = sp.getEntityIds();
        if (entityIDList.isEmpty()) {
            final ChainingMetadataResolver chainingResolver = resolver.resolve(service);
            if (chainingResolver.getResolvers().isEmpty()) {
                LOGGER.warn("Skipped registration of [{}] since no metadata resolver could be constructed", sp.getName());
                return null;
            }
            chainingResolver.getResolvers().forEach(r -> {
                if (r instanceof AbstractBatchMetadataResolver) {
                    final Iterator<EntityDescriptor> it = ((AbstractBatchMetadataResolver) r).iterator();
                    final Optional<EntityDescriptor> descriptor = StreamSupport.stream(Spliterators.spliteratorUnknownSize(it, Spliterator.ORDERED), false).filter(e -> e.getSPSSODescriptor(SAMLConstants.SAML20P_NS) != null).findFirst();
                    if (descriptor.isPresent()) {
                        entityIDList.add(descriptor.get().getEntityID());
                    } else {
                        LOGGER.warn("Skipped registration of [{}] since no entity id could be found", sp.getName());
                    }
                }
            });
        }
        if (entityIDList.isEmpty()) {
            LOGGER.warn("Skipped registration of [{}] since no metadata entity ids could be found", sp.getName());
            return null;
        }
        final String entityIds = org.springframework.util.StringUtils.collectionToDelimitedString(entityIDList, "|");
        service.setMetadataCriteriaDirection(PredicateFilter.Direction.INCLUDE.name());
        service.setMetadataCriteriaPattern(entityIds);
        LOGGER.debug("Registering saml service [{}] by entity id [{}]", sp.getName(), entityIds);
        service.setServiceId(entityIds);
        return service;
    } catch (final Exception e) {
        throw Throwables.propagate(e);
    }
}
Also used : AbstractBatchMetadataResolver(org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver) PrincipalAttributeRegisteredServiceUsernameProvider(org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider) Spliterators(java.util.Spliterators) SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver) LoggerFactory(org.slf4j.LoggerFactory) Beans(org.apereo.cas.configuration.support.Beans) StringUtils(org.apache.commons.lang3.StringUtils) AbstractBatchMetadataResolver(org.opensaml.saml.metadata.resolver.impl.AbstractBatchMetadataResolver) ArrayList(java.util.ArrayList) SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService) Map(java.util.Map) StreamSupport(java.util.stream.StreamSupport) SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants) ServicesManager(org.apereo.cas.services.ServicesManager) Logger(org.slf4j.Logger) Iterator(java.util.Iterator) Throwables(com.google.common.base.Throwables) RegisteredService(org.apereo.cas.services.RegisteredService) SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor) List(java.util.List) AbstractSamlSPProperties(org.apereo.cas.configuration.model.support.saml.sps.AbstractSamlSPProperties) ReturnMappedAttributeReleasePolicy(org.apereo.cas.services.ReturnMappedAttributeReleasePolicy) ChainingMetadataResolver(org.opensaml.saml.metadata.resolver.ChainingMetadataResolver) Optional(java.util.Optional) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) PredicateFilter(org.opensaml.saml.metadata.resolver.filter.impl.PredicateFilter) Spliterator(java.util.Spliterator) ArrayList(java.util.ArrayList) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) ChainingMetadataResolver(org.opensaml.saml.metadata.resolver.ChainingMetadataResolver) PrincipalAttributeRegisteredServiceUsernameProvider(org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider) SamlRegisteredService(org.apereo.cas.support.saml.services.SamlRegisteredService) ReturnMappedAttributeReleasePolicy(org.apereo.cas.services.ReturnMappedAttributeReleasePolicy)

Aggregations

Throwables (com.google.common.base.Throwables)1 ArrayList (java.util.ArrayList)1 Iterator (java.util.Iterator)1 List (java.util.List)1 Map (java.util.Map)1 Optional (java.util.Optional)1 Spliterator (java.util.Spliterator)1 Spliterators (java.util.Spliterators)1 StreamSupport (java.util.stream.StreamSupport)1 StringUtils (org.apache.commons.lang3.StringUtils)1 AbstractSamlSPProperties (org.apereo.cas.configuration.model.support.saml.sps.AbstractSamlSPProperties)1 Beans (org.apereo.cas.configuration.support.Beans)1 PrincipalAttributeRegisteredServiceUsernameProvider (org.apereo.cas.services.PrincipalAttributeRegisteredServiceUsernameProvider)1 RegisteredService (org.apereo.cas.services.RegisteredService)1 ReturnMappedAttributeReleasePolicy (org.apereo.cas.services.ReturnMappedAttributeReleasePolicy)1 ServicesManager (org.apereo.cas.services.ServicesManager)1 SamlRegisteredService (org.apereo.cas.support.saml.services.SamlRegisteredService)1 SamlRegisteredServiceCachingMetadataResolver (org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)1 SAMLConstants (org.opensaml.saml.common.xml.SAMLConstants)1 ChainingMetadataResolver (org.opensaml.saml.metadata.resolver.ChainingMetadataResolver)1