Examples with MetadataResolver org.opensaml.saml.metadata.resolver.MetadataResolver used on opensource projects

Example 6 with MetadataResolver

use of org.opensaml.saml.metadata.resolver.MetadataResolver in project cas by apereo.

the class SamlRegisteredServiceDefaultCachingMetadataResolver method resolve.

@Override
public MetadataResolver resolve(final SamlRegisteredService service) {
    MetadataResolver resolver = null;
    try {
        LOGGER.debug("Resolving metadata for [{}] at [{}].", service.getName(), service.getMetadataLocation());
        resolver = this.cache.get(service);
        return resolver;
    } finally {
        if (resolver != null) {
            LOGGER.debug("Loaded and cached SAML metadata [{}] from [{}]", resolver.getId(), service.getMetadataLocation());
        }
    }
}

Example 7 with MetadataResolver

use of org.opensaml.saml.metadata.resolver.MetadataResolver in project cas by apereo.

the class GroovyResourceMetadataResolver method resolve.

@Override
public Collection<MetadataResolver> resolve(final SamlRegisteredService service) {
    try {
        final String metadataLocation = service.getMetadataLocation();
        LOGGER.info("Loading SAML metadata via [{}]", metadataLocation);
        final AbstractResource metadataResource = ResourceUtils.getResourceFrom(metadataLocation);
        final Object[] args = { service, this.configBean, this.samlIdPProperties, LOGGER };
        final MetadataResolver metadataResolver = ScriptingUtils.executeGroovyScript(metadataResource, args, MetadataResolver.class);
        if (metadataResolver != null) {
            return CollectionUtils.wrap(metadataResolver);
        }
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
    }
    return new ArrayList<>(0);
}

Example 8 with MetadataResolver

use of org.opensaml.saml.metadata.resolver.MetadataResolver in project cas by apereo.

the class JpaSamlRegisteredServiceMetadataResolverTests method verifyResolver.

@Test
public void verifyResolver() throws Exception {
    final ClassPathResource res = new ClassPathResource("samlsp-metadata.xml");
    final SamlMetadataDocument md = new SamlMetadataDocument();
    md.setName("SP");
    md.setValue(IOUtils.toString(res.getInputStream(), StandardCharsets.UTF_8));
    resolver.saveOrUpdate(md);
    final SamlRegisteredService service = new SamlRegisteredService();
    service.setName("SAML Service");
    service.setServiceId("https://carmenwiki.osu.edu/shibboleth");
    service.setDescription("Testing");
    service.setMetadataLocation("jdbc://");
    assertTrue(resolver.supports(service));
    final Collection<MetadataResolver> resolvers = resolver.resolve(service);
    assertTrue(resolvers.size() == 1);
}

Example 9 with MetadataResolver

use of org.opensaml.saml.metadata.resolver.MetadataResolver in project cas by apereo.

the class ChainingMetadataResolverCacheLoader method load.

@Override
public ChainingMetadataResolver load(final SamlRegisteredService service) throws Exception {
    try {
        final ChainingMetadataResolver metadataResolver = new ChainingMetadataResolver();
        final List<MetadataResolver> metadataResolvers = new ArrayList<>();
        if (isDynamicMetadataQueryConfigured(service)) {
            resolveMetadataDynamically(service, metadataResolvers);
        } else {
            resolveMetadataFromResource(service, metadataResolvers);
        }
        if (metadataResolvers.isEmpty()) {
            throw new SamlException("No metadata resolvers could be configured for service " + service.getName() + " with metadata location " + service.getMetadataLocation());
        }
        synchronized (this.lock) {
            metadataResolver.setId(ChainingMetadataResolver.class.getCanonicalName());
            metadataResolver.setResolvers(metadataResolvers);
            metadataResolver.initialize();
        }
        return metadataResolver;
    } catch (final Exception e) {
        throw new SamlException(e.getMessage(), e);
    }
}

Example 10 with MetadataResolver

use of org.opensaml.saml.metadata.resolver.MetadataResolver in project cas by apereo.

the class SamlIdPUtils method getAssertionConsumerServiceFor.

/**
 * Gets assertion consumer service for.
 *
 * @param authnRequest    the authn request
 * @param servicesManager the services manager
 * @param resolver        the resolver
 * @return the assertion consumer service for
 */
public static AssertionConsumerService getAssertionConsumerServiceFor(final AuthnRequest authnRequest, final ServicesManager servicesManager, final SamlRegisteredServiceCachingMetadataResolver resolver) {
    try {
        final AssertionConsumerService acs = new AssertionConsumerServiceBuilder().buildObject();
        if (authnRequest.getAssertionConsumerServiceIndex() != null) {
            final String issuer = getIssuerFromSamlRequest(authnRequest);
            final MetadataResolver samlResolver = getMetadataResolverForAllSamlServices(servicesManager, issuer, resolver);
            final CriteriaSet criteriaSet = new CriteriaSet();
            criteriaSet.add(new EntityIdCriterion(issuer));
            criteriaSet.add(new EntityRoleCriterion(SPSSODescriptor.DEFAULT_ELEMENT_NAME));
            criteriaSet.add(new BindingCriterion(CollectionUtils.wrap(SAMLConstants.SAML2_POST_BINDING_URI)));
            final Iterable<EntityDescriptor> it = samlResolver.resolve(criteriaSet);
            it.forEach(entityDescriptor -> {
                final SPSSODescriptor spssoDescriptor = entityDescriptor.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
                final List<AssertionConsumerService> acsEndpoints = spssoDescriptor.getAssertionConsumerServices();
                if (acsEndpoints.isEmpty()) {
                    throw new IllegalArgumentException("Metadata resolved for entity id " + issuer + " has no defined ACS endpoints");
                }
                final int acsIndex = authnRequest.getAssertionConsumerServiceIndex();
                if (acsIndex + 1 > acsEndpoints.size()) {
                    throw new IllegalArgumentException("AssertionConsumerService index specified in the request " + acsIndex + " is invalid " + "since the total endpoints available to " + issuer + " is " + acsEndpoints.size());
                }
                final AssertionConsumerService foundAcs = acsEndpoints.get(acsIndex);
                acs.setBinding(foundAcs.getBinding());
                acs.setLocation(foundAcs.getLocation());
                acs.setResponseLocation(foundAcs.getResponseLocation());
                acs.setIndex(acsIndex);
            });
        } else {
            acs.setBinding(authnRequest.getProtocolBinding());
            acs.setLocation(authnRequest.getAssertionConsumerServiceURL());
            acs.setResponseLocation(authnRequest.getAssertionConsumerServiceURL());
            acs.setIndex(0);
            acs.setIsDefault(Boolean.TRUE);
        }
        LOGGER.debug("Resolved AssertionConsumerService from the request is [{}]", acs);
        if (StringUtils.isBlank(acs.getBinding())) {
            throw new SamlException("AssertionConsumerService has no protocol binding defined");
        }
        if (StringUtils.isBlank(acs.getLocation()) && StringUtils.isBlank(acs.getResponseLocation())) {
            throw new SamlException("AssertionConsumerService has no location or response location defined");
        }
        return acs;
    } catch (final Exception e) {
        throw new IllegalArgumentException(new SamlException(e.getMessage(), e));
    }
}