Example 11 with Endpoint
use of org.opensaml.saml2.metadata.Endpoint in project cloud-pipeline by epam.
the class SAMLProxyAuthenticationProvider method authenticate.
@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
SAMLProxyAuthentication auth = (SAMLProxyAuthentication) authentication;
List<ExternalServiceEndpoint> externalServices = preferenceManager.getPreference(SYSTEM_EXTERNAL_SERVICES_ENDPOINTS);
if (CollectionUtils.isEmpty(externalServices)) {
throw new AuthenticationServiceException(messageHelper.getMessage(MessageConstants.ERROR_PROXY_SECURITY_CONFIG_MISSING));
}
if (StringUtils.isNotBlank(auth.getRawSamlResponse())) {
try {
Response decoded = CustomSamlClient.decodeSamlResponse(auth.getRawSamlResponse());
String endpointId = // cut out SSO endpoint
decoded.getDestination().substring(0, decoded.getDestination().length() - CustomSamlClient.SSO_ENDPOINT.length());
Optional<ExternalServiceEndpoint> endpointOpt = externalServices.stream().filter(e -> e.getEndpointId().equals(endpointId)).findFirst();
if (endpointOpt.isPresent()) {
return validateAuthentication(auth, decoded, endpointId, endpointOpt.get());
} else {
throw new AuthenticationServiceException("Authentication error: unexpected external service");
}
} catch (SAMLException e) {
throw new AuthenticationServiceException("Authentication error: ", e);
}
} else {
throw new AuthenticationServiceException("Authentication error: missing SAML token");
}
}
Also used :
Response(org.opensaml.saml2.core.Response)
PreferenceManager(com.epam.pipeline.manager.preference.PreferenceManager)
MessageConstants(com.epam.pipeline.common.MessageConstants)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
SYSTEM_EXTERNAL_SERVICES_ENDPOINTS(com.epam.pipeline.manager.preference.SystemPreferences.SYSTEM_EXTERNAL_SERVICES_ENDPOINTS)
Autowired(org.springframework.beans.factory.annotation.Autowired)
AuthenticationProvider(org.springframework.security.authentication.AuthenticationProvider)
IOException(java.io.IOException)
ExternalServiceEndpoint(com.epam.pipeline.security.ExternalServiceEndpoint)
StringUtils(org.apache.commons.lang3.StringUtils)
File(java.io.File)
CollectionUtils(org.apache.commons.collections4.CollectionUtils)
List(java.util.List)
MessageHelper(com.epam.pipeline.common.MessageHelper)
Response(org.opensaml.saml2.core.Response)
Optional(java.util.Optional)
AuthenticationException(org.springframework.security.core.AuthenticationException)
FileReader(java.io.FileReader)
Authentication(org.springframework.security.core.Authentication)
SAMLException(org.opensaml.common.SAMLException)
SAMLException(org.opensaml.common.SAMLException)
AuthenticationServiceException(org.springframework.security.authentication.AuthenticationServiceException)
ExternalServiceEndpoint(com.epam.pipeline.security.ExternalServiceEndpoint)
Aggregations
Endpoint (org.opensaml.saml.saml2.metadata.Endpoint)6
URI (java.net.URI)3
Endpoint (org.opensaml.saml2.metadata.Endpoint)3
URISyntaxException (java.net.URISyntaxException)2
SAMLEndpointContext (org.opensaml.saml.common.messaging.context.SAMLEndpointContext)2
SAMLPeerEntityContext (org.opensaml.saml.common.messaging.context.SAMLPeerEntityContext)2
Response (org.opensaml.saml2.core.Response)2
AssertionConsumerServiceBuilder (org.opensaml.saml2.metadata.impl.AssertionConsumerServiceBuilder)2
MessageConstants (com.epam.pipeline.common.MessageConstants)1
MessageHelper (com.epam.pipeline.common.MessageHelper)1
PreferenceManager (com.epam.pipeline.manager.preference.PreferenceManager)1
SYSTEM_EXTERNAL_SERVICES_ENDPOINTS (com.epam.pipeline.manager.preference.SystemPreferences.SYSTEM_EXTERNAL_SERVICES_ENDPOINTS)1
ExternalServiceEndpoint (com.epam.pipeline.security.ExternalServiceEndpoint)1
File (java.io.File)1
FileReader (java.io.FileReader)1
IOException (java.io.IOException)1
ArrayList (java.util.ArrayList)1
HashMap (java.util.HashMap)1
List (java.util.List)1
Optional (java.util.Optional)1
