Example 1 with OrganizationDisplayName
use of org.opensaml.saml2.metadata.OrganizationDisplayName in project cloudstack by apache.
the class SAML2AuthManagerImpl method addIdpToMap.
private void addIdpToMap(EntityDescriptor descriptor, Map<String, SAMLProviderMetadata> idpMap) {
SAMLProviderMetadata idpMetadata = new SAMLProviderMetadata();
idpMetadata.setEntityId(descriptor.getEntityID());
s_logger.debug("Adding IdP to the list of discovered IdPs: " + descriptor.getEntityID());
if (descriptor.getOrganization() != null) {
if (descriptor.getOrganization().getDisplayNames() != null) {
for (OrganizationDisplayName orgName : descriptor.getOrganization().getDisplayNames()) {
if (orgName != null && orgName.getName() != null) {
idpMetadata.setOrganizationName(orgName.getName().getLocalString());
break;
}
}
}
if (idpMetadata.getOrganizationName() == null && descriptor.getOrganization().getOrganizationNames() != null) {
for (OrganizationName orgName : descriptor.getOrganization().getOrganizationNames()) {
if (orgName != null && orgName.getName() != null) {
idpMetadata.setOrganizationName(orgName.getName().getLocalString());
break;
}
}
}
if (descriptor.getOrganization().getURLs() != null) {
for (OrganizationURL organizationURL : descriptor.getOrganization().getURLs()) {
if (organizationURL != null && organizationURL.getURL() != null) {
idpMetadata.setOrganizationUrl(organizationURL.getURL().getLocalString());
break;
}
}
}
}
if (descriptor.getContactPersons() != null) {
for (ContactPerson person : descriptor.getContactPersons()) {
if (person == null || (person.getGivenName() == null && person.getSurName() == null) || person.getEmailAddresses() == null) {
continue;
}
if (person.getGivenName() != null) {
idpMetadata.setContactPersonName(person.getGivenName().getName());
} else if (person.getSurName() != null) {
idpMetadata.setContactPersonName(person.getSurName().getName());
}
for (EmailAddress emailAddress : person.getEmailAddresses()) {
if (emailAddress != null && emailAddress.getAddress() != null) {
idpMetadata.setContactPersonEmail(emailAddress.getAddress());
}
}
if (idpMetadata.getContactPersonName() != null && idpMetadata.getContactPersonEmail() != null) {
break;
}
}
}
IDPSSODescriptor idpDescriptor = descriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
if (idpDescriptor != null) {
if (idpDescriptor.getSingleSignOnServices() != null) {
for (SingleSignOnService ssos : idpDescriptor.getSingleSignOnServices()) {
if (ssos.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
idpMetadata.setSsoUrl(ssos.getLocation());
}
}
}
if (idpDescriptor.getSingleLogoutServices() != null) {
for (SingleLogoutService slos : idpDescriptor.getSingleLogoutServices()) {
if (slos.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
idpMetadata.setSloUrl(slos.getLocation());
}
}
}
X509Certificate unspecifiedKey = null;
if (idpDescriptor.getKeyDescriptors() != null) {
for (KeyDescriptor kd : idpDescriptor.getKeyDescriptors()) {
if (kd.getUse() == UsageType.SIGNING) {
try {
idpMetadata.setSigningCertificate(KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0));
} catch (CertificateException ignored) {
s_logger.info("[ignored] encountered invalid certificate signing.", ignored);
}
}
if (kd.getUse() == UsageType.ENCRYPTION) {
try {
idpMetadata.setEncryptionCertificate(KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0));
} catch (CertificateException ignored) {
s_logger.info("[ignored] encountered invalid certificate encryption.", ignored);
}
}
if (kd.getUse() == UsageType.UNSPECIFIED) {
try {
unspecifiedKey = KeyInfoHelper.getCertificates(kd.getKeyInfo()).get(0);
} catch (CertificateException ignored) {
s_logger.info("[ignored] encountered invalid certificate.", ignored);
}
}
}
}
if (idpMetadata.getSigningCertificate() == null && unspecifiedKey != null) {
idpMetadata.setSigningCertificate(unspecifiedKey);
}
if (idpMetadata.getEncryptionCertificate() == null && unspecifiedKey != null) {
idpMetadata.setEncryptionCertificate(unspecifiedKey);
}
if (idpMap.containsKey(idpMetadata.getEntityId())) {
s_logger.warn("Duplicate IdP metadata found with entity Id: " + idpMetadata.getEntityId());
}
idpMap.put(idpMetadata.getEntityId(), idpMetadata);
}
}
Also used :
OrganizationName(org.opensaml.saml2.metadata.OrganizationName)
OrganizationDisplayName(org.opensaml.saml2.metadata.OrganizationDisplayName)
IDPSSODescriptor(org.opensaml.saml2.metadata.IDPSSODescriptor)
SingleLogoutService(org.opensaml.saml2.metadata.SingleLogoutService)
KeyDescriptor(org.opensaml.saml2.metadata.KeyDescriptor)
SingleSignOnService(org.opensaml.saml2.metadata.SingleSignOnService)
CertificateException(java.security.cert.CertificateException)
ContactPerson(org.opensaml.saml2.metadata.ContactPerson)
EmailAddress(org.opensaml.saml2.metadata.EmailAddress)
X509Certificate(java.security.cert.X509Certificate)
OrganizationURL(org.opensaml.saml2.metadata.OrganizationURL)
Aggregations
CertificateException (java.security.cert.CertificateException)1
X509Certificate (java.security.cert.X509Certificate)1
ContactPerson (org.opensaml.saml2.metadata.ContactPerson)1
EmailAddress (org.opensaml.saml2.metadata.EmailAddress)1
IDPSSODescriptor (org.opensaml.saml2.metadata.IDPSSODescriptor)1
KeyDescriptor (org.opensaml.saml2.metadata.KeyDescriptor)1
OrganizationDisplayName (org.opensaml.saml2.metadata.OrganizationDisplayName)1
OrganizationName (org.opensaml.saml2.metadata.OrganizationName)1
OrganizationURL (org.opensaml.saml2.metadata.OrganizationURL)1
SingleLogoutService (org.opensaml.saml2.metadata.SingleLogoutService)1
SingleSignOnService (org.opensaml.saml2.metadata.SingleSignOnService)1
