Updated config
This commit is contained in:
rajesh
@@ -8,11 +8,14 @@ import java.security.PrivateKey;
|
|||||||
import java.security.cert.CertificateFactory;
|
import java.security.cert.CertificateFactory;
|
||||||
import java.security.cert.X509Certificate;
|
import java.security.cert.X509Certificate;
|
||||||
import java.security.spec.PKCS8EncodedKeySpec;
|
import java.security.spec.PKCS8EncodedKeySpec;
|
||||||
|
import java.util.UUID;
|
||||||
|
|
||||||
import org.bouncycastle.util.io.pem.PemReader;
|
import org.bouncycastle.util.io.pem.PemReader;
|
||||||
|
import org.opensaml.saml.common.SAMLVersion;
|
||||||
import org.opensaml.saml.common.xml.SAMLConstants;
|
import org.opensaml.saml.common.xml.SAMLConstants;
|
||||||
import org.opensaml.saml.saml2.core.AuthnContextClassRef;
|
import org.opensaml.saml.saml2.core.AuthnContextClassRef;
|
||||||
import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
|
import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
|
||||||
|
import org.opensaml.saml.saml2.core.AuthnRequest;
|
||||||
import org.opensaml.saml.saml2.core.RequestedAuthnContext;
|
import org.opensaml.saml.saml2.core.RequestedAuthnContext;
|
||||||
import org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder;
|
import org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder;
|
||||||
import org.opensaml.saml.saml2.core.impl.RequestedAuthnContextBuilder;
|
import org.opensaml.saml.saml2.core.impl.RequestedAuthnContextBuilder;
|
||||||
@@ -256,30 +259,35 @@ public class SecurityConfig {
|
|||||||
return new InMemoryRelyingPartyRegistrationRepository(registration);
|
return new InMemoryRelyingPartyRegistrationRepository(registration);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
@Bean
|
@Bean
|
||||||
public Saml2AuthenticationRequestResolver authenticationRequestResolver(RelyingPartyRegistrationRepository registrations) {
|
public Saml2AuthenticationRequestResolver authenticationRequestResolver(RelyingPartyRegistrationRepository registrations) {
|
||||||
RelyingPartyRegistrationResolver registrationResolver = new DefaultRelyingPartyRegistrationResolver(registrations);
|
RelyingPartyRegistrationResolver registrationResolver = new DefaultRelyingPartyRegistrationResolver(registrations);
|
||||||
OpenSaml4AuthenticationRequestResolver authenticationRequestResolver = new OpenSaml4AuthenticationRequestResolver(registrationResolver);
|
OpenSaml4AuthenticationRequestResolver authenticationRequestResolver = new OpenSaml4AuthenticationRequestResolver(registrationResolver);
|
||||||
|
|
||||||
// Customize and log the AuthnRequest after setting the context
|
|
||||||
authenticationRequestResolver.setAuthnRequestCustomizer((context) -> {
|
authenticationRequestResolver.setAuthnRequestCustomizer((context) -> {
|
||||||
context.getAuthnRequest().setRequestedAuthnContext(buildRequestedAuthnContext());
|
// Set the required attributes
|
||||||
|
AuthnRequest authnRequest = context.getAuthnRequest();
|
||||||
|
authnRequest.setID("_" + UUID.randomUUID().toString()); // Add a unique ID
|
||||||
|
authnRequest.setVersion(SAMLVersion.VERSION_20); // Ensure version is 2.0
|
||||||
|
authnRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI); // HTTP-POST
|
||||||
|
|
||||||
// Log the SAML AuthnRequest after setting the authentication context
|
// Set Authentication Context
|
||||||
String samlRequest = SamlRequestLogger.convertSAMLObjectToString(context.getAuthnRequest());
|
authnRequest.setRequestedAuthnContext(buildRequestedAuthnContext());
|
||||||
|
|
||||||
|
// Log the SAML AuthnRequest after setting context
|
||||||
|
String samlRequest = SamlRequestLogger.convertSAMLObjectToString(authnRequest);
|
||||||
logger.info("SAML AuthnRequest after setting context: " + samlRequest);
|
logger.info("SAML AuthnRequest after setting context: " + samlRequest);
|
||||||
});
|
});
|
||||||
|
|
||||||
return authenticationRequestResolver;
|
return authenticationRequestResolver;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
private RequestedAuthnContext buildRequestedAuthnContext() {
|
private RequestedAuthnContext buildRequestedAuthnContext() {
|
||||||
AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
|
AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
|
||||||
AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject(
|
AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject(
|
||||||
SAMLConstants.SAML20_NS, AuthnContextClassRef.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX
|
SAMLConstants.SAML20_NS, AuthnContextClassRef.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX
|
||||||
);
|
);
|
||||||
|
|
||||||
// Set the SPID Level 2 authentication context
|
// Set the SPID Level 2 authentication context
|
||||||
authnContextClassRef.setURI("urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword");
|
authnContextClassRef.setURI("urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword");
|
||||||
|
|
||||||
@@ -291,7 +299,6 @@ public class SecurityConfig {
|
|||||||
return requestedAuthnContext;
|
return requestedAuthnContext;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
public PrivateKey readPrivateKey() throws Exception {
|
public PrivateKey readPrivateKey() throws Exception {
|
||||||
// Path to your private key PEM file
|
// Path to your private key PEM file
|
||||||
try (PemReader pemReader = new PemReader(new InputStreamReader(readKey("dev/saml/private-key.pem")))) {
|
try (PemReader pemReader = new PemReader(new InputStreamReader(readKey("dev/saml/private-key.pem")))) {
|
||||||
|
|||||||
Reference in New Issue
Block a user