Example 1 with RegisteredServiceAttributeReleasePolicyContext
use of org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext in project cas by apereo.
the class BaseOidcScopeAttributeReleasePolicy method getAttributesInternal.
@Override
public Map<String, List<Object>> getAttributesInternal(final RegisteredServiceAttributeReleasePolicyContext context, final Map<String, List<Object>> attributes) {
val applicationContext = ApplicationContextProvider.getApplicationContext();
if (applicationContext == null) {
LOGGER.warn("Could not locate the application context to process attributes");
return new HashMap<>(0);
}
val resolvedAttributes = new TreeMap<String, List<Object>>(String.CASE_INSENSITIVE_ORDER);
resolvedAttributes.putAll(attributes);
val attributesToRelease = Maps.<String, List<Object>>newHashMapWithExpectedSize(attributes.size());
LOGGER.debug("Attempting to map and filter claims based on resolved attributes [{}]", resolvedAttributes);
val properties = applicationContext.getBean(CasConfigurationProperties.class);
val supportedClaims = properties.getAuthn().getOidc().getDiscovery().getClaims();
val allowedClaims = new LinkedHashSet<>(getAllowedAttributes());
allowedClaims.retainAll(supportedClaims);
LOGGER.debug("[{}] is designed to allow claims [{}] for scope [{}]. After cross-checking with " + "supported claims [{}], the final collection of allowed attributes is [{}]", getClass().getSimpleName(), getAllowedAttributes(), getScopeType(), supportedClaims, allowedClaims);
allowedClaims.stream().map(claim -> mapClaimToAttribute(claim, resolvedAttributes)).filter(p -> p.getValue() != null).forEach(p -> attributesToRelease.put(p.getKey(), CollectionUtils.toCollection(p.getValue(), ArrayList.class)));
return attributesToRelease;
}
Also used :
lombok.val(lombok.val)
LinkedHashSet(java.util.LinkedHashSet)
CasConfigurationProperties(org.apereo.cas.configuration.CasConfigurationProperties)
JsonProperty(com.fasterxml.jackson.annotation.JsonProperty)
Setter(lombok.Setter)
OidcAttributeToScopeClaimMapper(org.apereo.cas.oidc.claims.mapping.OidcAttributeToScopeClaimMapper)
RegisteredServiceAttributeReleasePolicyContext(org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext)
Getter(lombok.Getter)
lombok.val(lombok.val)
HashMap(java.util.HashMap)
EqualsAndHashCode(lombok.EqualsAndHashCode)
Maps(com.google.common.collect.Maps)
ArrayList(java.util.ArrayList)
AbstractRegisteredServiceAttributeReleasePolicy(org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
Pair(org.apache.commons.lang3.tuple.Pair)
TreeMap(java.util.TreeMap)
Map(java.util.Map)
CollectionUtils(org.apereo.cas.util.CollectionUtils)
JsonIgnore(com.fasterxml.jackson.annotation.JsonIgnore)
ToString(lombok.ToString)
JsonInclude(com.fasterxml.jackson.annotation.JsonInclude)
ApplicationContextProvider(org.apereo.cas.util.spring.ApplicationContextProvider)
LinkedHashSet(java.util.LinkedHashSet)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
List(java.util.List)
ToString(lombok.ToString)
TreeMap(java.util.TreeMap)
Example 2 with RegisteredServiceAttributeReleasePolicyContext
use of org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext in project cas by apereo.
the class MetadataRequestedAttributesAttributeReleasePolicy method determineRequestedAttributeDefinitions.
@Override
protected List<String> determineRequestedAttributeDefinitions(final RegisteredServiceAttributeReleasePolicyContext context) {
val entityId = getEntityIdFromRequest(context.getService());
val facade = determineServiceProviderMetadataFacade((SamlRegisteredService) context.getRegisteredService(), entityId);
return facade.map(SamlRegisteredServiceServiceProviderMetadataFacade::getSsoDescriptor).map(sso -> sso.getAttributeConsumingServices().stream().map(svc -> svc.getRequestedAttributes().stream().map(attr -> this.useFriendlyName ? attr.getFriendlyName() : attr.getName()).collect(Collectors.toList())).flatMap(List::stream).sorted().distinct().collect(Collectors.toList())).orElseGet(ArrayList::new);
}
Also used :
lombok.val(lombok.val)
Setter(lombok.Setter)
RegisteredServiceAttributeReleasePolicyContext(org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext)
Getter(lombok.Getter)
SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)
lombok.val(lombok.val)
HashMap(java.util.HashMap)
EqualsAndHashCode(lombok.EqualsAndHashCode)
ApplicationContext(org.springframework.context.ApplicationContext)
Collectors(java.util.stream.Collectors)
ArrayList(java.util.ArrayList)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
Map(java.util.Map)
ToString(lombok.ToString)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
Optional(java.util.Optional)
AllArgsConstructor(lombok.AllArgsConstructor)
EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor)
NoArgsConstructor(lombok.NoArgsConstructor)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
ArrayList(java.util.ArrayList)
Example 3 with RegisteredServiceAttributeReleasePolicyContext
use of org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext in project cas by apereo.
the class AuthnRequestRequestedAttributesAttributeReleasePolicy method getAttributesForSamlRegisteredService.
@Override
protected Map<String, List<Object>> getAttributesForSamlRegisteredService(final Map<String, List<Object>> attributes, final ApplicationContext applicationContext, final SamlRegisteredServiceCachingMetadataResolver resolver, final SamlRegisteredServiceServiceProviderMetadataFacade facade, final EntityDescriptor entityDescriptor, final RegisteredServiceAttributeReleasePolicyContext context) {
val releaseAttributes = new HashMap<String, List<Object>>();
getSamlAuthnRequest(applicationContext).ifPresent(authnRequest -> {
if (authnRequest.getExtensions() != null) {
authnRequest.getExtensions().getUnknownXMLObjects().stream().filter(object -> object instanceof RequestedAttribute).map(object -> (RequestedAttribute) object).filter(attr -> {
val name = this.useFriendlyName ? attr.getFriendlyName() : attr.getName();
LOGGER.debug("Checking for requested attribute [{}] in metadata for [{}]", name, context.getRegisteredService().getName());
return attributes.containsKey(name);
}).forEach(attr -> {
val name = this.useFriendlyName ? attr.getFriendlyName() : attr.getName();
LOGGER.debug("Found requested attribute [{}] in metadata for [{}]", name, context.getRegisteredService().getName());
releaseAttributes.put(name, attributes.get(name));
});
}
});
return authorizeReleaseOfAllowedAttributes(context, releaseAttributes);
}
Also used :
lombok.val(lombok.val)
Setter(lombok.Setter)
RegisteredServiceAttributeReleasePolicyContext(org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext)
Getter(lombok.Getter)
SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)
lombok.val(lombok.val)
HashMap(java.util.HashMap)
EqualsAndHashCode(lombok.EqualsAndHashCode)
ApplicationContext(org.springframework.context.ApplicationContext)
ArrayList(java.util.ArrayList)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
Map(java.util.Map)
ToString(lombok.ToString)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
AllArgsConstructor(lombok.AllArgsConstructor)
EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor)
ApplicationContextProvider(org.apereo.cas.util.spring.ApplicationContextProvider)
RequestedAttribute(org.opensaml.saml.saml2.metadata.RequestedAttribute)
NoArgsConstructor(lombok.NoArgsConstructor)
HashMap(java.util.HashMap)
RequestedAttribute(org.opensaml.saml.saml2.metadata.RequestedAttribute)
Example 4 with RegisteredServiceAttributeReleasePolicyContext
use of org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext in project cas by apereo.
the class MetadataRegistrationAuthorityAttributeReleasePolicy method getAttributesForSamlRegisteredService.
@Override
protected Map<String, List<Object>> getAttributesForSamlRegisteredService(final Map<String, List<Object>> attributes, final ApplicationContext applicationContext, final SamlRegisteredServiceCachingMetadataResolver resolver, final SamlRegisteredServiceServiceProviderMetadataFacade facade, final EntityDescriptor entityDescriptor, final RegisteredServiceAttributeReleasePolicyContext context) {
val extensions = Optional.ofNullable(facade.getExtensions()).map(ElementExtensibleXMLObject::getUnknownXMLObjects).orElseGet(List::of);
val matched = extensions.stream().filter(object -> object instanceof RegistrationInfo).map(info -> (RegistrationInfo) info).anyMatch(info -> RegexUtils.find(this.registrationAuthority, info.getRegistrationAuthority()));
if (matched) {
return authorizeReleaseOfAllowedAttributes(context, attributes);
}
return new HashMap<>(0);
}
Also used :
lombok.val(lombok.val)
Setter(lombok.Setter)
RegisteredServiceAttributeReleasePolicyContext(org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext)
Getter(lombok.Getter)
SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)
lombok.val(lombok.val)
HashMap(java.util.HashMap)
RegistrationInfo(org.opensaml.saml.ext.saml2mdrpi.RegistrationInfo)
EqualsAndHashCode(lombok.EqualsAndHashCode)
ElementExtensibleXMLObject(org.opensaml.core.xml.ElementExtensibleXMLObject)
ApplicationContext(org.springframework.context.ApplicationContext)
RegexUtils(org.apereo.cas.util.RegexUtils)
List(java.util.List)
Map(java.util.Map)
ToString(lombok.ToString)
SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)
Optional(java.util.Optional)
EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor)
RegistrationInfo(org.opensaml.saml.ext.saml2mdrpi.RegistrationInfo)
HashMap(java.util.HashMap)
List(java.util.List)
Example 5 with RegisteredServiceAttributeReleasePolicyContext
use of org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext in project cas by apereo.
the class WSFederationClaimsReleasePolicy method getAttributesInternal.
@Override
public Map<String, List<Object>> getAttributesInternal(final RegisteredServiceAttributeReleasePolicyContext context, final Map<String, List<Object>> attrs) {
val resolvedAttributes = new TreeMap<String, List<Object>>(String.CASE_INSENSITIVE_ORDER);
resolvedAttributes.putAll(attrs);
val attributesToRelease = Maps.<String, List<Object>>newHashMapWithExpectedSize(resolvedAttributes.size());
getAllowedAttributes().entrySet().stream().filter(entry -> WSFederationClaims.contains(entry.getKey().toUpperCase())).forEach(entry -> {
val claimName = entry.getKey();
val attributeValue = resolvedAttributes.get(entry.getValue());
val claim = WSFederationClaims.valueOf(claimName.toUpperCase());
if (resolvedAttributes.containsKey(claim.getUri())) {
attributesToRelease.put(claim.getUri(), resolvedAttributes.get(claim.getUri()));
} else {
LOGGER.trace("Evaluating claim [{}] mapped to attribute value [{}]", claim.getUri(), attributeValue);
mapSingleAttributeDefinition(claim.getUri(), entry.getValue(), attributeValue, resolvedAttributes, attributesToRelease);
}
});
return attributesToRelease;
}
Also used :
lombok.val(lombok.val)
Setter(lombok.Setter)
RegisteredServiceAttributeReleasePolicyContext(org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext)
Getter(lombok.Getter)
lombok.val(lombok.val)
EqualsAndHashCode(lombok.EqualsAndHashCode)
Maps(com.google.common.collect.Maps)
WSFederationClaims(org.apereo.cas.ws.idp.WSFederationClaims)
ArrayList(java.util.ArrayList)
AbstractRegisteredServiceAttributeReleasePolicy(org.apereo.cas.services.AbstractRegisteredServiceAttributeReleasePolicy)
LinkedHashMap(java.util.LinkedHashMap)
ScriptingUtils(org.apereo.cas.util.scripting.ScriptingUtils)
Slf4j(lombok.extern.slf4j.Slf4j)
List(java.util.List)
TreeMap(java.util.TreeMap)
Map(java.util.Map)
CollectionUtils(org.apereo.cas.util.CollectionUtils)
ApplicationContextProvider(org.apereo.cas.util.spring.ApplicationContextProvider)
ExecutableCompiledGroovyScript(org.apereo.cas.util.scripting.ExecutableCompiledGroovyScript)
ArrayList(java.util.ArrayList)
List(java.util.List)
TreeMap(java.util.TreeMap)
Aggregations
List (java.util.List)7
Map (java.util.Map)7
EqualsAndHashCode (lombok.EqualsAndHashCode)7
Getter (lombok.Getter)7
Setter (lombok.Setter)7
lombok.val (lombok.val)7
RegisteredServiceAttributeReleasePolicyContext (org.apereo.cas.services.RegisteredServiceAttributeReleasePolicyContext)7
ArrayList (java.util.ArrayList)6
HashMap (java.util.HashMap)6
ToString (lombok.ToString)6
Slf4j (lombok.extern.slf4j.Slf4j)6
SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)5
SamlRegisteredServiceCachingMetadataResolver (org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)5
EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)5
ApplicationContext (org.springframework.context.ApplicationContext)5
AllArgsConstructor (lombok.AllArgsConstructor)4
NoArgsConstructor (lombok.NoArgsConstructor)4
ApplicationContextProvider (org.apereo.cas.util.spring.ApplicationContextProvider)4
Optional (java.util.Optional)3
Maps (com.google.common.collect.Maps)2
