Examples with EntityDescriptor org.opensaml.saml2.metadata.EntityDescriptor used on opensource projects

Search in sources :

Example 1 with EntityDescriptor

use of org.opensaml.saml2.metadata.EntityDescriptor in project cas by apereo.

the class BaseSamlRegisteredServiceAttributeReleasePolicy method getAttributesInternal.

@Override
protected Map<String, Object> getAttributesInternal(final Map<String, Object> attrs, final RegisteredService service) {
    if (service instanceof SamlRegisteredService) {
        final SamlRegisteredService saml = (SamlRegisteredService) service;
        final HttpServletRequest request = WebUtils.getHttpServletRequestFromRequestAttributes();
        if (request == null) {
            LOGGER.warn("Could not locate the request context to process attributes");
            return super.getAttributesInternal(attrs, service);
        }
        String entityId = request.getParameter(SamlProtocolConstants.PARAMETER_ENTITY_ID);
        if (StringUtils.isBlank(entityId)) {
            final String svcParam = request.getParameter(CasProtocolConstants.PARAMETER_SERVICE);
            if (StringUtils.isNotBlank(svcParam)) {
                try {
                    final URIBuilder builder = new URIBuilder(svcParam);
                    entityId = builder.getQueryParams().stream().filter(p -> p.getName().equals(SamlProtocolConstants.PARAMETER_ENTITY_ID)).map(NameValuePair::getValue).findFirst().orElse(StringUtils.EMPTY);
                } catch (final Exception e) {
                    LOGGER.error(e.getMessage());
                }
            }
        }
        final ApplicationContext ctx = ApplicationContextProvider.getApplicationContext();
        if (ctx == null) {
            LOGGER.warn("Could not locate the application context to process attributes");
            return super.getAttributesInternal(attrs, service);
        }
        final SamlRegisteredServiceCachingMetadataResolver resolver = ctx.getBean("defaultSamlRegisteredServiceCachingMetadataResolver", SamlRegisteredServiceCachingMetadataResolver.class);
        final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> facade = SamlRegisteredServiceServiceProviderMetadataFacade.get(resolver, saml, entityId);
        if (facade == null || !facade.isPresent()) {
            LOGGER.warn("Could not locate metadata for [{}] to process attributes", entityId);
            return super.getAttributesInternal(attrs, service);
        }
        final EntityDescriptor input = facade.get().getEntityDescriptor();
        if (input == null) {
            LOGGER.warn("Could not locate entity descriptor for [{}] to process attributes", entityId);
            return super.getAttributesInternal(attrs, service);
        }
        return getAttributesForSamlRegisteredService(attrs, saml, ctx, resolver, facade.get(), input);
    }
    return super.getAttributesInternal(attrs, service);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) ApplicationContext(org.springframework.context.ApplicationContext) SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade) SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver) URIBuilder(org.apache.http.client.utils.URIBuilder)

Example 2 with EntityDescriptor

use of org.opensaml.saml2.metadata.EntityDescriptor in project cas by apereo.

the class BaseSamlRegisteredServiceAttributeReleasePolicy method getAttributesInternal.

@Override
public Map<String, Object> getAttributesInternal(final Principal principal, final Map<String, Object> attributes, final RegisteredService service) {
    if (service instanceof SamlRegisteredService) {
        final SamlRegisteredService saml = (SamlRegisteredService) service;
        final HttpServletRequest request = ((ServletRequestAttributes) RequestContextHolder.currentRequestAttributes()).getRequest();
        if (request == null) {
            LOGGER.warn("Could not locate the request context to process attributes");
            return super.getAttributesInternal(principal, attributes, service);
        }
        String entityId = request.getParameter(SamlProtocolConstants.PARAMETER_ENTITY_ID);
        if (StringUtils.isBlank(entityId)) {
            final String svcParam = request.getParameter(CasProtocolConstants.PARAMETER_SERVICE);
            if (StringUtils.isNotBlank(svcParam)) {
                try {
                    final URIBuilder builder = new URIBuilder(svcParam);
                    entityId = builder.getQueryParams().stream().filter(p -> p.getName().equals(SamlProtocolConstants.PARAMETER_ENTITY_ID)).map(NameValuePair::getValue).findFirst().orElse(StringUtils.EMPTY);
                } catch (final Exception e) {
                    LOGGER.error(e.getMessage());
                }
            }
        }
        final ApplicationContext ctx = ApplicationContextProvider.getApplicationContext();
        if (ctx == null) {
            LOGGER.warn("Could not locate the application context to process attributes");
            return super.getAttributesInternal(principal, attributes, service);
        }
        final SamlRegisteredServiceCachingMetadataResolver resolver = ctx.getBean("defaultSamlRegisteredServiceCachingMetadataResolver", SamlRegisteredServiceCachingMetadataResolver.class);
        final Optional<SamlRegisteredServiceServiceProviderMetadataFacade> facade = SamlRegisteredServiceServiceProviderMetadataFacade.get(resolver, saml, entityId);
        if (facade == null || !facade.isPresent()) {
            LOGGER.warn("Could not locate metadata for [{}] to process attributes", entityId);
            return super.getAttributesInternal(principal, attributes, service);
        }
        final EntityDescriptor input = facade.get().getEntityDescriptor();
        if (input == null) {
            LOGGER.warn("Could not locate entity descriptor for [{}] to process attributes", entityId);
            return super.getAttributesInternal(principal, attributes, service);
        }
        return getAttributesForSamlRegisteredService(attributes, saml, ctx, resolver, facade.get(), input);
    }
    return super.getAttributesInternal(principal, attributes, service);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) ApplicationContext(org.springframework.context.ApplicationContext) SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade) ServletRequestAttributes(org.springframework.web.context.request.ServletRequestAttributes) SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver) URIBuilder(org.apache.http.client.utils.URIBuilder)

Example 3 with EntityDescriptor

use of org.opensaml.saml2.metadata.EntityDescriptor in project cas by apereo.

the class MetadataRequestedAttributesAttributeReleasePolicy method getAttributesForSamlRegisteredService.

@Override
protected Map<String, Object> getAttributesForSamlRegisteredService(final Map<String, Object> attributes, final SamlRegisteredService service, final ApplicationContext applicationContext, final SamlRegisteredServiceCachingMetadataResolver resolver, final SamlRegisteredServiceServiceProviderMetadataFacade facade, final EntityDescriptor entityDescriptor) {
    final Map<String, Object> releaseAttributes = new LinkedHashMap<>();
    final SPSSODescriptor sso = facade.getSsoDescriptor();
    if (sso != null) {
        sso.getAttributeConsumingServices().forEach(svc -> svc.getRequestAttributes().stream().filter(attr -> {
            final String name = this.useFriendlyName ? attr.getFriendlyName() : attr.getName();
            LOGGER.debug("Checking for requested attribute [{}] in metadata for [{}]", name, service.getName());
            return attributes.containsKey(name);
        }).forEach(attr -> {
            final String name = this.useFriendlyName ? attr.getFriendlyName() : attr.getName();
            LOGGER.debug("Found requested attribute [{}] in metadata for [{}]", name, service.getName());
            releaseAttributes.put(name, attributes.get(name));
        }));
    }
    return releaseAttributes;
}
Also used : Setter(lombok.Setter) Getter(lombok.Getter) SamlRegisteredServiceCachingMetadataResolver(org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver) EqualsAndHashCode(lombok.EqualsAndHashCode) ApplicationContext(org.springframework.context.ApplicationContext) SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor) LinkedHashMap(java.util.LinkedHashMap) Slf4j(lombok.extern.slf4j.Slf4j) Map(java.util.Map) ToString(lombok.ToString) SamlRegisteredServiceServiceProviderMetadataFacade(org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade) AllArgsConstructor(lombok.AllArgsConstructor) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) NoArgsConstructor(lombok.NoArgsConstructor) SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor) ToString(lombok.ToString) LinkedHashMap(java.util.LinkedHashMap)

Example 4 with EntityDescriptor

use of org.opensaml.saml2.metadata.EntityDescriptor in project ddf by codice.

the class MetadataConfigurationParser method parseEntityDescriptions.

private void parseEntityDescriptions(List<String> entityDescriptions) throws IOException {
    String ddfHome = System.getProperty("ddf.home");
    for (String entityDescription : entityDescriptions) {
        buildEntityDescriptor(entityDescription);
    }
    Path metadataFolder = Paths.get(ddfHome, ETC_FOLDER, METADATA_ROOT_FOLDER);
    try (DirectoryStream<Path> directoryStream = Files.newDirectoryStream(metadataFolder)) {
        for (Path path : directoryStream) {
            if (Files.isReadable(path)) {
                try (InputStream fileInputStream = Files.newInputStream(path)) {
                    EntityDescriptor entityDescriptor = readEntityDescriptor(new InputStreamReader(fileInputStream, "UTF-8"));
                    LOGGER.info("entityId = {}", entityDescriptor.getEntityID());
                    entityDescriptorMap.put(entityDescriptor.getEntityID(), entityDescriptor);
                    if (updateCallback != null) {
                        updateCallback.accept(entityDescriptor);
                    }
                }
            }
        }
    } catch (NoSuchFileException e) {
        LOGGER.debug("IDP metadata directory is not configured.", e);
    }
}
Also used : Path(java.nio.file.Path) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) InputStreamReader(java.io.InputStreamReader) InputStream(java.io.InputStream) NoSuchFileException(java.nio.file.NoSuchFileException)

Example 5 with EntityDescriptor

use of org.opensaml.saml2.metadata.EntityDescriptor in project ddf by codice.

the class MetadataConfigurationParser method buildEntityDescriptor.

private void buildEntityDescriptor(String entityDescription) throws IOException {
    EntityDescriptor entityDescriptor = null;
    entityDescription = entityDescription.trim();
    if (entityDescription.startsWith(HTTPS) || entityDescription.startsWith(HTTP)) {
        if (entityDescription.startsWith(HTTP)) {
            LOGGER.warn("Retrieving metadata via HTTP instead of HTTPS. The metadata configuration is unsafe!!!");
        }
        PropertyResolver propertyResolver = new PropertyResolver(entityDescription);
        HttpTransport httpTransport = new NetHttpTransport();
        HttpRequest httpRequest = httpTransport.createRequestFactory().buildGetRequest(new GenericUrl(propertyResolver.getResolvedString()));
        httpRequest.setUnsuccessfulResponseHandler(new HttpBackOffUnsuccessfulResponseHandler(new ExponentialBackOff()).setBackOffRequired(HttpBackOffUnsuccessfulResponseHandler.BackOffRequired.ALWAYS));
        httpRequest.setIOExceptionHandler(new HttpBackOffIOExceptionHandler(new ExponentialBackOff()));
        ListeningExecutorService service = MoreExecutors.listeningDecorator(Executors.newSingleThreadExecutor());
        ListenableFuture<HttpResponse> httpResponseFuture = service.submit(httpRequest::execute);
        Futures.addCallback(httpResponseFuture, new FutureCallback<HttpResponse>() {

            @Override
            public void onSuccess(HttpResponse httpResponse) {
                if (httpResponse != null) {
                    try {
                        String parsedResponse = httpResponse.parseAsString();
                        buildEntityDescriptor(parsedResponse);
                    } catch (IOException e) {
                        LOGGER.info("Unable to parse metadata from: {}", httpResponse.getRequest().getUrl().toString(), e);
                    }
                }
            }

            @Override
            public void onFailure(Throwable throwable) {
                LOGGER.info("Unable to retrieve metadata.", throwable);
            }
        });
        service.shutdown();
    } else if (entityDescription.startsWith(FILE + System.getProperty("ddf.home"))) {
        String pathStr = StringUtils.substringAfter(entityDescription, FILE);
        Path path = Paths.get(pathStr);
        if (Files.isReadable(path)) {
            try (InputStream fileInputStream = Files.newInputStream(path)) {
                entityDescriptor = readEntityDescriptor(new InputStreamReader(fileInputStream, "UTF-8"));
            }
        }
    } else if (entityDescription.startsWith("<") && entityDescription.endsWith(">")) {
        entityDescriptor = readEntityDescriptor(new StringReader(entityDescription));
    } else {
        LOGGER.info("Skipping unknown metadata configuration value: {}", entityDescription);
    }
    if (entityDescriptor != null) {
        entityDescriptorMap.put(entityDescriptor.getEntityID(), entityDescriptor);
        if (updateCallback != null) {
            updateCallback.accept(entityDescriptor);
        }
    }
}
Also used : HttpRequest(com.google.api.client.http.HttpRequest) Path(java.nio.file.Path) HttpBackOffIOExceptionHandler(com.google.api.client.http.HttpBackOffIOExceptionHandler) HttpBackOffUnsuccessfulResponseHandler(com.google.api.client.http.HttpBackOffUnsuccessfulResponseHandler) InputStreamReader(java.io.InputStreamReader) InputStream(java.io.InputStream) HttpResponse(com.google.api.client.http.HttpResponse) GenericUrl(com.google.api.client.http.GenericUrl) IOException(java.io.IOException) PropertyResolver(org.codice.ddf.configuration.PropertyResolver) ExponentialBackOff(com.google.api.client.util.ExponentialBackOff) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) NetHttpTransport(com.google.api.client.http.javanet.NetHttpTransport) HttpTransport(com.google.api.client.http.HttpTransport) NetHttpTransport(com.google.api.client.http.javanet.NetHttpTransport) StringReader(java.io.StringReader) ListeningExecutorService(com.google.common.util.concurrent.ListeningExecutorService)

Aggregations

EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)60 Test (org.junit.jupiter.api.Test)15 KeyDescriptor (org.opensaml.saml.saml2.metadata.KeyDescriptor)13 EntityDescriptorBuilder.anEntityDescriptor (uk.gov.ida.saml.core.test.builders.metadata.EntityDescriptorBuilder.anEntityDescriptor)11 CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)8 Test (org.junit.Test)8 IDPSSODescriptor (org.opensaml.saml.saml2.metadata.IDPSSODescriptor)8 SingleSignOnService (org.opensaml.saml.saml2.metadata.SingleSignOnService)8 List (java.util.List)7 EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)7 AssertionConsumerService (org.opensaml.saml.saml2.metadata.AssertionConsumerService)7 X509Certificate (org.opensaml.xmlsec.signature.X509Certificate)7 IOException (java.io.IOException)6 InputStream (java.io.InputStream)6 ArrayList (java.util.ArrayList)6 SPSSODescriptor (org.opensaml.saml.saml2.metadata.SPSSODescriptor)6 InputStreamReader (java.io.InputStreamReader)5 SamlRegisteredServiceServiceProviderMetadataFacade (org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade)5 SamlRegisteredServiceCachingMetadataResolver (org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver)5 ApplicationContext (org.springframework.context.ApplicationContext)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial