private void validateMetadataURL(String metadataURL) throws MetadataProviderException { try { new URI(metadataURL); } catch (URISyntaxException e) { throw new MetadataProviderException("Illegal URL syntax", e); } }
@ExceptionHandler(MetadataProviderException.class) public ResponseEntity<String> handleMetadataProviderException(MetadataProviderException e) { if (e.getMessage().contains("Duplicate")) { return new ResponseEntity<>(e.getMessage(), CONFLICT); } else { return new ResponseEntity<>(e.getMessage(), HttpStatus.BAD_REQUEST); } }
private HTTPMetadataProvider httpMetadataProvider() { try { HTTPMetadataProvider httpMetadataProvider = new HTTPMetadataProvider(new Timer(), new HttpClient(), metadataFilePath); httpMetadataProvider.setParserPool(parserPool); return httpMetadataProvider; } catch (MetadataProviderException e) { e.printStackTrace(); return null; } }
private CachingMetadataManager cachingMetadataManager() { List<MetadataProvider> providers = new ArrayList<>(); providers.add(extendedMetadataDelegate); CachingMetadataManager cachingMetadataManager = null; try { cachingMetadataManager = new CachingMetadataManager(providers); } catch (MetadataProviderException e) { e.printStackTrace(); } cachingMetadataManager.setKeyManager(serviceProvider.keyManager); return cachingMetadataManager; }
@Override public String getDefaultIDP() throws MetadataProviderException { Iterator<String> iterator = getIDPEntityNames().iterator(); if (iterator.hasNext()) { return iterator.next(); } else { throw new MetadataProviderException("No IDP was configured, please update included metadata with at least one IDP"); } }
@ExceptionHandler(MetadataProviderException.class) public ResponseEntity<String> handleMetadataProviderException(MetadataProviderException e) { if (e.getMessage().contains("Duplicate")) { return new ResponseEntity<>(e.getMessage(), HttpStatus.CONFLICT); } else { return new ResponseEntity<>(e.getMessage(), HttpStatus.BAD_REQUEST); } }
private FilesystemMetadataProvider fileSystemMetadataProvider() { DefaultResourceLoader loader = new DefaultResourceLoader(); Resource metadataResource = loader.getResource(metadataFilePath); File samlMetadata = null; try { samlMetadata = metadataResource.getFile(); } catch (IOException e) { e.printStackTrace(); } FilesystemMetadataProvider filesystemMetadataProvider = null; try { filesystemMetadataProvider = new FilesystemMetadataProvider(samlMetadata); } catch (MetadataProviderException e) { e.printStackTrace(); } filesystemMetadataProvider.setParserPool(parserPool); return filesystemMetadataProvider; }
@Override public String getDefaultIDP() throws MetadataProviderException { Iterator<String> iterator = getIDPEntityNames().iterator(); if (iterator.hasNext()) { return iterator.next(); } else { throw new MetadataProviderException("No IDP was configured, please update included metadata with at least one IDP"); } }
@Override protected SingleSignOnService getSingleSignOnService(WebSSOProfileOptions options, IDPSSODescriptor idpssoDescriptor, SPSSODescriptor spDescriptor) throws MetadataProviderException { try { return super.getSingleSignOnService(options, idpssoDescriptor, spDescriptor); } catch (MetadataProviderException e) { throw new SamlBindingNotSupportedException(e.getMessage(), e); } } }
@Override public XMLObject doGetMetadata() throws MetadataProviderException { InputStream stream = new ByteArrayInputStream(metadata.getBytes(StandardCharsets.UTF_8)); try { return unmarshallMetadata(stream); } catch (UnmarshallingException e) { log.error("Unable to unmarshall metadata", e); throw new MetadataProviderException(e); } }
@Override public void run() { if (_idpMetaDataProvider == null) { return; } s_logger.debug("Starting SAML IDP Metadata Refresh Task"); Map <String, SAMLProviderMetadata> metadataMap = new HashMap<String, SAMLProviderMetadata>(); try { discoverAndAddIdp(_idpMetaDataProvider.getMetadata(), metadataMap); _idpMetadataMap = metadataMap; expireTokens(); s_logger.debug("Finished refreshing SAML Metadata and expiring old auth tokens"); } catch (MetadataProviderException e) { s_logger.warn("SAML Metadata Refresh task failed with exception: " + e.getMessage()); } } }
default String getEntityID() throws MetadataProviderException { fetchMetadata(); XMLObject metadata = doGetMetadata(); if (metadata instanceof EntityDescriptor) { EntityDescriptor entityDescriptor = (EntityDescriptor) metadata; return entityDescriptor.getEntityID(); } else if (metadata instanceof EntitiesDescriptor) { EntitiesDescriptor desc = (EntitiesDescriptor)metadata; if (desc.getEntityDescriptors().size()!=1) { throw new MetadataProviderException("Invalid metadata. Number of descriptors must be 1, but is "+desc.getEntityDescriptors().size()); } else { return desc.getEntityDescriptors().get(0).getEntityID(); } } else { throw new MetadataProviderException("Unknown descriptor class:"+metadata.getClass().getName()); } }
s_logger.error("Unable to read SAML2 IDP MetaData URL, error:" + e.getMessage()); s_logger.error("SAML2 Authentication may be unavailable"); return false;
@Override public String getEntityIdForAlias(String entityAlias) throws MetadataProviderException { if (entityAlias == null) { return null; } String entityId = null; for (String sp : getSPEntityNames()) { ExtendedMetadata extendedMetadata = getExtendedMetadata(sp); if (entityAlias.equals(extendedMetadata.getAlias())) { if (entityId != null && !entityId.equals(sp)) { throw new MetadataProviderException("Alias " + entityAlias + " is used both for entity " + entityId + " and " + sp); } else { entityId = sp; } } } for (String idp : getIDPEntityNames()) { ExtendedMetadata extendedMetadata = getExtendedMetadata(idp); if (entityAlias.equals(extendedMetadata.getAlias())) { if (entityId != null && !entityId.equals(idp)) { throw new MetadataProviderException("Alias " + entityAlias + " is used both for entity " + entityId + " and " + idp); } else { entityId = idp; } } } return entityId; }
.getRole(messageIssuer, SPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS); } catch (MetadataProviderException e) { log.warn("Error resolving SPSSODescriptor metadata for entityID '{}': {}", messageIssuer, e.getMessage()); throw new SecurityPolicyException("Error resolving metadata for entity ID", e);
@Override public String getEntityIdForAlias(String entityAlias) throws MetadataProviderException { if (entityAlias == null) { return null; } String entityId = null; for (String idp : getIDPEntityNames()) { ExtendedMetadata extendedMetadata = getExtendedMetadata(idp); if (extendedMetadata.isLocal() && entityAlias.equals(extendedMetadata.getAlias())) { if (entityId != null && !entityId.equals(idp)) { throw new MetadataProviderException("Alias " + entityAlias + " is used both for entity " + entityId + " and " + idp); } else { entityId = idp; } } } for (String sp : getSPEntityNames()) { ExtendedMetadata extendedMetadata = getExtendedMetadata(sp); if (extendedMetadata.isLocal() && entityAlias.equals(extendedMetadata.getAlias())) { if (entityId != null && !entityId.equals(sp)) { throw new MetadataProviderException("Alias " + entityAlias + " is used both for entity " + entityId + " and " + sp); } else { entityId = sp; } } } return entityId; }
String entityIDToBeAdded = ((ConfigMetadataProvider) added.getDelegate()).getEntityID(); if (!StringUtils.hasText(entityIDToBeAdded)) { throw new MetadataProviderException("Emtpy entityID for SAML provider with zoneId:" + providerDefinition.getZoneId() + " and origin:" + providerDefinition.getIdpEntityAlias()); throw new MetadataProviderException("Duplicate entity ID:" + entityIDToBeAdded);
protected void populatePeerContext(SAMLMessageContext samlContext) throws MetadataProviderException { String peerEntityId = samlContext.getPeerEntityId(); QName peerEntityRole = samlContext.getPeerEntityRole(); if (peerEntityId == null) { throw new MetadataProviderException("Peer entity ID wasn't specified, but is requested"); } EntityDescriptor entityDescriptor = metadataManager.getEntityDescriptor(peerEntityId); RoleDescriptor roleDescriptor = metadataManager.getRole(peerEntityId, peerEntityRole, SAMLConstants.SAML20P_NS); ExtendedMetadata extendedMetadata = metadataManager.getExtendedMetadata(peerEntityId); if (entityDescriptor == null || roleDescriptor == null) { throw new MetadataProviderException( "Metadata for entity " + peerEntityId + " and role " + peerEntityRole + " wasn't found"); } samlContext.setPeerEntityMetadata(entityDescriptor); samlContext.setPeerEntityRoleMetadata(roleDescriptor); samlContext.setPeerExtendedMetadata(extendedMetadata); }
protected ExtendedMetadataDelegate configureURLMetadata(SamlServiceProvider provider) throws MetadataProviderException { SamlServiceProviderDefinition def = provider.getConfig().clone(); ExtendedMetadata extendedMetadata = new ExtendedMetadata(); extendedMetadata.setAlias(provider.getEntityId()); byte[] metadata; try { metadata = fixedHttpMetaDataProvider.fetchMetadata(def.getMetaDataLocation(), def.isSkipSslValidation()); } catch (RestClientException e) { throw new MetadataProviderException("Unavailable Metadata Provider", e); } catch (URISyntaxException e) { throw new MetadataProviderException("Invalid metadata URI: " + def.getMetaDataLocation(), e); } def.setMetaDataLocation(new String(metadata, StandardCharsets.UTF_8)); return configureXMLMetadata(provider); }
throw new MetadataProviderException("No local entity found for alias " + localAlias + ", verify your configuration."); } else { log.debug("Using IdP {} specified in request with alias {}", entityId, localAlias);