All Downloads are FREE. Search and download functionalities are using the official Maven repository.

io.milton.sso.SamlExternalIdentityProvider Maven / Gradle / Ivy

Go to download

Milton Enterprise: Supports DAV level 2 and above, including Caldav and Carddav. Available on AGPL or commercial licenses

There is a newer version: 4.0.5.2400
Show newest version
/*
 * Copyright 2012 McEvoy Software Ltd.
 *
 * 
 */

package io.milton.sso;

//import org.joda.time.DateTime;
//import org.opensaml.Configuration;
//import org.opensaml.DefaultBootstrap;
//import org.opensaml.common.binding.BasicSAMLMessageContext;
//import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder;
//import org.opensaml.saml2.core.AuthnContextClassRef;
//import org.opensaml.saml2.core.AuthnContextComparisonTypeEnumeration;
//import org.opensaml.saml2.core.AuthnRequest;
//import org.opensaml.saml2.core.Issuer;
//import org.opensaml.saml2.core.NameIDPolicy;
//import org.opensaml.saml2.core.NameIDType;
//import org.opensaml.saml2.core.RequestedAuthnContext;
//import org.opensaml.saml2.metadata.AssertionConsumerService;
//import org.opensaml.saml2.metadata.Endpoint;
//import org.opensaml.ws.message.encoder.MessageEncodingException;
//import org.opensaml.xml.ConfigurationException;
//import org.opensaml.xml.XMLConfigurator;
//import org.opensaml.xml.XMLObjectBuilder;
//import org.opensaml.xml.XMLObjectBuilderFactory;
//import org.opensaml.xml.parse.BasicParserPool;
//import org.opensaml.xml.parse.XMLParserException;
//import org.opensaml.xml.security.credential.Credential;
//import org.opensaml.xml.security.x509.BasicX509Credential;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/**
 *
 * @author brad
 */
public class SamlExternalIdentityProvider { //implements ExternalIdentityProvider {

	private static final Logger log = LoggerFactory.getLogger(SamlExternalIdentityProvider.class);
	public static final String AUTHN_LOW_STRENGH = "urn:nzl:govt:ict:stds:authn:deployment:GLS:SAML:2.0:ac:classes:LowStrength";
	private String name;
	private String loginUrl;
//	private XMLObjectBuilderFactory builderFactory;
//	private BasicParserPool parserPool;
//	private String issuer = "http://localhost:8080/";
//	private String nameFormat = NameIDType.PERSISTENT;
//	private String authStrength = AUTHN_LOW_STRENGH;
//	private AuthnContextComparisonTypeEnumeration authComparison = AuthnContextComparisonTypeEnumeration.EXACT;
//	private Credential localCred;  // initialised in cstr
//
//	/**
//	 * 
//	 * @param keystoreFile - the keystore file
//	 * @param localAlias - the alias for the local certificate
//	 * @param keystorePassword - password to open keystore
//	 * @param localPassword - password to access local alias
//	 * 
//	 * @throws XMLParserException
//	 * @throws ConfigurationException
//	 * @throws KeyStoreException
//	 * @throws FileNotFoundException
//	 * @throws IOException
//	 * @throws NoSuchAlgorithmException
//	 * @throws CertificateException
//	 * @throws UnrecoverableEntryException 
//	 */
//	public SamlExternalIdentityProvider(File keystoreFile, String localAlias, String keystorePassword, String localPassword) throws XMLParserException, ConfigurationException, KeyStoreException, FileNotFoundException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableEntryException {
//		if( keystoreFile == null ) {
//			throw new RuntimeException("keystore file was null");
//		}
//		// Initialize the OpenSAML library
//		try {
//			javax.xml.parsers.SAXParserFactory spFactory = javax.xml.parsers.SAXParserFactory.newInstance();
//			spFactory.setNamespaceAware(true);
//			DefaultBootstrap.bootstrap();
//		} catch (ConfigurationException e) {
//			throw new RuntimeException(e);
//		}
//
//		parserPool = new BasicParserPool();
//		parserPool.setNamespaceAware(true);
//		// SOAP 1.1 Configuration
//		Document soap11Config = parserPool.parse(SamlExternalIdentityProvider.class.getResourceAsStream("/soap11-config.xml"));
//		Document defaulfConfig = parserPool.parse(SamlExternalIdentityProvider.class.getResourceAsStream("/default-config.xml"));
//
//		XMLConfigurator configurator = new XMLConfigurator();
//		configurator.load(soap11Config);
//		configurator.load(defaulfConfig);
//
//		builderFactory = Configuration.getBuilderFactory();
//		KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
//		FileInputStream fin = null;
//		try {
//			fin = new FileInputStream(keystoreFile);
//			ks.load(fin, toCharArray(keystorePassword));
//		} finally {
//			StreamUtils.close(fin);
//		}
//		KeyStore.PrivateKeyEntry keyEntry = (KeyStore.PrivateKeyEntry) ks.getEntry(localAlias, new KeyStore.PasswordProtection(toCharArray(localPassword)));
//		if (keyEntry == null) {
//			log.error("No keystore entry named: " + localAlias + " listing available aliases..");
//			Enumeration aliasesEn = ks.aliases();
//			while (aliasesEn.hasMoreElements()) {
//				String alias = aliasesEn.nextElement();
//				log.error("Available alias: " + alias);
//			}
//			throw new RuntimeException("Couldnt initialise keystore. See previous messages for available aliases");
//		}
//		PrivateKey privateKey = keyEntry.getPrivateKey();
//		if (privateKey == null) {
//			throw new RuntimeException("No private key associated with " + keyEntry.toString());
//		} else {
//			System.out.println("using PK: " + privateKey);
//		}
//		localCred = new BasicX509Credential();
//		((BasicX509Credential) localCred).setPrivateKey(privateKey);
//
//	}
//
//	private char[] toCharArray(String value) {
//		if (value == null) {
//			return null;
//		}
//		return value.toCharArray();
//	}
//
//	@Override
//	public String getName() {
//		return name;
//	}
//
//	@Override
//	public void initiateExternalAuth(Resource resource, Request request, Response response) {
////		response.sendRedirect(loginUrl);
//
//		AuthnRequest auth = createSAMLObject(AuthnRequest.DEFAULT_ELEMENT_NAME);
//		auth.setIssueInstant(new DateTime());
//		auth.setID(UUID.randomUUID().toString());
//		auth.setIssuer(createIssuer(issuer));
//		auth.setForceAuthn(true);
//		auth.setIsPassive(false);
//		auth.setAssertionConsumerServiceIndex(0);
//
//		auth.setDestination(loginUrl);
//		auth.setNameIDPolicy(createNameIDPolicy(nameFormat, true));
//		auth.setRequestedAuthnContext(createRequestedAuthnContext(authComparison, authStrength));
//
//		MiltonHttpOutTransport transport = new MiltonHttpOutTransport(request, response);
//
//		BasicSAMLMessageContext messageContext = new BasicSAMLMessageContext();
//		messageContext.setOutboundMessageTransport(transport);
//		messageContext.setOutboundSAMLMessage(auth);
//		messageContext.setPeerEntityEndpoint(createEndPoint(loginUrl));
//
//		messageContext.setOutboundSAMLMessageSigningCredential(localCred);
//		System.out.println("set signing cred: " + localCred.getEntityId() + " - " + localCred);
//		System.out.println("local cred pk: " + localCred.getPrivateKey());
//
//		String state = UUID.randomUUID().toString();
//		messageContext.setRelayState(state);
//
//		HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
//		try {
//			encoder.encode(messageContext);
//		} catch (MessageEncodingException ex) {
//			throw new RuntimeException(ex);
//		}
//
//
//	}
//
//	private Issuer createIssuer(String issuerStr) {
//		Issuer issuerEl = createSAMLObject(Issuer.DEFAULT_ELEMENT_NAME);
//		issuerEl.setValue(issuerStr);
//		System.out.println("issuer: " + issuerStr);
//		return issuerEl;
//	}
//
//	public NameIDPolicy createNameIDPolicy(String nameFormat, boolean allowCreate) {
//		NameIDPolicy policy = createSAMLObject(NameIDPolicy.DEFAULT_ELEMENT_NAME);
//		policy.setFormat(nameFormat);
//		policy.setAllowCreate(allowCreate);
//		return policy;
//	}
//
//	public Endpoint createEndPoint(String url) {
//		Endpoint ep = createSAMLObject(AssertionConsumerService.DEFAULT_ELEMENT_NAME);
//		ep.setLocation(url);
//		return ep;
//	}
//
//	public RequestedAuthnContext createRequestedAuthnContext(AuthnContextComparisonTypeEnumeration comparison, String ctxClass) {
//		RequestedAuthnContext ctx = createSAMLObject(RequestedAuthnContext.DEFAULT_ELEMENT_NAME);
//		ctx.setComparison(comparison);
//		AuthnContextClassRef ctxClassRef = createSAMLObject(AuthnContextClassRef.DEFAULT_ELEMENT_NAME);
//		ctxClassRef.setAuthnContextClassRef(ctxClass);
//		ctx.getAuthnContextClassRefs().add(ctxClassRef);
//		return ctx;
//	}
//
//	public String getLoginUrl() {
//		return loginUrl;
//	}
//
//	public void setLoginUrl(String loginUrl) {
//		this.loginUrl = loginUrl;
//	}
//
//	public void setName(String name) {
//		this.name = name;
//	}
//
//	public String getIssuer() {
//		return issuer;
//	}
//
//	public void setIssuer(String issuer) {
//		this.issuer = issuer;
//	}
//
//	@SuppressWarnings("unchecked")
//	private  T createSAMLObject(QName qname) {
//		XMLObjectBuilder builder = builderFactory.getBuilder(qname);
//		if (builder == null) {
//			throw new RuntimeException("Builder not found for " + qname);
//		}
//		return (T) builder.buildObject(qname);
//	}
//
//	public Credential getLocalPrivate() {
//		return localCred;
//	}
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy