BFLOWS/bflows-bandi-be
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated config

Browse Source
This commit is contained in:
rajesh
2024-09-24 17:06:32 -07:00
parent aabb7ae551
commit 2777489550
1 changed files with 48 additions and 59 deletions
Download Patch File Download Diff File Expand all files Collapse all files

93
src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java
View File

@@ -11,8 +11,11 @@ import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.PKCS8EncodedKeySpec;
import java.time.Instant; import java.time.Instant;
import java.util.List;
import java.util.Map;
import java.util.UUID; import java.util.UUID;
import org.apache.xml.security.Init;
import org.bouncycastle.util.io.pem.PemReader; import org.bouncycastle.util.io.pem.PemReader;
import org.opensaml.core.config.InitializationService; import org.opensaml.core.config.InitializationService;
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport; import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
@@ -47,6 +50,8 @@ import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.saml2.core.Saml2X509Credential; import org.springframework.security.saml2.core.Saml2X509Credential;
import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticatedPrincipal;
import org.springframework.security.saml2.provider.service.authentication.Saml2Authentication;
import org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository; import org.springframework.security.saml2.provider.service.registration.InMemoryRelyingPartyRegistrationRepository;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration; import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository; import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
@@ -65,7 +70,7 @@ import org.springframework.web.filter.CorsFilter;
import org.springframework.web.servlet.handler.HandlerMappingIntrospector; import org.springframework.web.servlet.handler.HandlerMappingIntrospector;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
import org.apache.xml.security.Init;
import io.swagger.v3.oas.models.Components; import io.swagger.v3.oas.models.Components;
import io.swagger.v3.oas.models.OpenAPI; import io.swagger.v3.oas.models.OpenAPI;
import io.swagger.v3.oas.models.security.SecurityRequirement; import io.swagger.v3.oas.models.security.SecurityRequirement;
@@ -184,70 +189,54 @@ public class SecurityConfig {
.saml2Login(saml -> .saml2Login(saml ->
saml.defaultSuccessUrl("/") saml.defaultSuccessUrl("/")
.successHandler((request, response, authentication) -> { .successHandler((request, response, authentication) -> {
logger.error("SAML success login");
SamlResponseLogEntity samlResponseLogEntity = new SamlResponseLogEntity();
samlResponseLogEntity.setRequest(request.toString());
samlResponseLogEntity.setResponse(response.toString());
samlResponseLogEntity.setAuthenticationObject(authentication.toString());
samlResponseLogRepository.save(samlResponseLogEntity);
try { try {
// Cast the authentication object to Saml2Authentication
Saml2Authentication samlAuth = (Saml2Authentication) authentication;
Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) samlAuth.getPrincipal();
// Extract the user attributes from the principal
Map<String, List<Object>> userAttributes = principal.getAttributes();
// Log the user attributes for debugging purposes
logger.info("SAML User Attributes: " + userAttributes);
// Save the authentication details in the database (Optional)
SamlResponseLogEntity samlResponseLogEntity = new SamlResponseLogEntity();
samlResponseLogEntity.setAuthenticationObject(authentication.toString());
// Convert user attributes to JSON and save in DB
ObjectMapper objectMapper = new ObjectMapper(); ObjectMapper objectMapper = new ObjectMapper();
// Create a new SAML log entity String userAttributesJson = objectMapper.writeValueAsString(userAttributes);
SamlResponseLogEntity samlResponseLogEntity1 = new SamlResponseLogEntity(); samlResponseLogEntity.setAuthenticationObject(userAttributesJson);
samlResponseLogRepository.save(samlResponseLogEntity);
// Convert request, response, and authentication to JSON format // Successful login logic
String requestJson = objectMapper.writeValueAsString(request.getParameterMap()); // Assuming request params to JSON logger.info("SAML login successful for user: " + principal.getName());
String responseJson = objectMapper.writeValueAsString(response); // This may need to be adapted based on your response object response.sendRedirect("http://gepafin-staging-fe.s3-website.eu-central-1.amazonaws.com/login");
String authenticationJson = objectMapper.writeValueAsString(authentication); // Authentication object to JSON } catch (Exception e) {
logger.error("Error processing SAML success handler", e);
// Set the JSON strings in the entity
samlResponseLogEntity1.setRequest(requestJson);
samlResponseLogEntity1.setResponse(responseJson);
samlResponseLogEntity1.setAuthenticationObject(authenticationJson);
samlResponseLogRepository.save(samlResponseLogEntity1);
logger.info("SAML Request: " + requestJson);
logger.info("SAML Response: " + responseJson);
logger.info("Authentication Details: " + authenticationJson);
}catch(Exception e) {
logger.info("Exception object" + e);
} }
// samlResponseLogRepository })
logger.info("SAML login successful for user: " + authentication.getName()); .failureHandler((request, response, exception) -> {
response.sendRedirect("http://gepafin-staging-fe.s3-website.eu-central-1.amazonaws.com/"); try {
}).failureHandler((request, response, exception) -> {
logger.error("SAML login failed: " + exception.getMessage()); logger.error("SAML login failed: " + exception.getMessage());
// Log the failure details to the database (Optional)
SamlResponseLogEntity samlResponseLogEntity = new SamlResponseLogEntity(); SamlResponseLogEntity samlResponseLogEntity = new SamlResponseLogEntity();
samlResponseLogEntity.setRequest(request.toString()); samlResponseLogEntity.setRequest(request.toString());
samlResponseLogEntity.setResponse(response.toString()); samlResponseLogEntity.setResponse(response.toString());
samlResponseLogEntity.setExceptionObject(exception.toString()); samlResponseLogEntity.setExceptionObject(exception.toString());
samlResponseLogRepository.save(samlResponseLogEntity); samlResponseLogRepository.save(samlResponseLogEntity);
try {
ObjectMapper objectMapper = new ObjectMapper();
// Create a new SAML log entity // Handle failure redirection
SamlResponseLogEntity samlResponseLogEntity1 = new SamlResponseLogEntity();
// Convert request, response, and authentication to JSON format
String requestJson = objectMapper.writeValueAsString(request.getParameterMap()); // Assuming request params to JSON
String responseJson = objectMapper.writeValueAsString(response); // This may need to be adapted based on your response object
String exceptionJson = objectMapper.writeValueAsString(exception); // Authentication object to JSON
// Set the JSON strings in the entity
samlResponseLogEntity1.setRequest(requestJson);
samlResponseLogEntity1.setResponse(responseJson);
samlResponseLogEntity1.setAuthenticationObject(exceptionJson);
samlResponseLogRepository.save(samlResponseLogEntity1);
logger.info("SAML Request: " + requestJson);
logger.info("SAML Response: " + responseJson);
logger.info("exception Details: " + exceptionJson);
}catch(Exception e) {
logger.info("Exception object" + e);
}
response.sendRedirect("http://gepafin-staging-fe.s3-website.eu-central-1.amazonaws.com/login"); response.sendRedirect("http://gepafin-staging-fe.s3-website.eu-central-1.amazonaws.com/login");
})); } catch (Exception e) {
logger.error("Error processing SAML failure handler", e);
}
})
);
return http.build(); return http.build();
} }