Example 1 with IdentityZoneConfiguration
use of org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration in project uaa by cloudfoundry.
the class ZoneAwareWhitelistLogoutHandler method getZoneHandler.
protected WhitelistLogoutHandler getZoneHandler() {
IdentityZoneConfiguration config = IdentityZoneHolder.get().getConfig();
if (config == null) {
config = new IdentityZoneConfiguration();
}
WhitelistLogoutHandler handler = new WhitelistLogoutHandler(config.getLinks().getLogout().getWhitelist());
handler.setTargetUrlParameter(config.getLinks().getLogout().getRedirectParameterName());
handler.setDefaultTargetUrl(config.getLinks().getLogout().getRedirectUrl());
handler.setAlwaysUseDefaultTargetUrl(config.getLinks().getLogout().isDisableRedirectParameter());
handler.setClientDetailsService(clientDetailsService);
return handler;
}
Also used :
IdentityZoneConfiguration(org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration)
Example 2 with IdentityZoneConfiguration
use of org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration in project uaa by cloudfoundry.
the class ClientAdminEndpointsIntegrationTests method testClientSecretExpiryCannotBeSet.
@Test
public void testClientSecretExpiryCannotBeSet() {
assertTrue("Expected testzone1.localhost and testzone2.localhost to resolve to 127.0.0.1", doesSupportZoneDNS());
String testZoneId = "testzone1";
RestTemplate adminClient = IntegrationTestUtils.getClientCredentialsTemplate(IntegrationTestUtils.getClientCredentialsResource(serverRunning.getBaseUrl(), new String[0], "admin", "adminsecret"));
RestTemplate identityClient = IntegrationTestUtils.getClientCredentialsTemplate(IntegrationTestUtils.getClientCredentialsResource(serverRunning.getBaseUrl(), new String[] { "zones.write", "zones.read", "scim.zones" }, "identity", "identitysecret"));
IdentityZoneConfiguration config = new IdentityZoneConfiguration();
// min length 5, max length 12, requires 1 uppercase lowercase digit and specialChar, expries 6 months.
config.setClientSecretPolicy(new ClientSecretPolicy(5, 12, 1, 1, 1, 1, 6));
IdentityZone createdZone = IntegrationTestUtils.createZoneOrUpdateSubdomain(identityClient, serverRunning.getBaseUrl(), testZoneId, testZoneId, config);
assertEquals(-1, createdZone.getConfig().getClientSecretPolicy().getExpireSecretInMonths());
config.setClientSecretPolicy(new ClientSecretPolicy(0, 255, 0, 0, 0, 0, 6));
IntegrationTestUtils.createZoneOrUpdateSubdomain(identityClient, serverRunning.getBaseUrl(), testZoneId, testZoneId, config);
}
Also used :
IdentityZone(org.cloudfoundry.identity.uaa.zone.IdentityZone)
RestTemplate(org.springframework.web.client.RestTemplate)
ClientSecretPolicy(org.cloudfoundry.identity.uaa.zone.ClientSecretPolicy)
IdentityZoneConfiguration(org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration)
Test(org.junit.Test)
Example 3 with IdentityZoneConfiguration
use of org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration in project uaa by cloudfoundry.
the class ZoneAwareIdpMetadataGenerator method getZoneDefinition.
protected IdentityZoneConfiguration getZoneDefinition() {
IdentityZone zone = IdentityZoneHolder.get();
IdentityZoneConfiguration definition = zone.getConfig();
return definition != null ? definition : new IdentityZoneConfiguration();
}
Also used :
IdentityZone(org.cloudfoundry.identity.uaa.zone.IdentityZone)
IdentityZoneConfiguration(org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration)
Example 4 with IdentityZoneConfiguration
use of org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration in project uaa by cloudfoundry.
the class MockMvcUtils method setPrompts.
public static void setPrompts(ApplicationContext context, String zoneId, List<Prompt> prompts) {
IdentityZoneConfiguration config = getZoneConfiguration(context, zoneId);
config.setPrompts(prompts);
setZoneConfiguration(context, zoneId, config);
}
Also used :
IdentityZoneConfiguration(org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration)
Example 5 with IdentityZoneConfiguration
use of org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration in project uaa by cloudfoundry.
the class LoginInfoEndpoint method populatePrompts.
private void populatePrompts(Model model, List<String> exclude, String origin, Map<String, SamlIdentityProviderDefinition> samlIdentityProviders, Map<String, AbstractExternalOAuthIdentityProviderDefinition> oauthIdentityProviders, List<String> excludedPrompts, boolean returnLoginPrompts) {
boolean noIdpsPresent = true;
for (SamlIdentityProviderDefinition idp : samlIdentityProviders.values()) {
if (idp.isShowSamlLink()) {
model.addAttribute(SHOW_LOGIN_LINKS, true);
noIdpsPresent = false;
break;
}
}
for (AbstractExternalOAuthIdentityProviderDefinition oauthIdp : oauthIdentityProviders.values()) {
if (oauthIdp.isShowLinkText()) {
model.addAttribute(SHOW_LOGIN_LINKS, true);
noIdpsPresent = false;
break;
}
}
// make the list writeable
if (noIdpsPresent) {
excludedPrompts.add(PASSCODE);
}
if (!returnLoginPrompts) {
excludedPrompts.add("username");
excludedPrompts.add("password");
}
List<Prompt> prompts;
IdentityZoneConfiguration zoneConfiguration = IdentityZoneHolder.get().getConfig();
if (isNull(zoneConfiguration)) {
zoneConfiguration = new IdentityZoneConfiguration();
}
prompts = zoneConfiguration.getPrompts();
if (origin != null) {
IdentityProvider providerForOrigin = null;
try {
providerForOrigin = providerProvisioning.retrieveByOrigin(origin, IdentityZoneHolder.get().getId());
} catch (DataAccessException ignored) {
}
if (providerForOrigin != null) {
if (providerForOrigin.getConfig() instanceof OIDCIdentityProviderDefinition) {
OIDCIdentityProviderDefinition oidcConfig = (OIDCIdentityProviderDefinition) providerForOrigin.getConfig();
List<Prompt> providerPrompts = oidcConfig.getPrompts();
if (providerPrompts != null) {
prompts = providerPrompts;
}
}
}
}
Map<String, String[]> map = new LinkedHashMap<>();
for (Prompt prompt : prompts) {
String[] details = prompt.getDetails();
if (PASSCODE.equals(prompt.getName()) && !IdentityZoneHolder.isUaa()) {
String urlInPasscode = extractUrlFromString(prompt.getDetails()[1]);
if (hasText(urlInPasscode)) {
String[] newDetails = new String[details.length];
System.arraycopy(details, 0, newDetails, 0, details.length);
newDetails[1] = newDetails[1].replace(urlInPasscode, addSubdomainToUrl(urlInPasscode, IdentityZoneHolder.get().getSubdomain()));
details = newDetails;
}
}
map.put(prompt.getName(), details);
}
if (mfaChecker.isMfaEnabled(IdentityZoneHolder.get())) {
Prompt p = new Prompt(MFA_CODE, "password", "MFA Code ( Register at " + addSubdomainToUrl(baseUrl + " )", IdentityZoneHolder.get().getSubdomain()));
map.putIfAbsent(p.getName(), p.getDetails());
}
for (String excludeThisPrompt : exclude) {
map.remove(excludeThisPrompt);
}
model.addAttribute("prompts", map);
}
Also used :
IdentityProvider(org.cloudfoundry.identity.uaa.provider.IdentityProvider)
OIDCIdentityProviderDefinition(org.cloudfoundry.identity.uaa.provider.OIDCIdentityProviderDefinition)
LinkedHashMap(java.util.LinkedHashMap)
SamlIdentityProviderDefinition(org.cloudfoundry.identity.uaa.provider.SamlIdentityProviderDefinition)
AbstractExternalOAuthIdentityProviderDefinition(org.cloudfoundry.identity.uaa.provider.AbstractExternalOAuthIdentityProviderDefinition)
EmptyResultDataAccessException(org.springframework.dao.EmptyResultDataAccessException)
DataAccessException(org.springframework.dao.DataAccessException)
IdentityZoneConfiguration(org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration)
Aggregations
IdentityZoneConfiguration (org.cloudfoundry.identity.uaa.zone.IdentityZoneConfiguration)62
IdentityZone (org.cloudfoundry.identity.uaa.zone.IdentityZone)40
Test (org.junit.jupiter.api.Test)24
Matchers.containsString (org.hamcrest.Matchers.containsString)20
RandomValueStringGenerator (org.springframework.security.oauth2.common.util.RandomValueStringGenerator)16
RestTemplate (org.springframework.web.client.RestTemplate)14
Test (org.junit.Test)13
MockMvcUtils.createOtherIdentityZone (org.cloudfoundry.identity.uaa.mock.util.MockMvcUtils.createOtherIdentityZone)11
SamlIdentityProviderDefinition (org.cloudfoundry.identity.uaa.provider.SamlIdentityProviderDefinition)9
SetServerNameRequestPostProcessor (org.cloudfoundry.identity.uaa.util.SetServerNameRequestPostProcessor)9
TokenPolicy (org.cloudfoundry.identity.uaa.zone.TokenPolicy)9
ScimUser (org.cloudfoundry.identity.uaa.scim.ScimUser)7
IdentityZoneProvisioning (org.cloudfoundry.identity.uaa.zone.IdentityZoneProvisioning)7
BaseClientDetails (org.springframework.security.oauth2.provider.client.BaseClientDetails)7
HashMap (java.util.HashMap)6
SamlServiceProviderDefinition (org.cloudfoundry.identity.uaa.provider.saml.idp.SamlServiceProviderDefinition)6
Matchers.isEmptyOrNullString (org.hamcrest.Matchers.isEmptyOrNullString)6
BrandingInformation (org.cloudfoundry.identity.uaa.zone.BrandingInformation)5
SamlConfig (org.cloudfoundry.identity.uaa.zone.SamlConfig)5
Map (java.util.Map)3
