entityDescriptor.getRoleDescriptors().add(spSsoDescriptor); return entityDescriptor;
/** {@inheritDoc} */ public boolean apply(EntityDescriptor entityDescriptor) { if (entityDescriptor == null) { return false; } return ! entityDescriptor.getRoleDescriptors(role).isEmpty(); }
/** * Obtain all role descriptors contained by the input entity descriptors. * * @param entityDescriptors the entity descriptors on which to operate * * @return all role descriptors contained by the input entity descriptors */ protected Iterable<RoleDescriptor> getAllCandidates( @Nonnull final Iterable<EntityDescriptor> entityDescriptors) { final ArrayList<Iterable<RoleDescriptor>> aggregate = new ArrayList<>(); for (final EntityDescriptor entityDescriptor : entityDescriptors) { aggregate.add(entityDescriptor.getRoleDescriptors()); } return Iterables.concat(aggregate); }
protected List<? extends Provider> getSsoProviders(EntityDescriptor descriptor) { final List<SsoProvider> providers = new LinkedList<>(); for (RoleDescriptor roleDescriptor : descriptor.getRoleDescriptors()) { if (roleDescriptor instanceof IDPSSODescriptor || roleDescriptor instanceof SPSSODescriptor) { providers.add(getSsoProvider(roleDescriptor)); } else { logger.debug("Ignoring unknown metadata descriptor:"+roleDescriptor.getClass().getName()); } } return providers; }
/** * Filters entity descriptor roles. * * @param descriptor entity descriptor to filter * * @throws FilterException thrown if an effective role name can not be determined */ protected void filterEntityDescriptor(@Nonnull final EntityDescriptor descriptor) throws FilterException { List<RoleDescriptor> roles = descriptor.getRoleDescriptors(); if (roles != null && !roles.isEmpty()) { Iterator<RoleDescriptor> rolesItr = roles.iterator(); QName roleName; while (rolesItr.hasNext()) { roleName = getRoleName(rolesItr.next()); if (!roleWhiteList.contains(roleName)) { log.trace("Filtering out role {} from entity {}", roleName, descriptor.getEntityID()); rolesItr.remove(); } } } }
/** * Gets the identified roles from an EntityDescriptor. This method should not check if the provider is initialized, * if arguments are null, if the roles are valid, etc. All of this is done by the invoker of this method. * * @param entityID ID of the entity from which to retrieve the roles, never null * @param roleName name of the roles to search for, never null * * @return the modifiable list of identified roles or an empty list if no roles exists * * @throws ResolverException thrown if there is a problem searching for the roles */ @Nonnull @NonnullElements protected List<RoleDescriptor> doGetRole(@Nullable final String entityID, @Nullable final QName roleName) throws ResolverException { final EntityDescriptor entity = doGetEntityDescriptor(entityID); if (entity == null) { log.debug("Metadata document did not contain a descriptor for entity {}", entityID); return Collections.emptyList(); } final List<RoleDescriptor> descriptors = entity.getRoleDescriptors(roleName); if (descriptors != null && !descriptors.isEmpty()) { return new ArrayList<>(descriptors); } return Collections.emptyList(); }
for (final EntityDescriptor entityDescriptor : entityDescriptors) { if (protocolCriterion != null) { aggregate.add(entityDescriptor.getRoleDescriptors(roleCriterion.getRole(), protocolCriterion.getProtocol())); } else { aggregate.add(entityDescriptor.getRoleDescriptors(roleCriterion.getRole()));
/** {@inheritDoc} */ @Nullable @NonnullElements @Unmodifiable @NotLive public Set<MetadataIndexKey> generateKeys(@Nonnull EntityDescriptor descriptor) { Constraint.isNotNull(descriptor, "EntityDescriptor was null"); HashSet<MetadataIndexKey> result = new HashSet<>(); for (RoleDescriptor role : descriptor.getRoleDescriptors()) { QName type = role.getSchemaType(); if (type != null) { result.add(new RoleMetadataIndexKey(type)); } else { result.add(new RoleMetadataIndexKey(role.getElementQName())); } } return result; }
log.info("Adding NameIDFormat '{}' to EntityDescriptor '{}'", format, descriptor.getEntityID()); for (final RoleDescriptor role : descriptor.getRoleDescriptors()) { if (role instanceof SPSSODescriptor) { final NameIDFormat nif = formatBuilder.buildObject();
/** {@inheritDoc} */ protected void processChildElement(XMLObject parentSAMLObject, XMLObject childSAMLObject) throws UnmarshallingException { EntityDescriptor entityDescriptor = (EntityDescriptor) parentSAMLObject; if (childSAMLObject instanceof Extensions) { entityDescriptor.setExtensions((Extensions) childSAMLObject); } else if (childSAMLObject instanceof Signature) { entityDescriptor.setSignature((Signature) childSAMLObject); } else if (childSAMLObject instanceof RoleDescriptor) { entityDescriptor.getRoleDescriptors().add((RoleDescriptor) childSAMLObject); } else if (childSAMLObject instanceof AffiliationDescriptor) { entityDescriptor.setAffiliationDescriptor((AffiliationDescriptor) childSAMLObject); } else if (childSAMLObject instanceof Organization) { entityDescriptor.setOrganization((Organization) childSAMLObject); } else if (childSAMLObject instanceof ContactPerson) { entityDescriptor.getContactPersons().add((ContactPerson) childSAMLObject); } else if (childSAMLObject instanceof AdditionalMetadataLocation) { entityDescriptor.getAdditionalMetadataLocations().add((AdditionalMetadataLocation) childSAMLObject); } else { super.processChildElement(parentSAMLObject, childSAMLObject); } }
@Override public final EntityDescriptor buildEntityDescriptor() { final SAMLObjectBuilder<EntityDescriptor> builder = (SAMLObjectBuilder<EntityDescriptor>) this.builderFactory.getBuilder(EntityDescriptor.DEFAULT_ELEMENT_NAME); final EntityDescriptor descriptor = builder.buildObject(); descriptor.setEntityID(this.entityId); descriptor.setValidUntil(DateTime.now(DateTimeZone.UTC).plusYears(20)); descriptor.setID(SAML2Utils.generateID()); descriptor.setExtensions(generateMetadataExtensions()); descriptor.getRoleDescriptors().add(buildSPSSODescriptor()); return descriptor; }
for (RoleDescriptor roleDescriptor : descriptor.getRoleDescriptors()) { Extensions extensions = roleDescriptor.getExtensions(); if (extensions != null) {
protected EntityDescriptor internalToXml(Metadata<? extends Metadata> metadata) { EntityDescriptor desc = getEntityDescriptor(); desc.setEntityID(metadata.getEntityId()); if (hasText(metadata.getId())) { desc.setID(metadata.getId()); } else { desc.setID(UUID.randomUUID().toString()); } List<RoleDescriptor> descriptors = getRoleDescriptors(metadata); desc.getRoleDescriptors().addAll(descriptors); if (metadata.getSigningKey() != null) { signObject(desc, metadata.getSigningKey(), metadata.getAlgorithm(), metadata.getDigest()); } return desc; }
Constraint.isNotNull(descriptor, "EntityDescriptor was null"); final HashSet<MetadataIndexKey> result = new HashSet<>(); for (final RoleDescriptor role : descriptor.getRoleDescriptors()) { QName roleType = role.getSchemaType(); if (roleType == null) {
for (RoleDescriptor roleDescriptor : descriptor.getRoleDescriptors()) { if (roleDescriptor instanceof SSODescriptor) { List<ArtifactResolutionService> arsList =
final Iterator<RoleDescriptor> roleIter = entityDescriptor.getRoleDescriptors().iterator(); while (roleIter.hasNext()) { final RoleDescriptor roleChild = roleIter.next();
entityDescriptor.getRoleDescriptors().add(spSsoDescriptor); return entityDescriptor;
entityDescriptor.getRoleDescriptors().add(spSsoDescriptor);
assertionConsumerService.setLocation(getAssertionConsumerURL(spEntityID, urlContext)); spSSODescriptor.getAssertionConsumerServices().add(assertionConsumerService); spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor); spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor); saml2rw.sign(spEntityDescriptor);
protected final void addContext(final SAML2MetadataResolver entityId, final BaseContext parentContext, final QName elementName) { final EntityDescriptor entityDescriptor; final RoleDescriptor roleDescriptor; try { final CriteriaSet set = new CriteriaSet(); set.add(new EntityIdCriterion(entityId.getEntityId())); entityDescriptor = this.metadata.resolveSingle(set); if (entityDescriptor == null) { throw new SAMLException("Cannot find entity " + entityId.getEntityId() + " in metadata provider"); } final List<RoleDescriptor> list = entityDescriptor.getRoleDescriptors(elementName, SAMLConstants.SAML20P_NS); roleDescriptor = CommonHelper.isNotEmpty(list) ? list.get(0) : null; if (roleDescriptor == null) { throw new SAMLException("Cannot find entity " + entityId + " or role " + elementName + " in metadata provider"); } } catch (final ResolverException e) { throw new SAMLException("An error occured while getting IDP descriptors", e); } final SAMLMetadataContext mdCtx = parentContext.getSubcontext(SAMLMetadataContext.class, true); mdCtx.setEntityDescriptor(entityDescriptor); mdCtx.setRoleDescriptor(roleDescriptor); } }