public SamlConfig(Security security) { if (!security.getAuthn().getSaml().isEnabled()) { return; } Saml saml = security.getAuthn().getSaml(); this.enabled = saml.isEnabled(); this.issuerId = saml.getIssuerId(); this.metadataUrl = "file:" + saml.getMetadataLocal(); if (StringUtils.isNotEmpty(saml.getMetadataRemote())) { this.metadataUrl = saml.getMetadataRemote(); } this.keyStore = "file:" + saml.getKeyStore(); this.keyStoreAliasName = saml.getKeyStoreAliasName(); this.keyStorePassword = saml.getKeyStorePassword(); URL u = saml.getServiceAddress(); this.redirectProtocol = u.getProtocol(); this.redirectHostname = u.getHost(); if (u.getPort() != -1) { this.redirectHostname += ":" + u.getPort(); } if (StringUtils.isNotEmpty(u.getPath())) { this.redirectBasePath = u.getPath(); } } }
public SamlConfig(Security security) { if (!security.getAuthn().getSaml().isEnabled()) { return; } Saml saml = security.getAuthn().getSaml(); this.enabled = saml.isEnabled(); this.issuerId = saml.getIssuerId(); this.metadataUrl = "file:" + saml.getMetadataLocal(); if (StringUtils.isNotEmpty(saml.getMetadataRemote())) { this.metadataUrl = saml.getMetadataRemote(); } this.keyStore = "file:" + saml.getKeyStore(); this.keyStoreAliasName = saml.getKeyStoreAliasName(); this.keyStorePassword = saml.getKeyStorePassword(); URL u = saml.getServiceAddress(); this.redirectProtocol = u.getProtocol(); this.redirectHostname = u.getHost(); if (u.getPort() != -1) { this.redirectHostname += ":" + u.getPort(); } if (StringUtils.isNotEmpty(u.getPath())) { this.redirectBasePath = u.getPath(); } } }
/** * @return True if any core field in an authentication method has a non-empty value. "Core fields" * are generally required fields to make an authentication method work, such as client ID/secret, * or path to a certficate store. */ private boolean maybeShouldBeEnabled(Authn n) { OAuth2 o = n.getOauth2(); Saml s = n.getSaml(); Ldap l = n.getLdap(); IAP i = n.getIap(); // There isn't a good "core fields" for X509 return StringUtils.isNotEmpty(o.getClient().getClientId()) || StringUtils.isNotEmpty(o.getClient().getClientSecret()) || StringUtils.isNotEmpty(s.getIssuerId()) || StringUtils.isNotEmpty(s.getKeyStore()) || StringUtils.isNotEmpty(l.getUserDnPattern()) || StringUtils.isNotEmpty(l.getUserSearchBase()) || StringUtils.isNotEmpty(l.getUserSearchFilter()) || StringUtils.isNotEmpty(i.getAudience()); } }
/** * @return True if any core field in an authentication method has a non-empty value. "Core fields" * are generally required fields to make an authentication method work, such as client ID/secret, * or path to a certficate store. */ private boolean maybeShouldBeEnabled(Authn n) { OAuth2 o = n.getOauth2(); Saml s = n.getSaml(); Ldap l = n.getLdap(); IAP i = n.getIap(); // There isn't a good "core fields" for X509 return StringUtils.isNotEmpty(o.getClient().getClientId()) || StringUtils.isNotEmpty(o.getClient().getClientSecret()) || StringUtils.isNotEmpty(s.getIssuerId()) || StringUtils.isNotEmpty(s.getKeyStore()) || StringUtils.isNotEmpty(l.getUserDnPattern()) || StringUtils.isNotEmpty(l.getUserSearchBase()) || StringUtils.isNotEmpty(l.getUserSearchFilter()) || StringUtils.isNotEmpty(i.getAudience()); } }
public boolean isEnabled() { return getOauth2().isEnabled() || getSaml().isEnabled() || getLdap().isEnabled() || getX509().isEnabled() || getIap().isEnabled(); }
public boolean isEnabled() { return getOauth2().isEnabled() || getSaml().isEnabled() || getLdap().isEnabled() || getX509().isEnabled() || getIap().isEnabled(); }
@Override protected GateConfig getGateConfig(ServiceSettings gate, Security security) { GateConfig config = new GateConfig(gate, security); if (security.getAuthn().getOauth2().isEnabled()) { config.spring = new SpringConfig(security); } else if (security.getAuthn().getSaml().isEnabled()) { config.saml = new SamlConfig(security); } else if (security.getAuthn().getLdap().isEnabled()) { config.ldap = new LdapConfig(security); } else if (security.getAuthn().getIap().isEnabled()) { config.google.iap = new IAPConfig(security); } if (security.getAuthn().getX509().isEnabled()) { config.x509 = new X509Config(security); } return config; } }
@Override protected GateConfig getGateConfig(ServiceSettings gate, Security security) { GateConfig config = new GateConfig(gate, security); if (security.getAuthn().getOauth2().isEnabled()) { config.security.oauth2 = security.getAuthn().getOauth2(); } else if (security.getAuthn().getSaml().isEnabled()) { config.saml = new SamlConfig(security); } else if (security.getAuthn().getLdap().isEnabled()) { config.ldap = new LdapConfig(security); } else if (security.getAuthn().getIap().isEnabled()) { config.google.iap = new IAPConfig(security); } if (security.getAuthn().getX509().isEnabled()) { config.x509 = new X509Config(security); } return config; } }
@Override protected GateConfig getGateConfig(ServiceSettings gate, Security security) { GateConfig config = new GateConfig(gate, security); if (security.getAuthn().getOauth2().isEnabled()) { config.spring = new SpringConfig(security); } else if (security.getAuthn().getSaml().isEnabled()) { config.saml = new SamlConfig(security); } else if (security.getAuthn().getLdap().isEnabled()) { config.ldap = new LdapConfig(security); } else if (security.getAuthn().getIap().isEnabled()) { config.google.iap = new IAPConfig(security); } if (security.getAuthn().getX509().isEnabled()) { config.x509 = new X509Config(security); } return config; } }
@Override protected GateConfig getGateConfig(ServiceSettings gate, Security security) { GateConfig config = new GateConfig(gate, security); if (security.getAuthn().getOauth2().isEnabled()) { config.security.oauth2 = security.getAuthn().getOauth2(); } else if (security.getAuthn().getSaml().isEnabled()) { config.saml = new SamlConfig(security); } else if (security.getAuthn().getLdap().isEnabled()) { config.ldap = new LdapConfig(security); } else if (security.getAuthn().getIap().isEnabled()) { config.google.iap = new IAPConfig(security); } if (security.getAuthn().getX509().isEnabled()) { config.x509 = new X509Config(security); } return config; } }