/** * Is assigned to value. * * @param service the service * @param valueFilter the filter * @return true/false */ public boolean isAssignedTo(final RegisteredService service, final Predicate<String> valueFilter) { return service.getProperties().entrySet() .stream() .anyMatch(entry -> entry.getKey().equalsIgnoreCase(getPropertyName()) && StringUtils.isNotBlank(entry.getValue().getValue()) && valueFilter.test(entry.getValue().getValue())); } }
/** * Gets property value. * * @param service the service * @return the property value */ public RegisteredServiceProperty getPropertyValue(final RegisteredService service) { if (isAssignedTo(service)) { val property = service.getProperties().entrySet() .stream().filter(entry -> entry.getKey().equalsIgnoreCase(getPropertyName()) && StringUtils.isNotBlank(entry.getValue().getValue())) .distinct().findFirst(); if (property.isPresent()) { return property.get().getValue(); } } return null; }
/** * Gets signing key. * * @param registeredService the registered service * @return the signing key */ public Optional<String> getSigningKey(final RegisteredService registeredService) { if (RegisteredServiceProperties.TOKEN_AS_SERVICE_TICKET_SIGNING_KEY.isAssignedTo(registeredService)) { val signingKey = RegisteredServiceProperties.TOKEN_AS_SERVICE_TICKET_SIGNING_KEY.getPropertyValue(registeredService).getValue(); return Optional.of(signingKey); } return Optional.empty(); }
/** * Gets encryption key. * * @param registeredService the registered service * @return the encryption key */ public Optional<String> getEncryptionKey(final RegisteredService registeredService) { if (RegisteredServiceProperties.TOKEN_AS_SERVICE_TICKET_ENCRYPTION_KEY.isAssignedTo(registeredService)) { val key = RegisteredServiceProperties.TOKEN_AS_SERVICE_TICKET_ENCRYPTION_KEY.getPropertyValue(registeredService).getValue(); return Optional.of(key); } return Optional.empty(); } }
private String getStringProperty(final HttpServletRequest request, final RegisteredServiceProperties property) { val result = getRegisteredServiceFromRequest(request); if (result.isPresent()) { val properties = result.get().getProperties(); if (properties.containsKey(property.getPropertyName())) { val prop = properties.get(property.getPropertyName()); return prop.getValue(); } } return null; }
/** * Gets property value. * * @param <T> the type parameter * @param service the service * @param clazz the clazz * @return the property value */ public <T> T getPropertyValue(final RegisteredService service, final Class<T> clazz) { if (isAssignedTo(service)) { val prop = getPropertyValue(service); if (prop != null) { return clazz.cast(prop.getValue()); } } return null; }
/** * Gets registered service jwt secret. * * @param service the service * @param propName the prop name * @return the registered service jwt secret */ protected static String getRegisteredServiceJwtSecret(final RegisteredService service, final String propName) { if (service == null || !service.getAccessStrategy().isServiceAccessAllowed()) { LOGGER.debug("Service is not defined/found or its access is disabled in the registry"); throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE); } if (service.getProperties().containsKey(propName)) { final RegisteredServiceProperty propSigning = service.getProperties().get(propName); final String tokenSigningSecret = propSigning.getValue(); if (StringUtils.isNotBlank(tokenSigningSecret)) { LOGGER.debug("Found the secret value [{}] for service [{}]", propName, service.getServiceId()); return tokenSigningSecret; } } LOGGER.warn("Service [{}] does not define a property [{}] in the registry", service.getServiceId(), propName); return null; } }
/** * Get the relying party id for a service. * * @param service the service to get an id for * @param configuration the configuration * @return relying party id */ public String getRelyingPartyIdentifier(final Service service, final WsFederationConfiguration configuration) { val relyingPartyIdentifier = configuration.getRelyingPartyIdentifier(); if (service != null) { val registeredService = this.servicesManager.findServiceBy(service); RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(service, registeredService); if (RegisteredServiceProperty.RegisteredServiceProperties.WSFED_RELYING_PARTY_ID.isAssignedTo(registeredService)) { LOGGER.debug("Determined relying party identifier from service [{}] to be [{}]", service, relyingPartyIdentifier); return RegisteredServiceProperty.RegisteredServiceProperties.WSFED_RELYING_PARTY_ID.getPropertyValue(registeredService).getValue(); } } LOGGER.debug("Determined relying party identifier to be [{}]", relyingPartyIdentifier); return relyingPartyIdentifier; } }
/** * Gets registered service jwt secret. * * @param service the service * @param propName the prop name * @return the registered service jwt secret */ protected String getRegisteredServiceJwtProperty(final RegisteredService service, final RegisteredServiceProperty.RegisteredServiceProperties propName) { if (service == null || !service.getAccessStrategy().isServiceAccessAllowed()) { LOGGER.debug("Service is not defined/found or its access is disabled in the registry"); throw new UnauthorizedServiceException(UnauthorizedServiceException.CODE_UNAUTHZ_SERVICE); } if (propName.isAssignedTo(service)) { return propName.getPropertyValue(service).getValue(); } LOGGER.warn("Service [{}] does not define a property [{}] in the registry", service.getServiceId(), propName); return null; }
@Override protected WebApplicationService buildInternal(final WebApplicationService service, final Map<String, String> parameters) { final RegisteredService registeredService = this.servicesManager.findServiceBy(service); RegisteredServiceAccessStrategyUtils.ensureServiceAccessIsAllowed(service, registeredService); final Map.Entry<String, RegisteredServiceProperty> property = registeredService.getProperties() .entrySet().stream() .filter(entry -> entry.getKey().equalsIgnoreCase(TokenConstants.PROPERTY_NAME_TOKEN_AS_RESPONSE) && BooleanUtils.toBoolean(entry.getValue().getValue())) .distinct() .findFirst() .orElse(null); if (property == null) { return super.buildInternal(service, parameters); } final String jwt = generateToken(service, parameters); final TokenWebApplicationService jwtService = new TokenWebApplicationService(service.getId(), service.getOriginalUrl(), service.getArtifactId()); jwtService.setFormat(service.getFormat()); jwtService.setLoggedOutAlready(service.isLoggedOutAlready()); parameters.put(CasProtocolConstants.PARAMETER_TICKET, jwt); return jwtService; }