All Downloads are FREE. Search and download functionalities are using the official Maven repository.

pl.edu.icm.unity.saml.sp.web.SAMLRetrieval Maven / Gradle / Ivy

/*
 * Copyright (c) 2013 ICM Uniwersytet Warszawski All rights reserved.
 * See LICENCE.txt file for licensing information.
 */
package pl.edu.icm.unity.saml.sp.web;

import org.springframework.beans.factory.ObjectFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;
import pl.edu.icm.unity.MessageSource;
import pl.edu.icm.unity.engine.api.authn.*;
import pl.edu.icm.unity.engine.api.utils.PrototypeComponent;
import pl.edu.icm.unity.saml.SamlProperties.Binding;
import pl.edu.icm.unity.saml.sp.SAMLExchange;
import pl.edu.icm.unity.saml.sp.SamlContextManagement;
import pl.edu.icm.unity.saml.sp.config.TrustedIdPConfiguration;
import pl.edu.icm.unity.saml.sp.config.TrustedIdPKey;
import pl.edu.icm.unity.saml.sp.config.TrustedIdPs;
import pl.edu.icm.unity.types.authn.AuthenticationOptionKey;
import pl.edu.icm.unity.webui.authn.ProxyAuthenticationCapable;
import pl.edu.icm.unity.webui.authn.VaadinAuthentication;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;

/**
 * Vaadin part of the SAML authn, creates the UI component driving the SAML auth, the {@link SAMLRetrievalUI}. 
 * @see SAMLRetrievalFactory
 */
@PrototypeComponent
public class SAMLRetrieval extends AbstractCredentialRetrieval 
		implements VaadinAuthentication, ProxyAuthenticationCapable
{
	public static final String NAME = "web-saml2";
	public static final String DESC = "WebSAMLRetrievalFactory.desc";
	
	private MessageSource msg;
	private SamlContextManagement samlContextManagement;
	private SAMLProxyAuthnHandler proxyAuthnHandler;
	private LogoExposingService logoExposingService;

	@Autowired
	public SAMLRetrieval(MessageSource msg, SamlContextManagement samlContextManagement,
			LogoExposingService logoExposingService)
	{
		super(VaadinAuthentication.NAME);
		this.msg = msg;
		this.samlContextManagement = samlContextManagement;
		this.logoExposingService = logoExposingService;
	}

	@Override
	public String getSerializedConfiguration()
	{
		return "";	
	}

	@Override
	public void setSerializedConfiguration(String source)
	{
	}

	@Override
	public Collection createUIInstance(Context context, AuthenticatorStepContext authnStepContext)
	{
		List ret = new ArrayList<>();
		TrustedIdPs trustedIdps = credentialExchange.getTrustedIdPs();
		for (TrustedIdPConfiguration idp: trustedIdps.getAll())
		{
			TrustedIdPKey idpKey = idp.key;
			Binding binding = idp.binding;
			if (binding == Binding.HTTP_POST || binding == Binding.HTTP_REDIRECT)
			{
				AuthenticationOptionKey authenticationOptionKey = 
						new AuthenticationOptionKey(getAuthenticatorId(), idpKey.asString());

				ret.add(new SAMLRetrievalUI(msg, credentialExchange, 
						samlContextManagement, 
						idp.key, context,
						new AuthenticationStepContext(authnStepContext, authenticationOptionKey),
						logoExposingService));
			}
		}
		return ret;
	}

	@Override
	public boolean supportsGrid()
	{
		return true;
	}


	@Override
	public boolean isMultiOption()
	{
		return true;
	}

	@Override
	public void setCredentialExchange(CredentialExchange e, String id)
	{
		super.setCredentialExchange(e, id);
		proxyAuthnHandler = new SAMLProxyAuthnHandler((SAMLExchange) e, 
				samlContextManagement, id);
	}
	
	@Override
	public boolean triggerAutomatedAuthentication(HttpServletRequest httpRequest,
			HttpServletResponse httpResponse, String endpointPath, AuthenticatorStepContext context) throws IOException
	{
		return proxyAuthnHandler.triggerAutomatedAuthentication(httpRequest, httpResponse, endpointPath, context);
	}

	@Override
	public void triggerAutomatedUIAuthentication(VaadinAuthenticationUI authenticatorUI)
	{
		SAMLRetrievalUI ui = (SAMLRetrievalUI) authenticatorUI;
		ui.startLogin();
	}
	
	@Override
	public void destroy()
	{
		credentialExchange.destroy();
	}
	
	@Component
	public static class Factory extends AbstractCredentialRetrievalFactory
	{
		@Autowired
		public Factory(ObjectFactory factory)
		{
			super(NAME, DESC, VaadinAuthentication.NAME, factory, SAMLExchange.ID);
		}
	}

	@Override
	public boolean requiresRedirect()
	{
		return true;
	}
}





© 2015 - 2025 Weber Informatics LLC | Privacy Policy