Examples with SamlIdPSamlRegisteredServiceCriterion - org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPSamlRegisteredServiceCriterion

Example 6 with SamlIdPSamlRegisteredServiceCriterion

use of org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPSamlRegisteredServiceCriterion in project cas by apereo.

the class SamlIdPUtils method determineNameIdNameQualifier.

/**
 * Determine name id name qualifier string.
 *
 * @param samlRegisteredService   the saml registered service
 * @param samlIdPMetadataResolver the saml id p metadata resolver
 * @return the string
 */
public static String determineNameIdNameQualifier(final SamlRegisteredService samlRegisteredService, final MetadataResolver samlIdPMetadataResolver) {
    if (StringUtils.isNotBlank(samlRegisteredService.getNameIdQualifier())) {
        return samlRegisteredService.getNameIdQualifier();
    }
    val nameQualifier = FunctionUtils.doIf(StringUtils.isNotBlank(samlRegisteredService.getIssuerEntityId()), samlRegisteredService::getIssuerEntityId, Unchecked.supplier(() -> {
        val criteriaSet = new CriteriaSet(new EvaluableEntityRoleEntityDescriptorCriterion(IDPSSODescriptor.DEFAULT_ELEMENT_NAME), new SamlIdPSamlRegisteredServiceCriterion(samlRegisteredService));
        LOGGER.trace("Resolving entity id from SAML2 IdP metadata to determine issuer for [{}]", samlRegisteredService.getName());
        val entityDescriptor = Objects.requireNonNull(samlIdPMetadataResolver.resolveSingle(criteriaSet));
        return entityDescriptor.getEntityID();
    })).get();
    LOGGER.debug("Using name qualifier [{}] for the Name ID", nameQualifier);
    return nameQualifier;
}

Also used : lombok.val(lombok.val) EvaluableEntityRoleEntityDescriptorCriterion(org.opensaml.saml.metadata.criteria.entity.impl.EvaluableEntityRoleEntityDescriptorCriterion) SamlIdPSamlRegisteredServiceCriterion(org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPSamlRegisteredServiceCriterion) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet)

Aggregations

lombok.val (lombok.val)6 CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)6 SamlIdPSamlRegisteredServiceCriterion (org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPSamlRegisteredServiceCriterion)6 ArrayList (java.util.ArrayList)4 EvaluableEntityRoleEntityDescriptorCriterion (org.opensaml.saml.metadata.criteria.entity.impl.EvaluableEntityRoleEntityDescriptorCriterion)4 SamlIdPMetadataCredentialResolver (org.apereo.cas.support.saml.idp.metadata.locator.SamlIdPMetadataCredentialResolver)3 EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)3 EntityRoleCriterion (org.opensaml.saml.criterion.EntityRoleCriterion)3 UsageCriterion (org.opensaml.security.criteria.UsageCriterion)3 SamlException (org.apereo.cas.support.saml.SamlException)2 PrivateKeyFactoryBean (org.apereo.cas.util.crypto.PrivateKeyFactoryBean)2 BasicCredential (org.opensaml.security.credential.BasicCredential)2 BasicProviderKeyInfoCredentialResolver (org.opensaml.xmlsec.keyinfo.impl.BasicProviderKeyInfoCredentialResolver)2 DEREncodedKeyValueProvider (org.opensaml.xmlsec.keyinfo.impl.provider.DEREncodedKeyValueProvider)2 DSAKeyValueProvider (org.opensaml.xmlsec.keyinfo.impl.provider.DSAKeyValueProvider)2 InlineX509DataProvider (org.opensaml.xmlsec.keyinfo.impl.provider.InlineX509DataProvider)2 KeyInfoReferenceProvider (org.opensaml.xmlsec.keyinfo.impl.provider.KeyInfoReferenceProvider)2 RSAKeyValueProvider (org.opensaml.xmlsec.keyinfo.impl.provider.RSAKeyValueProvider)2 Sets (com.google.common.collect.Sets)1 PrivateKey (java.security.PrivateKey)1