Commit e8e57493 authored by Gradl, Tobias's avatar Gradl, Tobias
Browse files

10: Work with SAML attributes

Task-Url: #10
parent 64614fae
Pipeline #17775 passed with stage
in 1 minute and 55 seconds
......@@ -10,7 +10,6 @@ import org.pac4j.saml.credentials.SAML2Credentials;
import org.pac4j.saml.credentials.authenticator.SAML2Authenticator;
import eu.dariah.de.dariahsp.Constants;
import eu.dariah.de.dariahsp.config.Attribute;
import eu.dariah.de.dariahsp.config.SecurityConfig;
import eu.dariah.de.dariahsp.model.ExtendedUserProfile;
import lombok.Data;
......@@ -22,7 +21,8 @@ import lombok.extern.slf4j.Slf4j;
@EqualsAndHashCode(callSuper=false)
public class SamlProfileCreator extends BaseProfileCreator implements ProfileCreator<SAML2Credentials> {
public static final String EXTERNAL_ROLES_MAPPED_NAME = "externalRoles";
public static final String ID_MAPPED_NAME = "id";
private final SecurityConfig securityConfig;
public SamlProfileCreator(SecurityConfig securityConfig, String clientName) {
......@@ -45,15 +45,21 @@ public class SamlProfileCreator extends BaseProfileCreator implements ProfileCre
private void setIdPersistenceInfo(ExtendedUserProfile profile) {
boolean transientId = true;
try {
if (profile.containsAttribute(SAML2Authenticator.SAML_NAME_ID_FORMAT)) {
transientId = profile.getAttribute(SAML2Authenticator.SAML_NAME_ID_FORMAT, String.class).equals(Constants.URN_SAML2_NAMEID_TRANSIENT);
if (profile.containsAuthenicationAttribute(SAML2Authenticator.SAML_NAME_ID_FORMAT)) {
transientId = profile.getAuthenticationAttribute(SAML2Authenticator.SAML_NAME_ID_FORMAT, String.class).equals(Constants.URN_SAML2_NAMEID_TRANSIENT);
}
} catch (Exception e) {
log.error("Failed to detect and process nameId format", e);
}
//for ()
if (profile.containsAttribute(ID_MAPPED_NAME)) {
@SuppressWarnings("rawtypes")
List id = profile.getAttribute(ID_MAPPED_NAME, List.class);
if (!id.isEmpty()) {
profile.setId(id.get(0).toString());
transientId = false;
}
}
profile.setTransientId(transientId);
}
private void assignExternalRoles(ExtendedUserProfile profile) {
......
......@@ -74,32 +74,14 @@ public class SamlSpConfigProperties {
public Map<String, String> getMappedAttributesNameMap() {
Map<String, String> result = new HashMap<>();
if (attributeConfig!=null) {
for (ConditionalAttributeSet set : attributeConfig) {
result.putAll(this.getAttributesFromSet(set).stream()
.filter(a -> a.getMappedAttribute()!=null)
.collect(Collectors.toMap(Attribute::getName, Attribute::getMappedAttribute)));
}
return attributeConfig.stream()
.map(ConditionalAttributeSet::getAttributeGroup)
.flatMap(Collection::stream)
.map(ConditionalAttributeGroup::getAttributes)
.flatMap(Collection::stream)
.filter(a -> a.getMappedAttribute()!=null)
.collect(Collectors.toMap(Attribute::getName, Attribute::getMappedAttribute));
}
return result;
}
private List<Attribute> getAttributesFromSet(ConditionalAttributeSet set) {
List<Attribute> mappedAttributes = new ArrayList<>();
if (set.getAttributeGroup()!=null) {
for (ConditionalAttributeGroup group : set.getAttributeGroup()) {
mappedAttributes.addAll(getAttributesFromGroup(group));
}
}
return mappedAttributes;
}
private List<Attribute> getAttributesFromGroup(ConditionalAttributeGroup group) {
List<Attribute> attributes = new ArrayList<>();
if (group.getAttributes()!=null) {
for (Attribute a : group.getAttributes()) {
attributes.add(a);
}
}
return attributes;
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment