Java Code Examples for org.springframework.security.saml.SAMLCredential#getAttributeAsString()

The following examples show how to use org.springframework.security.saml.SAMLCredential#getAttributeAsString() . You can vote up the ones you like or vote down the ones you don't like, and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
Source File: SAMLUserDetailsService.java    From kylin with Apache License 2.0 6 votes vote down vote up
@Override
public Object loadUserBySAML(SAMLCredential samlCredential) throws UsernameNotFoundException {
    final String userEmail = samlCredential.getAttributeAsString("email");
    logger.debug("samlCredential.email:" + userEmail);
    final String userName = userEmail.substring(0, userEmail.indexOf("@"));

    UserDetails userDetails = null;
    try {
        userDetails = ldapUserDetailsService.loadUserByUsername(userName);
        if (userDetails instanceof LdapUserDetailsImpl) {
            LdapUserDetailsImpl.Essence essence = new LdapUserDetailsImpl.Essence();
            essence.setDn(((LdapUserDetailsImpl) userDetails).getDn());
            essence.setUsername(userEmail);
            essence.setPassword(userDetails.getPassword());
            essence.setAuthorities(userDetails.getAuthorities());
            essence.setTimeBeforeExpiration(((LdapUserDetailsImpl) userDetails).getTimeBeforeExpiration());
            essence.setGraceLoginsRemaining(((LdapUserDetailsImpl) userDetails).getGraceLoginsRemaining());
            userDetails = essence.createUserDetails();
        }
    } catch (org.springframework.security.core.userdetails.UsernameNotFoundException e) {
        logger.error("User not found in LDAP, check whether he/she has been added to the groups.", e);
    }
    logger.debug("userDeail by search ldap with '" + userName + "' is: " + userDetails);
    return userDetails;
}
 
Example 2
Source File: SAMLUserDetailsService.java    From kylin-on-parquet-v2 with Apache License 2.0 5 votes vote down vote up
@Override
public Object loadUserBySAML(SAMLCredential samlCredential) throws UsernameNotFoundException {
    final String userEmail = samlCredential.getAttributeAsString("email");
    logger.debug("samlCredential.email:" + userEmail);
    final String userName = userEmail.substring(0, userEmail.indexOf("@"));

    UserDetails userDetails = null;
    try {
        userDetails = ldapUserDetailsService.loadUserByUsername(userName);
    } catch (org.springframework.security.core.userdetails.UsernameNotFoundException e) {
        logger.error("User not found in LDAP, check whether he/she has been added to the groups.", e);
    }
    logger.debug("userDeail by search ldap with '" + userName + "' is: " + userDetails);
    return userDetails;
}
 
Example 3
Source File: SAMLSimpleUserDetailsService.java    From kylin-on-parquet-v2 with Apache License 2.0 5 votes vote down vote up
@Override
public Object loadUserBySAML(SAMLCredential samlCredential) throws UsernameNotFoundException {
    final String userEmail = samlCredential.getAttributeAsString("email");
    logger.debug("samlCredential.email:" + userEmail);
    final String userName = userEmail.substring(0, userEmail.indexOf("@"));

    KylinUserManager userManager = KylinUserManager.getInstance(KylinConfig.getInstanceFromEnv());
    ManagedUser existUser = userManager.get(userName);
    // create if not exists
    if (existUser == null) {
        ManagedUser user = new ManagedUser(userName, NO_EXISTENCE_PASSWORD, true, defaultAuthorities);
        userManager.update(user);
    }
    return userManager.get(userName);
}
 
Example 4
Source File: SAMLSimpleUserDetailsService.java    From kylin with Apache License 2.0 5 votes vote down vote up
@Override
public Object loadUserBySAML(SAMLCredential samlCredential) throws UsernameNotFoundException {
    final String userEmail = samlCredential.getAttributeAsString("email");
    logger.debug("samlCredential.email:" + userEmail);
    KylinUserManager userManager = KylinUserManager.getInstance(KylinConfig.getInstanceFromEnv());
    ManagedUser existUser = userManager.get(userEmail);
    // create if not exists
    if (existUser == null) {
        ManagedUser user = new ManagedUser(userEmail, NO_EXISTENCE_PASSWORD, true, defaultAuthorities);
        userManager.update(user);
    }
    return userManager.get(userEmail);
}
 
Example 5
Source File: UserDetailsService.java    From Insights with Apache License 2.0 4 votes vote down vote up
@RequestMapping(value = "/insightsso/getUserDetail", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
public @ResponseBody JsonObject getUserDetail() {

	log.debug("Inside getUserDetail");
	Map<String, String> headersGrafana = new HashMap<String, String>();

	JsonObject jsonResponse = new JsonObject();

	try {
		SecurityContext context = SecurityContextHolder.getContext();
		Authentication auth = context.getAuthentication();
		SAMLCredential credentials = (SAMLCredential) auth.getCredentials();
		Object principal = auth.getPrincipal();
		String userid = credentials.getNameID().getValue();
		String givenname = credentials
				.getAttributeAsString("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname");

		headersGrafana.put(AuthenticationUtils.GRAFANA_WEBAUTH_USERKEY, userid);
		headersGrafana.put(AuthenticationUtils.GRAFANA_WEBAUTH_USERKEY_NAME, userid);
		headersGrafana.put(AuthenticationUtils.HEADER_COOKIES_KEY, "username=" + userid);
		String grafanaCurrentOrg = getGrafanaCurrentOrg(headersGrafana);
		jsonResponse.addProperty("grafanaOrg", grafanaCurrentOrg);
		String grafanaCurrentOrgRole = getCurrentOrgRole(headersGrafana, grafanaCurrentOrg);
		jsonResponse.addProperty("grafanaRole", grafanaCurrentOrgRole);

		jsonResponse.addProperty("insights-sso-token", userid);
		jsonResponse.addProperty("insights-sso-givenname", givenname);
		jsonResponse.addProperty("postLogoutURL", ApplicationConfigProvider.getInstance().getSingleSignOnConfig().getPostLogoutURL());

		String jToken = tokenProviderUtility.createToken(userid);
		jsonResponse.addProperty("jtoken", jToken);

		// set Authority to spring context
		List<GrantedAuthority> updatedAuthorities = new ArrayList<GrantedAuthority>();
		updatedAuthorities.add(AuthenticationUtils.getSpringAuthorityRole(grafanaCurrentOrgRole));

		Date expDate = new Date(System.currentTimeMillis() + 60 * 60 * 1000);
		ExpiringUsernameAuthenticationToken autharization = new ExpiringUsernameAuthenticationToken(expDate,
				principal, auth.getCredentials(), updatedAuthorities);
		SecurityContextHolder.getContext().setAuthentication(autharization);
		Authentication auth2 = SecurityContextHolder.getContext().getAuthentication();
		auth2.getAuthorities().forEach(a -> log.debug("GrantedAuthority  " + a.getAuthority().toString()));

		httpRequest.setAttribute("responseHeaders", jsonResponse);
	} catch (Exception e) {
		log.error("Error in SSO Cookie {} ", e);
		return PlatformServiceUtil.buildFailureResponse("Error in SSO Cookie " + e);
	}
	return PlatformServiceUtil.buildSuccessResponseWithData(jsonResponse);
}
 
Example 6
Source File: EppnSamlFilter.java    From sakai with Educational Community License v2.0 4 votes vote down vote up
@Override
public Object loadUserBySAML(SAMLCredential cred) throws UsernameNotFoundException {
        // https://www.incommon.org/federation/attributesummary.html
        return cred.getAttributeAsString("urn:oid:1.3.6.1.4.1.5923.1.1.1.6");
}
 
Example 7
Source File: UpnSamlFilter.java    From sakai with Educational Community License v2.0 4 votes vote down vote up
@Override
public Object loadUserBySAML(SAMLCredential cred) throws UsernameNotFoundException {
        // https://www.incommon.org/federation/attributesummary.html	
        return cred.getAttributeAsString("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn");
}
 
Example 8
Source File: EppnSamlFilter.java    From sakai with Educational Community License v2.0 4 votes vote down vote up
@Override
public Object loadUserBySAML(SAMLCredential cred) throws UsernameNotFoundException {
        // https://www.incommon.org/federation/attributesummary.html
        return cred.getAttributeAsString("urn:oid:1.3.6.1.4.1.5923.1.1.1.6");
}
 
Example 9
Source File: UpnSamlFilter.java    From sakai with Educational Community License v2.0 4 votes vote down vote up
@Override
public Object loadUserBySAML(SAMLCredential cred) throws UsernameNotFoundException {
        // https://www.incommon.org/federation/attributesummary.html	
        return cred.getAttributeAsString("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn");
}