fixing issues in oauth app creation, SAML. Moving service provider configuratiions to config files

merge-requests/7/head
inosh-perera 9 years ago
parent d15eb10636
commit cab888d321

@ -52,12 +52,11 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist
private static final String BASIC_AUTHENTICATOR = "BasicAuthenticator"; private static final String BASIC_AUTHENTICATOR = "BasicAuthenticator";
private static final String BASIC = "basic"; private static final String BASIC = "basic";
private static final String LOCAL = "local"; private static final String LOCAL = "local";
private static final String ASSERTION_CONSUMER_URI = "https://localhost:9443/mdm/sso/acs";
private static final String AUDIENCE = "https://null:9443/oauth2/token";
private static final Log log = LogFactory.getLog(DynamicClientRegistrationService.class); private static final Log log = LogFactory.getLog(DynamicClientRegistrationService.class);
private static final String AUTH_TYPE_OAUTH_2 = "oauth2"; private static final String AUTH_TYPE_OAUTH_2 = "oauth2";
private static final String OAUTH_CONSUMER_SECRET = "oauthConsumerSecret"; private static final String OAUTH_CONSUMER_SECRET = "oauthConsumerSecret";
private static final int STEP_ORDER = 1; private static final int STEP_ORDER = 1;
private static final String OAUTH_VERSION = "OAuth-2.0";
@Override @Override
public OAuthApplicationInfo registerOAuthApplication(RegistrationProfile profile) throws public OAuthApplicationInfo registerOAuthApplication(RegistrationProfile profile) throws
@ -122,6 +121,9 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist
String grantType = profile.getGrantType(); String grantType = profile.getGrantType();
String callbackUrl = profile.getCallbackUrl(); String callbackUrl = profile.getCallbackUrl();
boolean isSaaSApp = profile.isSaasApp(); boolean isSaaSApp = profile.isSaasApp();
String audience = profile.getAudience();
String assertionConsumerURL = profile.getAssertionConsumerURL();
String recepientValidationURL = profile.getRecepientValidationURL();
if (userId == null || userId.isEmpty()) { if (userId == null || userId.isEmpty()) {
return null; return null;
@ -177,6 +179,7 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist
oAuthConsumerApp.setApplicationName(applicationName); oAuthConsumerApp.setApplicationName(applicationName);
oAuthConsumerApp.setCallbackUrl(callbackUrl); oAuthConsumerApp.setCallbackUrl(callbackUrl);
oAuthConsumerApp.setGrantTypes(grantType); oAuthConsumerApp.setGrantTypes(grantType);
oAuthConsumerApp.setOAuthVersion(OAUTH_VERSION);
if (log.isDebugEnabled()) { if (log.isDebugEnabled()) {
log.debug("Creating OAuth App " + applicationName); log.debug("Creating OAuth App " + applicationName);
} }
@ -216,9 +219,13 @@ public class DynamicClientRegistrationServiceImpl implements DynamicClientRegist
SAMLSSOServiceProviderDTO samlssoServiceProviderDTO = new SAMLSSOServiceProviderDTO(); SAMLSSOServiceProviderDTO samlssoServiceProviderDTO = new SAMLSSOServiceProviderDTO();
samlssoServiceProviderDTO.setIssuer(MDM); samlssoServiceProviderDTO.setIssuer(MDM);
samlssoServiceProviderDTO.setAssertionConsumerUrl(ASSERTION_CONSUMER_URI); samlssoServiceProviderDTO.setAssertionConsumerUrls(new String[] {assertionConsumerURL});
samlssoServiceProviderDTO.setDoSignResponse(true); samlssoServiceProviderDTO.setDoSignResponse(true);
samlssoServiceProviderDTO.setRequestedAudiences(new String[] { AUDIENCE }); samlssoServiceProviderDTO.setRequestedAudiences(new String[] { audience });
samlssoServiceProviderDTO.setDefaultAssertionConsumerUrl(assertionConsumerURL);
samlssoServiceProviderDTO.setRequestedRecipients(new String[] {recepientValidationURL});
samlssoServiceProviderDTO.setDoSignAssertions(true);
SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry()); SAMLSSOConfigAdmin configAdmin = new SAMLSSOConfigAdmin(getConfigSystemRegistry());
configAdmin.addRelyingPartyServiceProvider(samlssoServiceProviderDTO); configAdmin.addRelyingPartyServiceProvider(samlssoServiceProviderDTO);

@ -41,6 +41,34 @@ public class RegistrationProfile {
private String tokenScope; private String tokenScope;
private String grantType; private String grantType;
private boolean saasApp; private boolean saasApp;
private String audience;
public String getRecepientValidationURL() {
return recepientValidationURL;
}
public void setRecepientValidationURL(String recepientValidationURL) {
this.recepientValidationURL = recepientValidationURL;
}
public String getAssertionConsumerURL() {
return assertionConsumerURL;
}
public void setAssertionConsumerURL(String assertionConsumerURL) {
this.assertionConsumerURL = assertionConsumerURL;
}
private String recepientValidationURL;
private String assertionConsumerURL;
public String getAudience() {
return audience;
}
public void setAudience(String audience) {
this.audience = audience;
}
public boolean isSaasApp() { public boolean isSaasApp() {
return saasApp; return saasApp;

@ -32,6 +32,36 @@ public class JaggeryOAuthConfigurationSettings {
private String callbackURL; private String callbackURL;
private String tokenScope; private String tokenScope;
private boolean requireDynamicClientRegistration; private boolean requireDynamicClientRegistration;
private String audience;
private String assertionConsumerURL;
private String recepientValidationURL;
@XmlElement(name = "assertionConsumerURL", required = true)
public String getAssertionConsumerURL() {
return assertionConsumerURL;
}
public void setAssertionConsumerURL(String assertionConsumerURL) {
this.assertionConsumerURL = assertionConsumerURL;
}
@XmlElement(name = "recepientValidationURL", required = true)
public String getRecepientValidationURL() {
return recepientValidationURL;
}
public void setRecepientValidationURL(String recepientValidationURL) {
this.recepientValidationURL = recepientValidationURL;
}
@XmlElement(name = "audience", required = true)
public String getAudience() {
return audience;
}
public void setAudience(String audience) {
this.audience = audience;
}
@XmlElement(name = "saasApp", required = true) @XmlElement(name = "saasApp", required = true)
public boolean isSaasApp() { public boolean isSaasApp() {

@ -52,8 +52,11 @@ public class DynamicClientWebAppRegistrationUtil {
private final static String OAUTH_PARAM_TOKEN_SCOPE = "tokenScope"; private final static String OAUTH_PARAM_TOKEN_SCOPE = "tokenScope";
private final static String OAUTH_PARAM_SAAS_APP = "saasApp"; private final static String OAUTH_PARAM_SAAS_APP = "saasApp";
private final static String OAUTH_PARAM_CALLBACK_URL = "callbackURL"; private final static String OAUTH_PARAM_CALLBACK_URL = "callbackURL";
private final static String AUDIENCE = "audience";
private final static String ASSERTION_CONSUMER_URL = "assertionConsumerURL";
private final static String RECEPIENT_VALIDATION_URL = "recepientValidationURL";
private static final String JAGGERY_APP_OAUTH_CONFIG_PATH = private static final String JAGGERY_APP_OAUTH_CONFIG_PATH =
"config" + File.separator + "oauth.json"; "config" + File.separator + "service-provider.json";
private static final Log log = private static final Log log =
LogFactory.getLog(DynamicClientWebAppRegistrationUtil.class); LogFactory.getLog(DynamicClientWebAppRegistrationUtil.class);
@ -192,6 +195,9 @@ public class DynamicClientWebAppRegistrationUtil {
registrationProfile.setClientName(webAppName); registrationProfile.setClientName(webAppName);
registrationProfile.setSaasApp(jaggeryOAuthConfigurationSettings.isSaasApp()); registrationProfile.setSaasApp(jaggeryOAuthConfigurationSettings.isSaasApp());
registrationProfile.setOwner(DynamicClientWebAppRegistrationUtil.getUserName()); registrationProfile.setOwner(DynamicClientWebAppRegistrationUtil.getUserName());
registrationProfile.setAudience(jaggeryOAuthConfigurationSettings.getAudience());
registrationProfile.setAssertionConsumerURL(jaggeryOAuthConfigurationSettings.getAssertionConsumerURL());
registrationProfile.setRecepientValidationURL(jaggeryOAuthConfigurationSettings.getRecepientValidationURL());
if (jaggeryOAuthConfigurationSettings.getCallbackURL() != null) { if (jaggeryOAuthConfigurationSettings.getCallbackURL() != null) {
registrationProfile.setCallbackUrl(jaggeryOAuthConfigurationSettings.getCallbackURL()); registrationProfile.setCallbackUrl(jaggeryOAuthConfigurationSettings.getCallbackURL());
} else { } else {
@ -244,6 +250,15 @@ public class DynamicClientWebAppRegistrationUtil {
case DynamicClientWebAppRegistrationUtil.OAUTH_PARAM_CALLBACK_URL: case DynamicClientWebAppRegistrationUtil.OAUTH_PARAM_CALLBACK_URL:
jaggeryOAuthConfigurationSettings.setCallbackURL(reader.nextString()); jaggeryOAuthConfigurationSettings.setCallbackURL(reader.nextString());
break; break;
case DynamicClientWebAppRegistrationUtil.AUDIENCE:
jaggeryOAuthConfigurationSettings.setAudience(reader.nextString());
break;
case DynamicClientWebAppRegistrationUtil.ASSERTION_CONSUMER_URL:
jaggeryOAuthConfigurationSettings.setAssertionConsumerURL(reader.nextString());
break;
case DynamicClientWebAppRegistrationUtil.RECEPIENT_VALIDATION_URL:
jaggeryOAuthConfigurationSettings.setRecepientValidationURL(reader.nextString());
break;
} }
} }
return jaggeryOAuthConfigurationSettings; return jaggeryOAuthConfigurationSettings;

Loading…
Cancel
Save