Skip to content
Snippets Groups Projects

Resolve "Extract SAML info"

Merged Resolve "Extract SAML info"
243-extract-saml-info into development
All threads resolved!
Merged
Cédric Willekensrequested to merge
243-extract-saml-info into development
All threads resolved!
Compare
and
2 files
+ 22
46
Compare changes
  • Side-by-side
  • Inline

Files

src/main/java/nl/tudelft/ewi/queue/SamlWebSecurityConfig.java
+ 16
46
@@ -105,6 +105,16 @@ public class SamlWebSecurityConfig extends WebSecurityConfigurerAdapter {
@Value("${saml.contextProvider.port}")
private int contextProviderPort;
@Value("${saml.metadataUrl")
private String metadataProductionUrl;
@Value("${saml.metadataTrustCheck}")
private boolean metadataProductionTrustCheck;
@Value("${saml.metadataRequirementSignature}")
private boolean metadataProductionRequirementSignature;
protected HttpSecurity samlizedConfig(HttpSecurity http) throws Exception {
//@formatter:off
http
@@ -311,57 +321,19 @@ public class SamlWebSecurityConfig extends WebSecurityConfigurerAdapter {
}
@Bean
@Qualifier("production-TUD")
public ExtendedMetadataDelegate loginProductionTudelftMetadataProvider()
@Qualifier("SSO-metadata")
public ExtendedMetadataDelegate ssoMetaDataProvider()
throws MetadataProviderException {
String metadataUrl = "https://gatekeeper2.tudelft.nl/openaselect/profiles/saml2";
Timer backgroundTaskTimer = new Timer(true);
HTTPMetadataProvider httpMetadataProvider = new HTTPMetadataProvider(backgroundTaskTimer,
httpClient(), metadataUrl);
httpClient(), metadataProductionUrl);
httpMetadataProvider.setParserPool(parserPool());
ExtendedMetadataDelegate extendedMetadataDelegate = new ExtendedMetadataDelegate(httpMetadataProvider,
extendedMetadata());
extendedMetadataDelegate.setMetadataTrustCheck(true);
extendedMetadataDelegate.setMetadataRequireSignature(false);
return extendedMetadataDelegate;
}
@Bean
@Qualifier("test-TUD")
public ExtendedMetadataDelegate loginTestTudelftMetadataProvider() throws MetadataProviderException {
String metadataUrl = "https://gatekeepert.tudelft.nl/openaselect/profiles/saml2";
Timer backgroundTaskTimer = new Timer(true);
HTTPMetadataProvider httpMetadataProvider = new HTTPMetadataProvider(backgroundTaskTimer,
httpClient(), metadataUrl);
httpMetadataProvider.setParserPool(parserPool());
ExtendedMetadataDelegate extendedMetadataDelegate = new ExtendedMetadataDelegate(httpMetadataProvider,
extendedMetadata());
extendedMetadataDelegate.setMetadataTrustCheck(false);
extendedMetadataDelegate.setMetadataRequireSignature(false);
return extendedMetadataDelegate;
}
@Bean
@Qualifier("test-testSHIB")
public ExtendedMetadataDelegate loginTestSHIBMetadataProvider() throws MetadataProviderException {
String metadataUrl = "https://www.testshib.org/metadata/testshib-providers.xml";
Timer backgroundTaskTimer = new Timer(true);
HTTPMetadataProvider httpMetadataProvider = new HTTPMetadataProvider(backgroundTaskTimer,
httpClient(), metadataUrl);
httpMetadataProvider.setParserPool(parserPool());
ExtendedMetadataDelegate extendedMetadataDelegate = new ExtendedMetadataDelegate(httpMetadataProvider,
extendedMetadata());
extendedMetadataDelegate.setMetadataTrustCheck(true);
extendedMetadataDelegate.setMetadataRequireSignature(false);
extendedMetadataDelegate.setMetadataTrustCheck(metadataProductionTrustCheck);
extendedMetadataDelegate.setMetadataRequireSignature(metadataProductionRequirementSignature);
return extendedMetadataDelegate;
}
@@ -372,9 +344,7 @@ public class SamlWebSecurityConfig extends WebSecurityConfigurerAdapter {
@Qualifier("metadata")
public CachingMetadataManager metadata() throws MetadataProviderException {
List<MetadataProvider> providers = new ArrayList<>();
providers.add(loginProductionTudelftMetadataProvider());
// providers.add(loginTestTudelftMetadataProvider());
// providers.add(loginTestSHIBMetadataProvider());
providers.add(ssoMetaDataProvider());
return new CachingMetadataManager(providers);
}