Example 1 with SAMLIdentityMapping
use of pl.edu.icm.unity.saml.console.SAMLIdentityMapping in project unity by unity-idm.
the class SAMLEditorGeneralTab method buildIdenityTypeMappingSection.
private CollapsibleLayout buildIdenityTypeMappingSection() {
VerticalLayout idTypeMappingLayout = new VerticalLayout();
idTypeMappingLayout.setMargin(false);
GridWithEditor<SAMLIdentityMapping> idMappings = new GridWithEditor<>(msg, SAMLIdentityMapping.class);
idTypeMappingLayout.addComponent(idMappings);
idMappings.addComboColumn(s -> s.getUnityId(), (t, v) -> t.setUnityId(v), msg.getMessage("SAMLEditorGeneralTab.idMappings.unityId"), idTypes.stream().map(t -> t.getName()).collect(Collectors.toList()), 30, false);
idMappings.addTextColumn(s -> s.getSamlId(), (t, v) -> t.setSamlId(v), msg.getMessage("SAMLEditorGeneralTab.idMappings.samlId"), 70, false);
idMappings.setWidth(FieldSizeConstans.WIDE_FIELD_WIDTH, FieldSizeConstans.WIDE_FIELD_WIDTH_UNIT);
configBinder.forField(idMappings).bind("identityMapping");
return new CollapsibleLayout(msg.getMessage("SAMLEditorGeneralTab.idenityTypeMapping"), idTypeMappingLayout);
}
Also used :
CollapsibleLayout(pl.edu.icm.unity.webui.common.CollapsibleLayout)
VerticalLayout(com.vaadin.ui.VerticalLayout)
SAMLIdentityMapping(pl.edu.icm.unity.saml.console.SAMLIdentityMapping)
GridWithEditor(pl.edu.icm.unity.webui.common.GridWithEditor)
Example 2 with SAMLIdentityMapping
use of pl.edu.icm.unity.saml.console.SAMLIdentityMapping in project unity by unity-idm.
the class SAMLServiceConfiguration method fromProperties.
public void fromProperties(String properties, MessageSource msg, URIAccessService uriAccessService, ImageAccessService imageAccessService, PKIManagement pkiManagement, List<Group> allGroups) throws ConfigurationException {
Properties raw = new Properties();
try {
raw.load(new StringReader(properties));
} catch (IOException e) {
throw new InternalException("Invalid configuration of the SAML idp service", e);
}
VaadinEndpointProperties vProperties = new VaadinEndpointProperties(raw);
SamlIdpProperties samlIdpProperties = new SamlIdpProperties(raw, pkiManagement);
issuerURI = samlIdpProperties.getValue(SamlIdpProperties.ISSUER_URI);
signResponcePolicy = samlIdpProperties.getEnumValue(SamlIdpProperties.SIGN_RESPONSE, ResponseSigningPolicy.class);
signAssertionPolicy = samlIdpProperties.getEnumValue(SamlIdpProperties.SIGN_ASSERTION, AssertionSigningPolicy.class);
signResponseCredential = samlIdpProperties.getValue(SamlIdpProperties.CREDENTIAL);
httpsTruststore = samlIdpProperties.getValue(SamlIdpProperties.TRUSTSTORE);
skipConsentScreen = samlIdpProperties.getBooleanValue(CommonIdPProperties.SKIP_CONSENT);
editableConsentScreen = samlIdpProperties.getBooleanValue(SamlIdpProperties.USER_EDIT_CONSENT);
requestAcceptancePolicy = samlIdpProperties.getEnumValue(SamlIdpProperties.SP_ACCEPT_POLICY, RequestAcceptancePolicy.class);
if (samlIdpProperties.isSet(SamlProperties.PUBLISH_METADATA)) {
publishMetadata = samlIdpProperties.getBooleanValue(SamlProperties.PUBLISH_METADATA);
}
if (samlIdpProperties.isSet(SamlProperties.SIGN_METADATA)) {
signMetadata = samlIdpProperties.getBooleanValue(SamlProperties.SIGN_METADATA);
}
if (samlIdpProperties.isSet(SamlProperties.METADATA_SOURCE)) {
autoGenerateMetadata = false;
String metaUri = samlIdpProperties.getValue(SamlProperties.METADATA_SOURCE);
try {
URI uri = URIHelper.parseURI(metaUri);
if (URIHelper.isWebReady(uri)) {
metadataSource = new LocalOrRemoteResource(uri.toString());
} else {
FileData fileData = uriAccessService.readURI(uri);
metadataSource = new LocalOrRemoteResource(fileData.getContents(), uri.toString());
}
} catch (Exception e) {
log.error("Can not load configured metadata from uri: " + metaUri);
}
} else {
autoGenerateMetadata = true;
}
authenticationTimeout = samlIdpProperties.getIntValue(SamlIdpProperties.AUTHENTICATION_TIMEOUT);
requestValidity = samlIdpProperties.getIntValue(SamlIdpProperties.SAML_REQUEST_VALIDITY);
attrAssertionValidity = samlIdpProperties.getIntValue(SamlIdpProperties.DEF_ATTR_ASSERTION_VALIDITY);
returnSingleAssertion = samlIdpProperties.getBooleanValue(SamlIdpProperties.RETURN_SINGLE_ASSERTION);
Set<String> identityMappingKeys = samlIdpProperties.getStructuredListKeys(SamlIdpProperties.IDENTITY_MAPPING_PFX);
identityMapping = new ArrayList<>();
identityMappingKeys.forEach(key -> {
SAMLIdentityMapping m = new SAMLIdentityMapping();
if (samlIdpProperties.getValue(key + SamlIdpProperties.IDENTITY_LOCAL) != null && !samlIdpProperties.getValue(key + SamlIdpProperties.IDENTITY_LOCAL).isEmpty()) {
m.setUnityId(samlIdpProperties.getValue(key + SamlIdpProperties.IDENTITY_LOCAL));
}
if (samlIdpProperties.getValue(key + SamlIdpProperties.IDENTITY_SAML) != null && !samlIdpProperties.getValue(key + SamlIdpProperties.IDENTITY_SAML).isEmpty()) {
m.setSamlId(samlIdpProperties.getValue(key + SamlIdpProperties.IDENTITY_SAML));
}
identityMapping.add(m);
});
if (samlIdpProperties.isSet(CommonIdPProperties.EMBEDDED_TRANSLATION_PROFILE)) {
translationProfile = TranslationProfileGenerator.getProfileFromString(samlIdpProperties.getValue(CommonIdPProperties.EMBEDDED_TRANSLATION_PROFILE));
} else if (samlIdpProperties.getValue(CommonIdPProperties.TRANSLATION_PROFILE) != null) {
translationProfile = TranslationProfileGenerator.generateIncludeOutputProfile(samlIdpProperties.getValue(CommonIdPProperties.TRANSLATION_PROFILE));
} else {
translationProfile = TranslationProfileGenerator.generateIncludeOutputProfile(SamlIdpProperties.DEFAULT_TRANSLATION_PROFILE);
}
String usersGroupPath = samlIdpProperties.getValue(SamlIdpProperties.DEFAULT_GROUP);
usersGroup = new GroupWithIndentIndicator(allGroups.stream().filter(g -> g.toString().equals(usersGroupPath)).findFirst().orElse(new Group(usersGroupPath)), false);
Set<String> fedKeys = samlIdpProperties.getStructuredListKeys(SamlIdpProperties.SPMETA_PREFIX);
trustedFederations = new ArrayList<>();
fedKeys.forEach(key -> {
SAMLServiceTrustedFederationConfiguration fed = new SAMLServiceTrustedFederationConfiguration();
key = key.substring(SamlIdpProperties.SPMETA_PREFIX.length(), key.length() - 1);
fed.fromProperties(samlIdpProperties, key);
trustedFederations.add(fed);
});
Set<String> spKeys = samlIdpProperties.getStructuredListKeys(SamlIdpProperties.ALLOWED_SP_PREFIX);
individualTrustedSPs = new ArrayList<>();
spKeys.forEach(key -> {
SAMLIndividualTrustedSPConfiguration idp = new SAMLIndividualTrustedSPConfiguration();
key = key.substring(SamlIdpProperties.ALLOWED_SP_PREFIX.length(), key.length() - 1);
idp.fromProperties(msg, imageAccessService, samlIdpProperties, key, vProperties.getEffectiveMainTheme());
individualTrustedSPs.add(idp);
});
activeValueSelections = new ArrayList<>();
Set<String> attrKeys = samlIdpProperties.getStructuredListKeys(CommonIdPProperties.ACTIVE_VALUE_SELECTION_PFX);
for (String attrKey : attrKeys) {
String id = samlIdpProperties.getValue(attrKey + CommonIdPProperties.ACTIVE_VALUE_CLIENT);
List<String> sattrs = samlIdpProperties.getListOfValues(attrKey + CommonIdPProperties.ACTIVE_VALUE_SINGLE_SELECTABLE);
List<String> mattrs = samlIdpProperties.getListOfValues(attrKey + CommonIdPProperties.ACTIVE_VALUE_MULTI_SELECTABLE);
ActiveValueConfig ativeValConfig = new ActiveValueConfig();
ativeValConfig.setClientId(id);
ativeValConfig.setSingleSelectableAttributes(sattrs);
ativeValConfig.setMultiSelectableAttributes(mattrs);
activeValueSelections.add(ativeValConfig);
}
Set<String> groupMappingsKeys = samlIdpProperties.getStructuredListKeys(SamlIdpProperties.GROUP_PFX);
groupMappings = new ArrayList<>();
groupMappingsKeys.forEach(key -> {
GroupMapping mapping = new GroupMapping();
if (samlIdpProperties.getValue(key + SamlIdpProperties.GROUP_TARGET) != null && !samlIdpProperties.getValue(key + SamlIdpProperties.GROUP_TARGET).isEmpty()) {
mapping.setClientId(samlIdpProperties.getValue(key + SamlIdpProperties.GROUP_TARGET));
}
if (samlIdpProperties.getValue(key + SamlIdpProperties.GROUP) != null && !samlIdpProperties.getValue(key + SamlIdpProperties.GROUP).isEmpty()) {
String group = samlIdpProperties.getValue(key + SamlIdpProperties.GROUP);
mapping.setGroup(new GroupWithIndentIndicator(allGroups.stream().filter(g -> g.toString().equals(group)).findFirst().orElse(new Group(group)), false));
}
groupMappings.add(mapping);
});
skipUserImport = samlIdpProperties.getBooleanValue(CommonIdPProperties.SKIP_USERIMPORT);
Set<String> importKeys = samlIdpProperties.getStructuredListKeys(CommonIdPProperties.USERIMPORT_PFX);
for (String importKey : importKeys) {
String importer = samlIdpProperties.getValue(importKey + CommonIdPProperties.USERIMPORT_IMPORTER);
String identityType = samlIdpProperties.getValue(importKey + CommonIdPProperties.USERIMPORT_IDENTITY_TYPE);
UserImportConfig userImportConfig = new UserImportConfig();
userImportConfig.setImporter(importer);
userImportConfig.setIdentityType(identityType);
userImports.add(userImportConfig);
}
policyAgreementConfig = IdpPolicyAgreementsConfigurationParser.fromPropoerties(msg, samlIdpProperties);
}
Also used :
Group(pl.edu.icm.unity.types.basic.Group)
VaadinEndpointProperties(pl.edu.icm.unity.webui.VaadinEndpointProperties)
SamlIdpProperties(pl.edu.icm.unity.saml.idp.SamlIdpProperties)
VaadinEndpointProperties(pl.edu.icm.unity.webui.VaadinEndpointProperties)
SamlProperties(pl.edu.icm.unity.saml.SamlProperties)
Properties(java.util.Properties)
CommonIdPProperties(pl.edu.icm.unity.engine.api.idp.CommonIdPProperties)
URI(java.net.URI)
StringReader(java.io.StringReader)
LocalOrRemoteResource(pl.edu.icm.unity.webui.common.binding.LocalOrRemoteResource)
FileData(pl.edu.icm.unity.base.file.FileData)
ActiveValueConfig(pl.edu.icm.unity.webui.console.services.idp.ActiveValueConfig)
GroupWithIndentIndicator(pl.edu.icm.unity.webui.common.groups.GroupWithIndentIndicator)
IOException(java.io.IOException)
AssertionSigningPolicy(pl.edu.icm.unity.saml.idp.SamlIdpProperties.AssertionSigningPolicy)
InternalException(pl.edu.icm.unity.exceptions.InternalException)
IOException(java.io.IOException)
ConfigurationException(eu.unicore.util.configuration.ConfigurationException)
InternalException(pl.edu.icm.unity.exceptions.InternalException)
UserImportConfig(pl.edu.icm.unity.webui.console.services.idp.UserImportConfig)
ResponseSigningPolicy(pl.edu.icm.unity.saml.idp.SamlIdpProperties.ResponseSigningPolicy)
RequestAcceptancePolicy(pl.edu.icm.unity.saml.idp.SamlIdpProperties.RequestAcceptancePolicy)
SAMLIdentityMapping(pl.edu.icm.unity.saml.console.SAMLIdentityMapping)
SamlIdpProperties(pl.edu.icm.unity.saml.idp.SamlIdpProperties)
Example 3 with SAMLIdentityMapping
use of pl.edu.icm.unity.saml.console.SAMLIdentityMapping in project unity by unity-idm.
the class SAMLAuthenticatorEditor method buildSingleLogoutSection.
private CollapsibleLayout buildSingleLogoutSection() {
FormLayoutWithFixedCaptionWidth singleLogout = new FormLayoutWithFixedCaptionWidth();
singleLogout.setMargin(false);
TextField sloPath = new TextField(msg.getMessage("SAMLAuthenticatorEditor.sloPath"));
configBinder.forField(sloPath).bind("sloPath");
singleLogout.addComponent(sloPath);
ComboBox<String> sloRealm = new ComboBox<>(msg.getMessage("SAMLAuthenticatorEditor.sloRealm"));
sloRealm.setItems(realms);
singleLogout.addComponent(sloRealm);
configBinder.forField(sloRealm).bind("sloRealm");
GridWithEditor<SAMLIdentityMapping> sloMappings = new GridWithEditor<>(msg, SAMLIdentityMapping.class);
sloMappings.setCaption(msg.getMessage("SAMLAuthenticatorEditor.sloMappings"));
singleLogout.addComponent(sloMappings);
sloMappings.addComboColumn(s -> s.getUnityId(), (t, v) -> t.setUnityId(v), msg.getMessage("SAMLAuthenticatorEditor.sloMappings.unityId"), idTypes, 30, false);
sloMappings.addTextColumn(s -> s.getSamlId(), (t, v) -> t.setSamlId(v), msg.getMessage("SAMLAuthenticatorEditor.sloMappings.samlId"), 70, false);
sloMappings.setWidth(FieldSizeConstans.WIDE_FIELD_WIDTH, FieldSizeConstans.WIDE_FIELD_WIDTH_UNIT);
configBinder.forField(sloMappings).bind("sloMappings");
return new CollapsibleLayout(msg.getMessage("SAMLAuthenticatorEditor.singleLogout"), singleLogout);
}
Also used :
CollapsibleLayout(pl.edu.icm.unity.webui.common.CollapsibleLayout)
FormLayoutWithFixedCaptionWidth(pl.edu.icm.unity.webui.common.FormLayoutWithFixedCaptionWidth)
ComboBox(com.vaadin.ui.ComboBox)
TextField(com.vaadin.ui.TextField)
SAMLIdentityMapping(pl.edu.icm.unity.saml.console.SAMLIdentityMapping)
GridWithEditor(pl.edu.icm.unity.webui.common.GridWithEditor)
Example 4 with SAMLIdentityMapping
use of pl.edu.icm.unity.saml.console.SAMLIdentityMapping in project unity by unity-idm.
the class SAMLAuthneticatorConfiguration method fromProperties.
public void fromProperties(PKIManagement pkiMan, URIAccessService uriAccessService, ImageAccessService imageAccessService, MessageSource msg, String properties) {
Properties raw = new Properties();
try {
raw.load(new StringReader(properties));
} catch (IOException e) {
throw new InternalException("Invalid configuration of the SAML verificator", e);
}
SAMLSPProperties samlSpProp = new SAMLSPProperties(raw, pkiMan);
setRequesterId(samlSpProp.getValue(SAMLSPProperties.REQUESTER_ID));
setCredential(samlSpProp.getValue(SAMLSPProperties.CREDENTIAL));
setAcceptedNameFormats(samlSpProp.getListOfValues(SAMLSPProperties.ACCEPTED_NAME_FORMATS));
setRequireSignedAssertion(samlSpProp.getBooleanValue(SAMLSPProperties.REQUIRE_SIGNED_ASSERTION));
setDefSignRequest(samlSpProp.getBooleanValue(SAMLSPProperties.DEF_SIGN_REQUEST));
String defNameFormat = samlSpProp.getValue(SAMLSPProperties.DEF_REQUESTED_NAME_FORMAT);
setDefaultRequestedNameFormat(defNameFormat != null ? Arrays.asList(defNameFormat) : null);
if (samlSpProp.isSet(CommonWebAuthnProperties.DEF_ENABLE_ASSOCIATION)) {
setDefAccountAssociation(samlSpProp.getBooleanValue(CommonWebAuthnProperties.DEF_ENABLE_ASSOCIATION));
}
Set<String> fedKeys = samlSpProp.getStructuredListKeys(SAMLSPProperties.IDPMETA_PREFIX);
trustedFederations = new ArrayList<>();
fedKeys.forEach(key -> {
SAMLAuthnTrustedFederationConfiguration fed = new SAMLAuthnTrustedFederationConfiguration();
key = key.substring(SAMLSPProperties.IDPMETA_PREFIX.length(), key.length() - 1);
fed.fromProperties(samlSpProp, key);
trustedFederations.add(fed);
});
Set<String> idpKeys = samlSpProp.getStructuredListKeys(SAMLSPProperties.IDP_PREFIX);
individualTrustedIdps = new ArrayList<>();
idpKeys.forEach(key -> {
SAMLIndividualTrustedSamlIdpConfiguration idp = new SAMLIndividualTrustedSamlIdpConfiguration();
key = key.substring(SAMLSPProperties.IDP_PREFIX.length(), key.length() - 1);
idp.fromProperties(msg, imageAccessService, samlSpProp, key);
individualTrustedIdps.add(idp);
});
if (samlSpProp.isSet(SamlProperties.PUBLISH_METADATA)) {
setPublishMetadata(samlSpProp.getBooleanValue(SamlProperties.PUBLISH_METADATA));
}
setMetadataPath(samlSpProp.getValue(SAMLSPProperties.METADATA_PATH));
if (samlSpProp.isSet(SamlProperties.SIGN_METADATA)) {
setSignMetadata(samlSpProp.getBooleanValue(SamlProperties.SIGN_METADATA));
}
if (samlSpProp.isSet(SamlProperties.METADATA_SOURCE)) {
setAutoGenerateMetadata(false);
String metaUri = samlSpProp.getValue(SamlProperties.METADATA_SOURCE);
try {
URI uri = URIHelper.parseURI(metaUri);
if (URIHelper.isWebReady(uri)) {
setMetadataSource(new LocalOrRemoteResource(uri.toString()));
} else {
FileData fileData = uriAccessService.readURI(uri);
setMetadataSource(new LocalOrRemoteResource(fileData.getContents(), uri.toString()));
}
} catch (Exception e) {
log.error("Can not load configured metadata from uri: " + metaUri);
}
} else {
setAutoGenerateMetadata(true);
}
setSloPath(samlSpProp.getValue(SAMLSPProperties.SLO_PATH));
setSloRealm(samlSpProp.getValue(SAMLSPProperties.SLO_REALM));
Set<String> sloMappingsKeys = samlSpProp.getStructuredListKeys(SAMLSPProperties.IDENTITY_MAPPING_PFX);
sloMappings = new ArrayList<>();
sloMappingsKeys.forEach(key -> {
SAMLIdentityMapping m = new SAMLIdentityMapping();
if (samlSpProp.getValue(key + SAMLSPProperties.IDENTITY_LOCAL) != null && !samlSpProp.getValue(key + SAMLSPProperties.IDENTITY_LOCAL).isEmpty()) {
m.setUnityId(samlSpProp.getValue(key + SAMLSPProperties.IDENTITY_LOCAL));
}
if (samlSpProp.getValue(key + SAMLSPProperties.IDENTITY_SAML) != null && !samlSpProp.getValue(key + SAMLSPProperties.IDENTITY_SAML).isEmpty()) {
m.setSamlId(samlSpProp.getValue(key + SAMLSPProperties.IDENTITY_SAML));
}
sloMappings.add(m);
});
}
Also used :
IOException(java.io.IOException)
SAMLSPProperties(pl.edu.icm.unity.saml.sp.SAMLSPProperties)
SamlProperties(pl.edu.icm.unity.saml.SamlProperties)
CommonWebAuthnProperties(pl.edu.icm.unity.webui.authn.CommonWebAuthnProperties)
Properties(java.util.Properties)
URI(java.net.URI)
InternalException(pl.edu.icm.unity.exceptions.InternalException)
IOException(java.io.IOException)
ConfigurationException(eu.unicore.util.configuration.ConfigurationException)
InternalException(pl.edu.icm.unity.exceptions.InternalException)
SAMLSPProperties(pl.edu.icm.unity.saml.sp.SAMLSPProperties)
StringReader(java.io.StringReader)
LocalOrRemoteResource(pl.edu.icm.unity.webui.common.binding.LocalOrRemoteResource)
FileData(pl.edu.icm.unity.base.file.FileData)
SAMLIdentityMapping(pl.edu.icm.unity.saml.console.SAMLIdentityMapping)
Aggregations
SAMLIdentityMapping (pl.edu.icm.unity.saml.console.SAMLIdentityMapping)4
ConfigurationException (eu.unicore.util.configuration.ConfigurationException)2
IOException (java.io.IOException)2
StringReader (java.io.StringReader)2
URI (java.net.URI)2
Properties (java.util.Properties)2
FileData (pl.edu.icm.unity.base.file.FileData)2
InternalException (pl.edu.icm.unity.exceptions.InternalException)2
SamlProperties (pl.edu.icm.unity.saml.SamlProperties)2
CollapsibleLayout (pl.edu.icm.unity.webui.common.CollapsibleLayout)2
GridWithEditor (pl.edu.icm.unity.webui.common.GridWithEditor)2
LocalOrRemoteResource (pl.edu.icm.unity.webui.common.binding.LocalOrRemoteResource)2
ComboBox (com.vaadin.ui.ComboBox)1
TextField (com.vaadin.ui.TextField)1
VerticalLayout (com.vaadin.ui.VerticalLayout)1
CommonIdPProperties (pl.edu.icm.unity.engine.api.idp.CommonIdPProperties)1
SamlIdpProperties (pl.edu.icm.unity.saml.idp.SamlIdpProperties)1
AssertionSigningPolicy (pl.edu.icm.unity.saml.idp.SamlIdpProperties.AssertionSigningPolicy)1
RequestAcceptancePolicy (pl.edu.icm.unity.saml.idp.SamlIdpProperties.RequestAcceptancePolicy)1
ResponseSigningPolicy (pl.edu.icm.unity.saml.idp.SamlIdpProperties.ResponseSigningPolicy)1
