use of org.apereo.cas.support.saml.OpenSamlConfigBean in project cas by apereo.
the class SamlMetadataUIConfiguration method configureAdapter.
private MetadataResolverAdapter configureAdapter(final AbstractMetadataResolverAdapter adapter) {
final Map<Resource, MetadataFilterChain> resources = new HashMap<>();
final MetadataFilterChain chain = new MetadataFilterChain();
casProperties.getSamlMetadataUi().getResources().forEach(Unchecked.consumer(r -> configureResource(resources, chain, r)));
adapter.setRequireValidMetadata(casProperties.getSamlMetadataUi().isRequireValidMetadata());
adapter.setMetadataResources(resources);
adapter.setConfigBean(openSamlConfigBean);
return adapter;
}
use of org.apereo.cas.support.saml.OpenSamlConfigBean in project cas by apereo.
the class SamlIdPMultifactorAuthenticationTrigger method isActivated.
@Override
public Optional<MultifactorAuthenticationProvider> isActivated(final Authentication authentication, final RegisteredService registeredService, final HttpServletRequest request, final HttpServletResponse response, final Service service) {
val context = new JEEContext(request, response);
val result = SamlIdPUtils.retrieveSamlRequest(context, distributedSessionStore, openSamlConfigBean, AuthnRequest.class);
val mappings = getAuthenticationContextMappings();
return result.map(pair -> (AuthnRequest) pair.getLeft()).flatMap(authnRequest -> authnRequest.getRequestedAuthnContext().getAuthnContextClassRefs().stream().filter(Objects::nonNull).filter(ref -> StringUtils.isNotBlank(ref.getURI())).filter(ref -> {
val clazz = ref.getURI();
return mappings.containsKey(clazz);
}).findFirst().map(mapped -> mappings.get(mapped.getURI()))).flatMap(id -> {
val providerMap = MultifactorAuthenticationUtils.getAvailableMultifactorAuthenticationProviders(applicationContext);
return MultifactorAuthenticationUtils.resolveProvider(providerMap, id);
});
}
use of org.apereo.cas.support.saml.OpenSamlConfigBean in project cas by apereo.
the class BaseSamlRegisteredServiceAttributeReleasePolicy method getEntityIdFromRequest.
/**
* Gets entity id from request.
*
* @param selectedService the selected service
* @return the entity id from request
*/
protected static String getEntityIdFromRequest(final Service selectedService) {
val request = HttpRequestUtils.getHttpServletRequestFromRequestAttributes();
if (request == null || selectedService == null) {
LOGGER.debug("No http request could be identified to locate the entity id");
return null;
}
LOGGER.debug("Attempting to determine entity id for service [{}]", selectedService);
val entityIdAttribute = selectedService.getAttributes().get(SamlProtocolConstants.PARAMETER_ENTITY_ID);
if (entityIdAttribute != null && !entityIdAttribute.isEmpty()) {
LOGGER.debug("Found entity id [{}] as a service attribute", entityIdAttribute);
return CollectionUtils.firstElement(entityIdAttribute).map(Object::toString).orElseThrow();
}
val providerIdAttribute = selectedService.getAttributes().get(SamlIdPConstants.PROVIDER_ID);
if (providerIdAttribute != null && !providerIdAttribute.isEmpty()) {
LOGGER.debug("Found provider entity id [{}] as a service attribute", providerIdAttribute);
return CollectionUtils.firstElement(providerIdAttribute).map(Object::toString).orElseThrow();
}
val samlRequest = selectedService.getAttributes().get(SamlProtocolConstants.PARAMETER_SAML_REQUEST);
if (samlRequest != null && !samlRequest.isEmpty()) {
val applicationContext = ApplicationContextProvider.getApplicationContext();
val resolver = applicationContext.getBean(SamlRegisteredServiceCachingMetadataResolver.DEFAULT_BEAN_NAME, SamlRegisteredServiceCachingMetadataResolver.class);
val attributeValue = CollectionUtils.firstElement(samlRequest).map(Object::toString).orElseThrow();
val openSamlConfigBean = resolver.getOpenSamlConfigBean();
val authnRequest = SamlIdPUtils.retrieveSamlRequest(openSamlConfigBean, RequestAbstractType.class, attributeValue);
SamlUtils.logSamlObject(openSamlConfigBean, authnRequest);
val issuer = SamlIdPUtils.getIssuerFromSamlObject(authnRequest);
LOGGER.debug("Found entity id [{}] from SAML request issuer", issuer);
return issuer;
}
val entityId = request.getParameter(SamlProtocolConstants.PARAMETER_ENTITY_ID);
if (StringUtils.isNotBlank(entityId)) {
LOGGER.debug("Found entity id [{}] as a request parameter", entityId);
return entityId;
}
val svcParam = request.getParameter(CasProtocolConstants.PARAMETER_SERVICE);
return FunctionUtils.doIf(StringUtils.isNotBlank(svcParam), () -> FunctionUtils.doAndHandle(o -> {
val builder = new URIBuilder(svcParam);
return builder.getQueryParams().stream().filter(p -> p.getName().equals(SamlProtocolConstants.PARAMETER_ENTITY_ID)).map(NameValuePair::getValue).findFirst().orElse(StringUtils.EMPTY);
}, throwable -> {
LoggingUtils.error(LOGGER, throwable);
return null;
}).apply(svcParam), () -> null).get();
}
use of org.apereo.cas.support.saml.OpenSamlConfigBean in project cas by apereo.
the class SamlMetadataUIConfiguration method chainingSamlMetadataUIMetadataResolverAdapter.
@ConditionalOnMissingBean(name = "chainingSamlMetadataUIMetadataResolverAdapter")
@Bean
@RefreshScope(proxyMode = ScopedProxyMode.DEFAULT)
public MetadataResolverAdapter chainingSamlMetadataUIMetadataResolverAdapter(final CasConfigurationProperties casProperties, final ConfigurableApplicationContext applicationContext, @Qualifier(OpenSamlConfigBean.DEFAULT_BEAN_NAME) final OpenSamlConfigBean openSamlConfigBean) {
val staticAdapter = new StaticMetadataResolverAdapter();
configureAdapter(staticAdapter, applicationContext, casProperties, openSamlConfigBean);
staticAdapter.buildMetadataResolverAggregate();
val dynaAdapter = new DynamicMetadataResolverAdapter();
configureAdapter(dynaAdapter, applicationContext, casProperties, openSamlConfigBean);
return new ChainingMetadataResolverAdapter(CollectionUtils.wrapSet(staticAdapter, dynaAdapter));
}
use of org.apereo.cas.support.saml.OpenSamlConfigBean in project cas by apereo.
the class SamlIdPMetadataConfiguration method samlRegisteredServiceMetadataResolvers.
@ConditionalOnMissingBean(name = "samlRegisteredServiceMetadataResolvers")
@Bean
public SamlRegisteredServiceMetadataResolutionPlan samlRegisteredServiceMetadataResolvers() {
final DefaultSamlRegisteredServiceMetadataResolutionPlan plan = new DefaultSamlRegisteredServiceMetadataResolutionPlan();
final SamlIdPProperties samlIdp = casProperties.getAuthn().getSamlIdp();
plan.registerMetadataResolver(new DynamicMetadataResolver(samlIdp, openSamlConfigBean, httpClient));
plan.registerMetadataResolver(new FileSystemResourceMetadataResolver(samlIdp, openSamlConfigBean));
plan.registerMetadataResolver(new UrlResourceMetadataResolver(samlIdp, openSamlConfigBean, httpClient));
plan.registerMetadataResolver(new ClasspathResourceMetadataResolver(samlIdp, openSamlConfigBean));
plan.registerMetadataResolver(new GroovyResourceMetadataResolver(samlIdp, openSamlConfigBean));
final Map<String, SamlRegisteredServiceMetadataResolutionPlanConfigurator> configurers = this.applicationContext.getBeansOfType(SamlRegisteredServiceMetadataResolutionPlanConfigurator.class, false, true);
configurers.values().forEach(c -> {
final String name = StringUtils.removePattern(c.getClass().getSimpleName(), "\\$.+");
LOGGER.debug("Configuring saml metadata resolution plan [{}]", name);
c.configureMetadataResolutionPlan(plan);
});
return plan;
}
Aggregations