Examples with DefaultSamlIdPCertificateAndKeyWriter org.apereo.cas.support.saml.idp.metadata.writer.DefaultSamlIdPCertificateAndKeyWriter used on opensource projects

Example 1 with DefaultSamlIdPCertificateAndKeyWriter

use of org.apereo.cas.support.saml.idp.metadata.writer.DefaultSamlIdPCertificateAndKeyWriter in project cas by apereo.

the class SamlIdPMetadataConfiguration method samlSelfSignedCertificateWriter.

@ConditionalOnMissingBean(name = "samlSelfSignedCertificateWriter")
@Bean
@SneakyThrows
public SamlIdPCertificateAndKeyWriter samlSelfSignedCertificateWriter() {
    final URL url = new URL(casProperties.getServer().getPrefix());
    final DefaultSamlIdPCertificateAndKeyWriter generator = new DefaultSamlIdPCertificateAndKeyWriter();
    generator.setHostname(url.getHost());
    generator.setUriSubjectAltNames(CollectionUtils.wrap(url.getHost().concat("/idp/metadata")));
    return generator;
}

Example 2 with DefaultSamlIdPCertificateAndKeyWriter

use of org.apereo.cas.support.saml.idp.metadata.writer.DefaultSamlIdPCertificateAndKeyWriter in project cas by apereo.

the class GenerateSamlIdPMetadataCommand method generate.

/**
 * Generate saml2 idp metadata at the specified location.
 *
 * @param metadataLocation the metadata location
 * @param entityId         the entity id
 * @param serverPrefix     the server prefix
 * @param scope            the scope
 * @param force            force generation of metadata
 */
@CliCommand(value = "generate-idp-metadata", help = "Generate SAML2 IdP Metadata")
public void generate(@CliOption(key = { "metadataLocation" }, help = "Directory location to hold metadata and relevant keys/certificates", specifiedDefaultValue = "/etc/cas/saml", unspecifiedDefaultValue = "/etc/cas/saml", optionContext = "Directory location to hold metadata and relevant keys/certificates") final String metadataLocation, @CliOption(key = { "entityId" }, help = "Entity ID to use for the generated metadata", specifiedDefaultValue = "cas.example.org", unspecifiedDefaultValue = "cas.example.org", optionContext = "Entity ID to use for the generated metadata") final String entityId, @CliOption(key = { "hostName" }, help = "CAS server prefix to be used at the IdP host name when generating metadata", specifiedDefaultValue = "https://cas.example.org/cas", unspecifiedDefaultValue = "https://cas.example.org/cas", optionContext = "CAS server prefix to be used at the IdP host name when generating metadata") final String serverPrefix, @CliOption(key = { "scope" }, help = "Scope to use when generating metadata", specifiedDefaultValue = "example.org", unspecifiedDefaultValue = "example.org", optionContext = "Scope to use when generating metadata") final String scope, @CliOption(key = { "force" }, specifiedDefaultValue = "false", unspecifiedDefaultValue = "false", help = "Force metadata generation, disregarding anything that might already be available at the specified location", optionContext = "Force metadata generation, disregarding anything that might already be available at the specified location") final boolean force) {
    final SamlIdPMetadataLocator locator = new DefaultSamlIdPMetadataLocator(new File(metadataLocation));
    final DefaultSamlIdPCertificateAndKeyWriter writer = new DefaultSamlIdPCertificateAndKeyWriter();
    final FileSystemSamlIdPMetadataGenerator generator = new FileSystemSamlIdPMetadataGenerator(entityId, this.resourceLoader, serverPrefix, scope, locator, writer);
    boolean generateMetadata = true;
    if (!locator.exists()) {
        LOGGER.warn("Metadata artifacts are available at the specified location: [{}]", metadataLocation);
        generateMetadata = force;
    }
    if (generateMetadata) {
        generator.initialize();
        generator.generate();
        LOGGER.info("Generated metadata is available at [{}]", locator.getMetadata());
    } else {
        LOGGER.info("No metadata was generated; it might already exist at the specified path");
    }
}

Example 3 with DefaultSamlIdPCertificateAndKeyWriter

use of org.apereo.cas.support.saml.idp.metadata.writer.DefaultSamlIdPCertificateAndKeyWriter in project cas by apereo.

the class GenerateSamlIdPMetadataCommand method generate.

/**
 * Generate saml2 idp metadata at the specified location.
 *
 * @param metadataLocation the metadata location
 * @param entityId         the entity id
 * @param serverPrefix     the server prefix
 * @param scope            the scope
 * @param force            force generation of metadata
 * @param subjectAltNames  additional subject alternative names for cert (besides entity id)
 * @throws Exception the exception
 */
@ShellMethod(key = "generate-idp-metadata", value = "Generate SAML2 IdP Metadata")
public void generate(@ShellOption(value = { "metadataLocation", "--metadataLocation" }, help = "Directory location to hold metadata and relevant keys/certificates", defaultValue = "/etc/cas/saml") final String metadataLocation, @ShellOption(value = { "entityId", "--entityId" }, help = "Entity ID to use for the generated metadata", defaultValue = "cas.example.org") final String entityId, @ShellOption(value = { "hostName", "--hostName" }, help = "CAS server prefix to be used at the IdP host name when generating metadata", defaultValue = "https://cas.example.org/cas") final String serverPrefix, @ShellOption(value = { "scope", "--scope" }, help = "Scope to use when generating metadata", defaultValue = "example.org") final String scope, @ShellOption(value = { "force", "--force" }, help = "Force metadata generation (XML only, not certs), overwriting anything at the specified location") final boolean force, @ShellOption(value = { "subjectAltNames", "--subjectAltNames" }, help = "Comma separated list of other subject alternative names for the certificate (besides entityId)", defaultValue = StringUtils.EMPTY) final String subjectAltNames) throws Exception {
    val locator = new FileSystemSamlIdPMetadataLocator(new File(metadataLocation), Caffeine.newBuilder().initialCapacity(1).maximumSize(1).build());
    val writer = new DefaultSamlIdPCertificateAndKeyWriter();
    writer.setHostname(entityId);
    if (StringUtils.isNotBlank(subjectAltNames)) {
        writer.setUriSubjectAltNames(Arrays.asList(StringUtils.split(subjectAltNames, ",")));
    }
    val generateMetadata = FunctionUtils.doIf(locator.exists(Optional.empty()), () -> Boolean.TRUE, () -> {
        LOGGER.warn("Metadata artifacts are available at the specified location [{}]", metadataLocation);
        return force;
    }).get();
    if (generateMetadata) {
        val props = new CasConfigurationProperties();
        props.getAuthn().getSamlIdp().getCore().setEntityId(entityId);
        props.getServer().setScope(scope);
        props.getServer().setPrefix(serverPrefix);
        val context = SamlIdPMetadataGeneratorConfigurationContext.builder().samlIdPMetadataLocator(locator).samlIdPCertificateAndKeyWriter(writer).applicationContext(applicationContext).casProperties(props).metadataCipherExecutor(CipherExecutor.noOpOfStringToString()).openSamlConfigBean(openSamlConfigBean).velocityEngine(velocityEngineFactoryBean).build();
        val generator = new FileSystemSamlIdPMetadataGenerator(context);
        generator.initialize();
        generator.generate(Optional.empty());
        LOGGER.info("Generated metadata is available at [{}]", locator.resolveMetadata(Optional.empty()));
    } else {
        LOGGER.info("No metadata was generated; it might already exist at the specified path");
    }
}