Example 51 with GluuSAMLTrustRelationship
use of org.gluu.oxtrust.model.GluuSAMLTrustRelationship in project oxTrust by GluuFederation.
the class Shibboleth3ConfService method initTrustParamMap.
/*
* Prepare trustRelationships to generate files
*/
private HashMap<String, Object> initTrustParamMap(List<GluuSAMLTrustRelationship> trustRelationships) {
log.trace("Starting trust parameters map initialization.");
HashMap<String, Object> trustParams = new HashMap<String, Object>();
// Metadata signature verification engines
// https://wiki.shibboleth.net/confluence/display/SHIB2/IdPTrustEngine
List<Map<String, String>> trustEngines = new ArrayList<Map<String, String>>();
// the map of {inum,number} for easy naming of relying parties.
Map<String, String> trustIds = new HashMap<String, String>();
// Trust relationships that are part of some federation
List<GluuSAMLTrustRelationship> deconstructed = new ArrayList<GluuSAMLTrustRelationship>();
// the map of {inum,number} for easy naming of federated relying
// parties.
Map<String, String> deconstructedIds = new HashMap<String, String>();
// the map of {inum, {inum, inum, inum...}} describing the federations
// and TRs defined from them.
Map<String, List<String>> deconstructedMap = new HashMap<String, List<String>>();
// entityIds defined in each TR.
Map<String, List<String>> trustEntityIds = new HashMap<String, List<String>>();
int id = 1;
for (GluuSAMLTrustRelationship trustRelationship : trustRelationships) {
boolean isPartOfFederation = !(trustRelationship.getSpMetaDataSourceType().equals(GluuMetadataSourceType.URI) || trustRelationship.getSpMetaDataSourceType().equals(GluuMetadataSourceType.FILE));
if (!isPartOfFederation) {
// Set Id
trustIds.put(trustRelationship.getInum(), String.valueOf(id++));
// Set entityId
String idpMetadataFolder = getIdpMetadataDir();
String metadataFile = idpMetadataFolder + trustRelationship.getSpMetaDataFN();
List<String> entityIds = samlMetadataParser.getEntityIdFromMetadataFile(metadataFile);
// user will be able to fix this in UI
if (entityIds == null) {
trustRelationship.setStatus(GluuStatus.INACTIVE);
trustService.updateTrustRelationship(trustRelationship);
continue;
}
trustEntityIds.put(trustRelationship.getInum(), entityIds);
initProfileConfiguration(trustRelationship);
if (trustRelationship.getMetadataFilters().get("signatureValidation") != null) {
Map<String, String> trustEngine = new HashMap<String, String>();
trustEngine.put("id", "Trust" + StringHelper.removePunctuation(trustRelationship.getInum()));
trustEngine.put("certPath", getIdpMetadataDir() + "credentials" + File.separator + trustRelationship.getMetadataFilters().get("signatureValidation").getFilterCertFileName());
trustEngines.add(trustEngine);
}
// If there is an intrusive filter - push it to the end of the list.
if (trustRelationship.getGluuSAMLMetaDataFilter() != null) {
List<String> filtersList = new ArrayList<String>();
String entityRoleWhiteList = null;
for (String filterXML : trustRelationship.getGluuSAMLMetaDataFilter()) {
Document xmlDocument;
try {
xmlDocument = xmlService.getXmlDocument(filterXML.getBytes());
} catch (Exception e) {
log.error("GluuSAMLMetaDataFilter contains invalid value.", e);
e.printStackTrace();
continue;
}
if (xmlDocument.getFirstChild().getAttributes().getNamedItem("xsi:type").getNodeValue().equals(FilterService.ENTITY_ROLE_WHITE_LIST_TYPE)) {
entityRoleWhiteList = filterXML;
continue;
}
filtersList.add(filterXML);
}
if (entityRoleWhiteList != null) {
filtersList.add(entityRoleWhiteList);
}
trustRelationship.setGluuSAMLMetaDataFilter(filtersList);
}
} else {
initProfileConfiguration(trustRelationship);
String federationInum = trustRelationship.getGluuContainerFederation();
if (deconstructedMap.get(federationInum) == null) {
deconstructedMap.put(federationInum, new ArrayList<String>());
}
deconstructedMap.get(federationInum).add(trustRelationship.getEntityId());
deconstructed.add(trustRelationship);
deconstructedIds.put(trustRelationship.getEntityId(), String.valueOf(id++));
}
}
for (String trustRelationshipInum : trustEntityIds.keySet()) {
List<String> federatedSites = deconstructedMap.get(trustRelationshipInum);
if (federatedSites != null) {
trustEntityIds.get(trustRelationshipInum).removeAll(federatedSites);
}
}
trustParams.put("idpCredentialsPath", getIdpMetadataDir() + "credentials" + File.separator);
trustParams.put("deconstructed", deconstructed);
trustParams.put("deconstructedIds", deconstructedIds);
trustParams.put("trustEngines", trustEngines);
trustParams.put("trusts", trustRelationships);
trustParams.put("trustIds", trustIds);
trustParams.put("trustEntityIds", trustEntityIds);
return trustParams;
}
Also used :
GluuSAMLTrustRelationship(org.gluu.oxtrust.model.GluuSAMLTrustRelationship)
HashMap(java.util.HashMap)
ArrayList(java.util.ArrayList)
Document(org.w3c.dom.Document)
XPathExpressionException(javax.xml.xpath.XPathExpressionException)
EncryptionException(org.gluu.util.security.StringEncrypter.EncryptionException)
SAXException(org.xml.sax.SAXException)
IOException(java.io.IOException)
XMLParserException(org.opensaml.xml.parse.XMLParserException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
InvalidConfigurationException(org.gluu.util.exception.InvalidConfigurationException)
List(java.util.List)
ArrayList(java.util.ArrayList)
Map(java.util.Map)
HashMap(java.util.HashMap)
Aggregations
GluuSAMLTrustRelationship (org.gluu.oxtrust.model.GluuSAMLTrustRelationship)51
ArrayList (java.util.ArrayList)17
IOException (java.io.IOException)15
CertificateEncodingException (java.security.cert.CertificateEncodingException)11
BaseMappingException (org.gluu.persist.exception.mapping.BaseMappingException)10
Path (javax.ws.rs.Path)7
Produces (javax.ws.rs.Produces)7
ApiResponses (com.wordnik.swagger.annotations.ApiResponses)6
List (java.util.List)6
File (java.io.File)5
HashSet (java.util.HashSet)5
Consumes (javax.ws.rs.Consumes)4
POST (javax.ws.rs.POST)4
VelocityContext (org.apache.velocity.VelocityContext)4
SubversionFile (org.gluu.oxtrust.model.SubversionFile)4
ApiOperation (com.wordnik.swagger.annotations.ApiOperation)3
HashMap (java.util.HashMap)3
Set (java.util.Set)3
TreeSet (java.util.TreeSet)3
GluuAttribute (org.gluu.model.GluuAttribute)3
