/** * @return True if any core field in an authentication method has a non-empty value. "Core fields" * are generally required fields to make an authentication method work, such as client ID/secret, * or path to a certficate store. */ private boolean maybeShouldBeEnabled(Authn n) { OAuth2 o = n.getOauth2(); Saml s = n.getSaml(); Ldap l = n.getLdap(); IAP i = n.getIap(); // There isn't a good "core fields" for X509 return StringUtils.isNotEmpty(o.getClient().getClientId()) || StringUtils.isNotEmpty(o.getClient().getClientSecret()) || StringUtils.isNotEmpty(s.getIssuerId()) || StringUtils.isNotEmpty(s.getKeyStore()) || StringUtils.isNotEmpty(l.getUserDnPattern()) || StringUtils.isNotEmpty(l.getUserSearchBase()) || StringUtils.isNotEmpty(l.getUserSearchFilter()) || StringUtils.isNotEmpty(i.getAudience()); } }
if (StringUtils.isEmpty(saml.getIssuerId())) { p.addProblem(Problem.Severity.ERROR, "No issuerId specified.");
public SamlConfig(Security security) { if (!security.getAuthn().getSaml().isEnabled()) { return; } Saml saml = security.getAuthn().getSaml(); this.enabled = saml.isEnabled(); this.issuerId = saml.getIssuerId(); this.metadataUrl = "file:" + saml.getMetadataLocal(); if (StringUtils.isNotEmpty(saml.getMetadataRemote())) { this.metadataUrl = saml.getMetadataRemote(); } this.keyStore = "file:" + saml.getKeyStore(); this.keyStoreAliasName = saml.getKeyStoreAliasName(); this.keyStorePassword = saml.getKeyStorePassword(); URL u = saml.getServiceAddress(); this.redirectProtocol = u.getProtocol(); this.redirectHostname = u.getHost(); if (u.getPort() != -1) { this.redirectHostname += ":" + u.getPort(); } if (StringUtils.isNotEmpty(u.getPath())) { this.redirectBasePath = u.getPath(); } } }
/** * @return True if any core field in an authentication method has a non-empty value. "Core fields" * are generally required fields to make an authentication method work, such as client ID/secret, * or path to a certficate store. */ private boolean maybeShouldBeEnabled(Authn n) { OAuth2 o = n.getOauth2(); Saml s = n.getSaml(); Ldap l = n.getLdap(); IAP i = n.getIap(); // There isn't a good "core fields" for X509 return StringUtils.isNotEmpty(o.getClient().getClientId()) || StringUtils.isNotEmpty(o.getClient().getClientSecret()) || StringUtils.isNotEmpty(s.getIssuerId()) || StringUtils.isNotEmpty(s.getKeyStore()) || StringUtils.isNotEmpty(l.getUserDnPattern()) || StringUtils.isNotEmpty(l.getUserSearchBase()) || StringUtils.isNotEmpty(l.getUserSearchFilter()) || StringUtils.isNotEmpty(i.getAudience()); } }
if (StringUtils.isEmpty(saml.getIssuerId())) { p.addProblem(Problem.Severity.ERROR, "No issuerId specified.");
public SamlConfig(Security security) { if (!security.getAuthn().getSaml().isEnabled()) { return; } Saml saml = security.getAuthn().getSaml(); this.enabled = saml.isEnabled(); this.issuerId = saml.getIssuerId(); this.metadataUrl = "file:" + saml.getMetadataLocal(); if (StringUtils.isNotEmpty(saml.getMetadataRemote())) { this.metadataUrl = saml.getMetadataRemote(); } this.keyStore = "file:" + saml.getKeyStore(); this.keyStoreAliasName = saml.getKeyStoreAliasName(); this.keyStorePassword = saml.getKeyStorePassword(); URL u = saml.getServiceAddress(); this.redirectProtocol = u.getProtocol(); this.redirectHostname = u.getHost(); if (u.getPort() != -1) { this.redirectHostname += ":" + u.getPort(); } if (StringUtils.isNotEmpty(u.getPath())) { this.redirectBasePath = u.getPath(); } } }
@Override protected AuthnMethod editAuthnMethod(Saml s) { s.setIssuerId(isSet(issuerId) ? issuerId : s.getIssuerId()); s.setKeyStore(isSet(keystore) ? keystore : s.getKeyStore()); s.setKeyStorePassword(isSet(keystorePassword) ? keystorePassword : s.getKeyStorePassword()); s.setKeyStoreAliasName(isSet(keystoreAliasName) ? keystoreAliasName : s.getKeyStoreAliasName()); s.setServiceAddress(isSet(serviceAddress) ? serviceAddress : s.getServiceAddress()); if (isSet(metadata)) { if (metadata.startsWith("http")) { s.setMetadataRemote(metadata); s.setMetadataLocal(null); } else { s.setMetadataLocal(metadata); s.setMetadataRemote(null); } } return s; } }
@Override protected AuthnMethod editAuthnMethod(Saml s) { s.setIssuerId(isSet(issuerId) ? issuerId : s.getIssuerId()); s.setKeyStore(isSet(keystore) ? keystore : s.getKeyStore()); s.setKeyStorePassword(isSet(keystorePassword) ? keystorePassword : s.getKeyStorePassword()); s.setKeyStoreAliasName(isSet(keystoreAliasName) ? keystoreAliasName : s.getKeyStoreAliasName()); s.setServiceAddress(isSet(serviceAddress) ? serviceAddress : s.getServiceAddress()); if (isSet(metadata)) { if (metadata.startsWith("http")) { s.setMetadataRemote(metadata); s.setMetadataLocal(null); } else { s.setMetadataLocal(metadata); s.setMetadataRemote(null); } } return s; } }