1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.apache.syncope.core.logic;
20
21 import java.io.InputStream;
22 import java.security.KeyStore;
23 import java.security.PrivateKey;
24 import java.security.cert.X509Certificate;
25 import org.apache.syncope.common.lib.to.EntityTO;
26 import org.apache.syncope.core.logic.saml2.NoOpLogoutHandler;
27 import org.pac4j.saml.config.SAML2Configuration;
28 import org.pac4j.saml.metadata.keystore.BaseSAML2KeystoreGenerator;
29 import org.springframework.core.io.FileUrlResource;
30 import org.springframework.core.io.support.ResourcePatternResolver;
31
32 abstract class AbstractSAML2SP4UILogic extends AbstractTransactionalLogic<EntityTO> {
33
34 protected final SAML2SP4UIProperties props;
35
36 protected final ResourcePatternResolver resourceResolver;
37
38 protected AbstractSAML2SP4UILogic(
39 final SAML2SP4UIProperties props,
40 final ResourcePatternResolver resourceResolver) {
41
42 this.props = props;
43 this.resourceResolver = resourceResolver;
44 }
45
46 protected SAML2Configuration newSAML2Configuration() {
47 SAML2Configuration cfg = new SAML2Configuration(
48 resourceResolver.getResource(props.getKeystore()),
49 props.getKeystoreAlias(),
50 props.getKeystoreType(),
51 props.getKeystoreStorepass(),
52 props.getKeystoreKeypass(),
53 null);
54
55 if (cfg.getKeystoreResource() instanceof FileUrlResource) {
56 cfg.setKeystoreGenerator(new BaseSAML2KeystoreGenerator(cfg) {
57
58 @Override
59 protected void store(
60 final KeyStore ks,
61 final X509Certificate certificate,
62 final PrivateKey privateKey) throws Exception {
63
64
65 }
66
67 @Override
68 public InputStream retrieve() throws Exception {
69 return cfg.getKeystoreResource().getInputStream();
70 }
71 });
72 }
73
74 cfg.setWantsAssertionsSigned(true);
75 cfg.setAuthnRequestSigned(true);
76 cfg.setSpLogoutRequestSigned(true);
77 cfg.setMaximumAuthenticationLifetime(props.getMaximumAuthenticationLifetime());
78 cfg.setAcceptedSkew(props.getAcceptedSkew());
79 cfg.setLogoutHandler(new NoOpLogoutHandler());
80
81 return cfg;
82 }
83 }