View Javadoc
1   /*
2    * Licensed to the Apache Software Foundation (ASF) under one
3    * or more contributor license agreements.  See the NOTICE file
4    * distributed with this work for additional information
5    * regarding copyright ownership.  The ASF licenses this file
6    * to you under the Apache License, Version 2.0 (the
7    * "License"); you may not use this file except in compliance
8    * with the License.  You may obtain a copy of the License at
9    *
10   *   http://www.apache.org/licenses/LICENSE-2.0
11   *
12   * Unless required by applicable law or agreed to in writing,
13   * software distributed under the License is distributed on an
14   * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
15   * KIND, either express or implied.  See the License for the
16   * specific language governing permissions and limitations
17   * under the License.
18   */
19  package org.apache.syncope.client.ui.commons.resources.saml2sp4ui;
20  
21  import com.fasterxml.jackson.annotation.JsonInclude;
22  import com.fasterxml.jackson.core.JsonProcessingException;
23  import com.fasterxml.jackson.databind.json.JsonMapper;
24  import org.apache.commons.lang3.tuple.Pair;
25  import org.apache.syncope.client.ui.commons.BaseSession;
26  import org.apache.syncope.client.ui.commons.SAML2SP4UIConstants;
27  import org.apache.syncope.common.lib.saml2.SAML2LoginResponse;
28  import org.apache.syncope.common.lib.to.UserTO;
29  import org.apache.syncope.common.rest.api.service.SAML2SP4UIService;
30  import org.apache.wicket.RestartResponseException;
31  import org.apache.wicket.Session;
32  import org.apache.wicket.WicketRuntimeException;
33  import org.apache.wicket.markup.html.WebPage;
34  import org.apache.wicket.request.mapper.parameter.PageParameters;
35  
36  public abstract class AssertionConsumerResource extends AbstractSAML2SP4UIResource {
37  
38      private static final long serialVersionUID = 3858609271031003370L;
39  
40      protected static final JsonMapper MAPPER =
41              JsonMapper.builder().findAndAddModules().serializationInclusion(JsonInclude.Include.NON_EMPTY).build();
42  
43      protected abstract Class<? extends WebPage> getLoginPageClass();
44  
45      protected abstract Pair<Class<? extends WebPage>, PageParameters> getSelfRegInfo(UserTO newUser)
46              throws JsonProcessingException;
47  
48      @Override
49      protected ResourceResponse newResourceResponse(final Attributes attributes) {
50          SAML2SP4UIService service = BaseSession.class.cast(Session.get()).getAnonymousService(SAML2SP4UIService.class);
51          SAML2LoginResponse saml2Response = service.validateLoginResponse(extract(attributes));
52  
53          if (saml2Response.isSelfReg()) {
54              UserTO newUser = new UserTO();
55              newUser.setUsername(saml2Response.getUsername());
56              newUser.getPlainAttrs().addAll(saml2Response.getAttrs());
57  
58              try {
59                  Pair<Class<? extends WebPage>, PageParameters> selfRegInfo = getSelfRegInfo(newUser);
60                  throw new RestartResponseException(selfRegInfo.getLeft(), selfRegInfo.getRight());
61              } catch (JsonProcessingException e) {
62                  LOG.error("Could not serialize new user {}", newUser, e);
63                  throw new WicketRuntimeException(e);
64              }
65          } else {
66              throw new RestartResponseException(
67                      getLoginPageClass(),
68                      new PageParameters().
69                              set(SAML2SP4UIConstants.SAML2SP4UI_JWT, saml2Response.getAccessToken()).
70                              set(SAML2SP4UIConstants.SAML2SP4UI_SLO_SUPPORTED, saml2Response.isSloSupported()));
71          }
72      }
73  }