Added saml configation for production
This commit is contained in:
harish
@@ -49,6 +49,12 @@ public class SamlConfig {
|
||||
|
||||
@Value("${base-url}")
|
||||
String baseUrl;
|
||||
|
||||
@Value("${spid.ipd.base.url}")
|
||||
String ipdBaseUrl;
|
||||
|
||||
@Value("${active.profile.folder}")
|
||||
String activeProfileFolder;
|
||||
|
||||
@Bean
|
||||
public RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() {
|
||||
@@ -66,8 +72,8 @@ public class SamlConfig {
|
||||
}
|
||||
})
|
||||
.assertionConsumerServiceLocation(acsUrl)
|
||||
.assertingPartyDetails(details -> details.entityId("https://federatest.umbriadigitale.it/gw/metadata")
|
||||
.singleSignOnServiceLocation("https://federatest.umbriadigitale.it/gw/SSOProxy/SAML2")
|
||||
.assertingPartyDetails(details -> details.entityId(ipdBaseUrl + "/gw/metadata")
|
||||
.singleSignOnServiceLocation(ipdBaseUrl + "/gw/SSOProxy/SAML2")
|
||||
.singleSignOnServiceBinding(Saml2MessageBinding.POST)
|
||||
.wantAuthnRequestsSigned(true)
|
||||
.verificationX509Credentials(credentials -> {
|
||||
@@ -133,8 +139,8 @@ public Saml2AuthenticationRequestResolver authenticationRequestResolver(RelyingP
|
||||
authnRequest.setRequestedAuthnContext(buildRequestedAuthnContext());
|
||||
|
||||
// Log the SAML AuthnRequest after setting context
|
||||
// String samlRequest = SamlRequestLogger.convertSAMLObjectToString(authnRequest);
|
||||
logger.info("SAML Authentication Request.");
|
||||
String samlRequest = SamlRequestLogger.convertSAMLObjectToString(authnRequest);
|
||||
logger.info("SAML AuthnRequest after setting context: " + samlRequest);
|
||||
});
|
||||
|
||||
return authenticationRequestResolver;
|
||||
@@ -158,7 +164,7 @@ private RequestedAuthnContext buildRequestedAuthnContext() {
|
||||
|
||||
public PrivateKey readPrivateKey() throws Exception {
|
||||
// Path to your private key PEM file
|
||||
try (PemReader pemReader = new PemReader(new InputStreamReader(readKey("dev/saml/private-key.pem")))) {
|
||||
try (PemReader pemReader = new PemReader(new InputStreamReader(readKey(activeProfileFolder + "/saml/private-key.pem")))) {
|
||||
// Read the PEM content
|
||||
byte[] pemContent = pemReader.readPemObject().getContent();
|
||||
// Decode the PEM content
|
||||
@@ -170,7 +176,7 @@ private RequestedAuthnContext buildRequestedAuthnContext() {
|
||||
}
|
||||
public X509Certificate readCertificate() throws Exception {
|
||||
// Path to your certificate PEM fileFile
|
||||
try (InputStream inStream = readKey("dev/saml/public-cert.pem")) {
|
||||
try (InputStream inStream = readKey(activeProfileFolder + "/saml/public-cert.pem")) {
|
||||
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
|
||||
return (X509Certificate) certFactory.generateCertificate(inStream);
|
||||
}
|
||||
@@ -178,7 +184,7 @@ private RequestedAuthnContext buildRequestedAuthnContext() {
|
||||
|
||||
public X509Certificate readIdpCertificate() throws Exception {
|
||||
// Path to your IDP public certificate PEM file
|
||||
try (InputStream inStream = readKey("dev/saml/idp-certificate.pem")) {
|
||||
try (InputStream inStream = readKey(activeProfileFolder + "/saml/idp-certificate.pem")) {
|
||||
CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
|
||||
return (X509Certificate) certFactory.generateCertificate(inStream);
|
||||
}
|
||||
|
||||
@@ -45,6 +45,7 @@ public class SamlSuccessHandler implements AuthenticationSuccessHandler {
|
||||
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
|
||||
Authentication authentication) throws IOException {
|
||||
try {
|
||||
logger.info("SAML login in Authentication Success Handler");
|
||||
Saml2Authentication samlAuth = (Saml2Authentication) authentication;
|
||||
Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) samlAuth.getPrincipal();
|
||||
|
||||
|
||||
Reference in New Issue
Block a user