@Override public Map<String, Object> getAttributesInternal(final Principal principal, final Map<String, Object> attrs, final RegisteredService service) { return authorizeReleaseOfAllowedAttributes(attrs); }
/** * Authorize release of allowed attributes map. * * @param attrs the attributes * @return the map */ protected Map<String, Object> authorizeReleaseOfAllowedAttributes(final Map<String, Object> attrs) { val resolvedAttributes = new TreeMap<String, Object>(String.CASE_INSENSITIVE_ORDER); resolvedAttributes.putAll(attrs); val attributesToRelease = new HashMap<String, Object>(); getAllowedAttributes() .stream() .map(attr -> new Object[]{attr, resolvedAttributes.get(attr)}) .filter(pair -> pair[1] != null) .forEach(attribute -> { LOGGER.debug("Found attribute [{}] in the list of allowed attributes", attribute[0]); attributesToRelease.put((String) attribute[0], attribute[1]); }); return attributesToRelease; }
private static RegisteredService convertServiceProperties(final Map serviceDataMap) { val service = new RegexRegisteredService(); service.setId(Long.parseLong(serviceDataMap.get("id").toString())); service.setName(serviceDataMap.get("name").toString()); service.setDescription(serviceDataMap.getOrDefault("description", StringUtils.EMPTY).toString()); service.setServiceId(serviceDataMap.get("serviceId").toString().replace("**", ".*")); service.setTheme(serviceDataMap.getOrDefault("theme", StringUtils.EMPTY).toString()); service.setEvaluationOrder(Integer.parseInt(serviceDataMap.getOrDefault("evaluationOrder", Integer.MAX_VALUE).toString())); val allowedProxy = Boolean.parseBoolean(serviceDataMap.getOrDefault("allowedToProxy", Boolean.FALSE).toString()); val enabled = Boolean.parseBoolean(serviceDataMap.getOrDefault("enabled", Boolean.TRUE).toString()); val ssoEnabled = Boolean.parseBoolean(serviceDataMap.getOrDefault("ssoEnabled", Boolean.TRUE).toString()); val anonymousAccess = Boolean.parseBoolean(serviceDataMap.getOrDefault("anonymousAccess", Boolean.TRUE).toString()); if (allowedProxy) { service.setProxyPolicy(new RegexMatchingRegisteredServiceProxyPolicy(".+")); } service.setAccessStrategy(new DefaultRegisteredServiceAccessStrategy(enabled, ssoEnabled)); if (anonymousAccess) { service.setUsernameAttributeProvider(new AnonymousRegisteredServiceUsernameAttributeProvider()); } val attributes = (List<String>) serviceDataMap.getOrDefault("allowedAttributes", new ArrayList<>()); service.setAttributeReleasePolicy(new ReturnAllowedAttributeReleasePolicy(attributes)); return service; }
return super.getAttributesInternal(principal, attributes, service); if (StringUtils.isBlank(entityId)) { LOGGER.warn("Could not locate the entity id for SAML attribute release policy processing"); return super.getAttributesInternal(principal, attributes, service); if (ctx == null) { LOGGER.warn("Could not locate the application context to process attributes"); return super.getAttributesInternal(principal, attributes, service); return super.getAttributesInternal(principal, attributes, service); if (input == null) { LOGGER.warn("Could not locate entity descriptor for [{}] to process attributes", entityId); return super.getAttributesInternal(principal, attributes, service); return super.getAttributesInternal(principal, attributes, service);
@Override public void initialize() { this.proxyPolicy = ObjectUtils.defaultIfNull(this.proxyPolicy, new RefuseRegisteredServiceProxyPolicy()); this.usernameAttributeProvider = ObjectUtils.defaultIfNull(this.usernameAttributeProvider, new DefaultRegisteredServiceUsernameProvider()); this.logoutType = ObjectUtils.defaultIfNull(this.logoutType, RegisteredServiceLogoutType.BACK_CHANNEL); this.requiredHandlers = ObjectUtils.defaultIfNull(this.requiredHandlers, new HashSet<>()); this.accessStrategy = ObjectUtils.defaultIfNull(this.accessStrategy, new DefaultRegisteredServiceAccessStrategy()); this.multifactorPolicy = ObjectUtils.defaultIfNull(this.multifactorPolicy, new DefaultRegisteredServiceMultifactorPolicy()); this.properties = ObjectUtils.defaultIfNull(this.properties, new LinkedHashMap()); this.attributeReleasePolicy = ObjectUtils.defaultIfNull(this.attributeReleasePolicy, new ReturnAllowedAttributeReleasePolicy()); this.contacts = ObjectUtils.defaultIfNull(this.contacts, new ArrayList()); this.expirationPolicy = ObjectUtils.defaultIfNull(this.expirationPolicy, new DefaultRegisteredServiceExpirationPolicy()); }
@Override public void write(final Kryo kryo, final Output output, final RegisteredService service) { kryo.writeObject(output, service.getServiceId()); kryo.writeObject(output, StringUtils.defaultIfEmpty(service.getName(), StringUtils.EMPTY)); kryo.writeObject(output, StringUtils.defaultIfEmpty(service.getDescription(), StringUtils.EMPTY)); kryo.writeObject(output, service.getId()); kryo.writeObject(output, service.getEvaluationOrder()); kryo.writeObject(output, ObjectUtils.defaultIfNull(service.getLogo(), getEmptyUrl())); kryo.writeObject(output, service.getLogoutType()); kryo.writeObject(output, ObjectUtils.defaultIfNull(service.getLogoutUrl(), StringUtils.EMPTY)); kryo.writeObject(output, new HashSet<>(service.getRequiredHandlers())); kryo.writeObject(output, StringUtils.defaultIfEmpty(service.getTheme(), StringUtils.EMPTY)); kryo.writeObject(output, StringUtils.defaultIfEmpty(service.getResponseType(), StringUtils.EMPTY)); writeObjectByReflection(kryo, output, ObjectUtils.defaultIfNull(service.getPublicKey(), new RegisteredServicePublicKeyImpl())); writeObjectByReflection(kryo, output, ObjectUtils.defaultIfNull(service.getProxyPolicy(), new RefuseRegisteredServiceProxyPolicy())); writeObjectByReflection(kryo, output, ObjectUtils.defaultIfNull(service.getAttributeReleasePolicy(), new ReturnAllowedAttributeReleasePolicy())); writeObjectByReflection(kryo, output, ObjectUtils.defaultIfNull(service.getUsernameAttributeProvider(), new DefaultRegisteredServiceUsernameProvider())); writeObjectByReflection(kryo, output, ObjectUtils.defaultIfNull(service.getAccessStrategy(), new DefaultRegisteredServiceAccessStrategy())); writeObjectByReflection(kryo, output, ObjectUtils.defaultIfNull(service.getMultifactorPolicy(), new DefaultRegisteredServiceMultifactorPolicy())); writeObjectByReflection(kryo, output, ObjectUtils.defaultIfNull(service.getContacts(), new ArrayList<>())); kryo.writeObject(output, StringUtils.defaultIfEmpty(service.getInformationUrl(), StringUtils.EMPTY)); kryo.writeObject(output, StringUtils.defaultIfEmpty(service.getPrivacyUrl(), StringUtils.EMPTY)); kryo.writeObject(output, new HashMap<>(service.getProperties())); }