Example 1 with EncryptionException
use of org.xdi.util.security.StringEncrypter.EncryptionException in project oxTrust by GluuFederation.
the class Shibboleth3ConfService method generateIdpConfigurationFiles.
public boolean generateIdpConfigurationFiles() {
if (appConfiguration.getShibboleth3IdpRootDir() == null) {
throw new InvalidConfigurationException("Failed to update configuration due to undefined IDP root folder");
}
String idpConfFolder = getIdpConfDir();
// Prepare data for files
VelocityContext context = new VelocityContext();
// white spaces or comma
String regx = "\\s*(=>|,|\\s)\\s*";
String[] ldapUrls = appConfiguration.getIdpLdapServer().split(regx);
String ldapUrl = "";
if (ldapUrls != null) {
for (String ldapServer : ldapUrls) {
if (ldapUrl.length() > 1) {
ldapUrl = ldapUrl + " ";
}
ldapUrl = ldapUrl + appConfiguration.getIdpLdapProtocol() + "://" + ldapServer;
}
} else {
ldapUrl = appConfiguration.getIdpLdapProtocol() + "://" + appConfiguration.getIdpLdapServer();
}
String host = ldapUrl;
String base = appConfiguration.getBaseDN();
String serviceUser = appConfiguration.getIdpBindDn();
String serviceCredential = "";
try {
serviceCredential = encryptionService.decrypt(appConfiguration.getIdpBindPassword());
} catch (EncryptionException e) {
log.error("Failed to decrypt bindPassword", e);
e.printStackTrace();
}
String userField = appConfiguration.getIdpUserFields();
context.put("host", host);
context.put("base", base);
context.put("serviceUser", serviceUser);
context.put("serviceCredential", serviceCredential);
context.put("userField", userField);
// Generate login.config
String loginConfig = templateService.generateConfFile(SHIB3_IDP_LOGIN_CONFIG_FILE, context);
boolean result = (loginConfig != null);
// Write login.config
result &= templateService.writeConfFile(idpConfFolder + SHIB3_IDP_LOGIN_CONFIG_FILE, loginConfig);
return result;
}
Also used :
VelocityContext(org.apache.velocity.VelocityContext)
EncryptionException(org.xdi.util.security.StringEncrypter.EncryptionException)
InvalidConfigurationException(org.xdi.util.exception.InvalidConfigurationException)
Example 2 with EncryptionException
use of org.xdi.util.security.StringEncrypter.EncryptionException in project oxTrust by GluuFederation.
the class OAuthValidationFilter method getOAuthData.
private OAuthData getOAuthData(HttpServletRequest request, String authorizationCode, String idToken) throws Exception {
String oAuthAuthorizeUrl = getPropertyFromInitParams(null, Configuration.OAUTH_PROPERTY_AUTHORIZE_URL, null);
String oAuthHost = getOAuthHost(oAuthAuthorizeUrl);
String oAuthTokenUrl = getPropertyFromInitParams(null, Configuration.OAUTH_PROPERTY_TOKEN_URL, null);
String oAuthUserInfoUrl = getPropertyFromInitParams(null, Configuration.OAUTH_PROPERTY_USERINFO_URL, null);
String oAuthClientId = getPropertyFromInitParams(null, Configuration.OAUTH_PROPERTY_CLIENT_ID, null);
String oAuthClientPassword = getPropertyFromInitParams(null, Configuration.OAUTH_PROPERTY_CLIENT_PASSWORD, null);
if (oAuthClientPassword != null) {
try {
oAuthClientPassword = StringEncrypter.defaultInstance().decrypt(oAuthClientPassword, Configuration.instance().getCryptoPropertyValue());
} catch (EncryptionException ex) {
log.error("Failed to decrypt property: " + Configuration.OAUTH_PROPERTY_CLIENT_PASSWORD, ex);
}
}
String scopes = getParameter(request, Configuration.OAUTH_SCOPE);
log.trace("scopes : " + scopes);
// 1. Request access token using the authorization code
log.trace("Getting access token");
TokenClient tokenClient1 = new TokenClient(oAuthTokenUrl);
String redirectURL = constructRedirectUrl(request);
TokenResponse tokenResponse = tokenClient1.execAuthorizationCode(authorizationCode, redirectURL, oAuthClientId, oAuthClientPassword);
log.trace("tokenResponse : " + tokenResponse);
log.trace("tokenResponse.getErrorType() : " + tokenResponse.getErrorType());
String accessToken = tokenResponse.getAccessToken();
log.trace("accessToken : " + accessToken);
log.info("Session validation successful. User is logged in");
UserInfoClient userInfoClient = new UserInfoClient(oAuthUserInfoUrl);
UserInfoResponse userInfoResponse = userInfoClient.execUserInfo(accessToken);
OAuthData oAuthData = new OAuthData();
oAuthData.setHost(oAuthHost);
// Determine uid
List<String> uidValues = userInfoResponse.getClaims().get(JwtClaimName.USER_NAME);
if ((uidValues == null) || (uidValues.size() == 0)) {
log.error("User infor response doesn't contains uid claim");
return null;
}
oAuthData.setUserUid(uidValues.get(0));
oAuthData.setAccessToken(accessToken);
oAuthData.setAccessTokenExpirationInSeconds(tokenResponse.getExpiresIn());
oAuthData.setScopes(scopes);
oAuthData.setIdToken(idToken);
log.trace("User uid: " + oAuthData.getUserUid());
return oAuthData;
}
Also used :
EncryptionException(org.xdi.util.security.StringEncrypter.EncryptionException)
OAuthData(org.gluu.oxauth.client.session.OAuthData)
Example 3 with EncryptionException
use of org.xdi.util.security.StringEncrypter.EncryptionException in project oxAuth by GluuFederation.
the class ApplicationFactory method getSmtpConfiguration.
@Produces
@ApplicationScoped
public SmtpConfiguration getSmtpConfiguration() {
GluuAppliance appliance = applianceService.getAppliance();
SmtpConfiguration smtpConfiguration = appliance.getSmtpConfiguration();
if (smtpConfiguration == null) {
return null;
}
String password = smtpConfiguration.getPassword();
if (StringHelper.isNotEmpty(password)) {
try {
smtpConfiguration.setPasswordDecrypted(encryptionService.decrypt(password));
} catch (EncryptionException ex) {
log.error("Failed to decript SMTP user password", ex);
}
}
return smtpConfiguration;
}
Also used :
GluuAppliance(org.xdi.oxauth.model.appliance.GluuAppliance)
SmtpConfiguration(org.xdi.model.SmtpConfiguration)
EncryptionException(org.xdi.util.security.StringEncrypter.EncryptionException)
Produces(javax.enterprise.inject.Produces)
ApplicationScoped(javax.enterprise.context.ApplicationScoped)
Example 4 with EncryptionException
use of org.xdi.util.security.StringEncrypter.EncryptionException in project oxTrust by GluuFederation.
the class Shibboleth3ConfService method prepareVelocityContext.
private VelocityContext prepareVelocityContext(HashMap<String, Object> trustParams, HashMap<String, Object> attrParams, HashMap<String, Object> casParams, HashMap<String, Object> attrResolverParams, String idpMetadataFolder) {
VelocityContext context = new VelocityContext();
context.put("StringHelper", StringHelper.class);
context.put("trustParams", trustParams);
context.put("attrParams", attrParams);
context.put("casParams", casParams);
context.put("resovlerParams", attrResolverParams);
context.put("medataFolder", idpMetadataFolder);
context.put("applianceInum", StringHelper.removePunctuation(applianceService.getApplianceInum()));
context.put("orgInum", StringHelper.removePunctuation(organizationService.getOrganizationInum()));
context.put("orgSupportEmail", appConfiguration.getOrgSupportEmail());
String idpUrl = appConfiguration.getIdpUrl();
context.put("idpUrl", idpUrl);
String idpHost = idpUrl.replaceAll(":[0-9]*$", "");
context.put("idpHost", idpHost);
String spUrl = appConfiguration.getApplianceUrl();
context.put("spUrl", spUrl);
String spHost = spUrl.replaceAll(":[0-9]*$", "").replaceAll("^.*?//", "");
context.put("spHost", spHost);
String gluuSPInum = applianceService.getAppliance().getGluuSPTR();
String gluuSPEntityId = trustService.getRelationshipByInum(gluuSPInum).getEntityId();
context.put("gluuSPEntityId", gluuSPEntityId);
// white spaces or comma
String regx = "\\s*(=>|,|\\s)\\s*";
String[] ldapUrls = appConfiguration.getIdpLdapServer().split(regx);
String ldapUrl = "";
if (ldapUrls != null) {
for (String ldapServer : ldapUrls) {
if (ldapUrl.length() > 1)
ldapUrl = ldapUrl + " ";
ldapUrl = ldapUrl + appConfiguration.getIdpLdapProtocol() + "://" + ldapServer;
}
} else {
ldapUrl = appConfiguration.getIdpLdapProtocol() + "://" + appConfiguration.getIdpLdapServer();
}
context.put("ldapUrl", ldapUrl);
context.put("bindDN", appConfiguration.getIdpBindDn());
try {
context.put("ldapPass", encryptionService.decrypt(appConfiguration.getIdpBindPassword()));
} catch (EncryptionException e) {
log.error("Failed to decrypt bindPassword", e);
e.printStackTrace();
}
context.put("securityKey", appConfiguration.getIdpSecurityKey());
context.put("securityCert", appConfiguration.getIdpSecurityCert());
try {
context.put("securityKeyPassword", encryptionService.decrypt(appConfiguration.getIdpSecurityKeyPassword()));
} catch (EncryptionException e) {
log.error("Failed to decrypt idp.securityKeyPassword", e);
e.printStackTrace();
}
return context;
}
Also used :
VelocityContext(org.apache.velocity.VelocityContext)
EncryptionException(org.xdi.util.security.StringEncrypter.EncryptionException)
Example 5 with EncryptionException
use of org.xdi.util.security.StringEncrypter.EncryptionException in project oxTrust by GluuFederation.
the class BaseUmaProtectionService method retrievePatToken.
private void retrievePatToken() throws UmaProtectionException {
this.umaPat = null;
if (umaMetadata == null) {
return;
}
String umaClientKeyStoreFile = getClientKeyStoreFile();
String umaClientKeyStorePassword = getClientKeyStorePassword();
if (StringHelper.isEmpty(umaClientKeyStoreFile) || StringHelper.isEmpty(umaClientKeyStorePassword)) {
throw new UmaProtectionException("UMA JKS keystore path or password is empty");
}
if (umaClientKeyStorePassword != null) {
try {
umaClientKeyStorePassword = encryptionService.decrypt(umaClientKeyStorePassword);
} catch (EncryptionException ex) {
log.error("Failed to decrypt UmaClientKeyStorePassword password", ex);
}
}
try {
this.umaPat = UmaClient.requestPat(umaMetadata.getTokenEndpoint(), umaClientKeyStoreFile, umaClientKeyStorePassword, getClientId(), getClientKeyId());
if (this.umaPat == null) {
this.umaPatAccessTokenExpiration = 0l;
} else {
this.umaPatAccessTokenExpiration = computeAccessTokenExpirationTime(this.umaPat.getExpiresIn());
}
} catch (Exception ex) {
throw new UmaProtectionException("Failed to obtain valid UMA PAT token", ex);
}
if ((this.umaPat == null) || (this.umaPat.getAccessToken() == null)) {
throw new UmaProtectionException("Failed to obtain valid UMA PAT token");
}
}
Also used :
UmaProtectionException(org.gluu.oxtrust.exception.UmaProtectionException)
EncryptionException(org.xdi.util.security.StringEncrypter.EncryptionException)
UmaProtectionException(org.gluu.oxtrust.exception.UmaProtectionException)
EncryptionException(org.xdi.util.security.StringEncrypter.EncryptionException)
Aggregations
EncryptionException (org.xdi.util.security.StringEncrypter.EncryptionException)5
VelocityContext (org.apache.velocity.VelocityContext)2
ApplicationScoped (javax.enterprise.context.ApplicationScoped)1
Produces (javax.enterprise.inject.Produces)1
OAuthData (org.gluu.oxauth.client.session.OAuthData)1
UmaProtectionException (org.gluu.oxtrust.exception.UmaProtectionException)1
SmtpConfiguration (org.xdi.model.SmtpConfiguration)1
GluuAppliance (org.xdi.oxauth.model.appliance.GluuAppliance)1
InvalidConfigurationException (org.xdi.util.exception.InvalidConfigurationException)1
