BFLOWS/bflows-bandi-be
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated config

Browse Source
This commit is contained in:
rajesh
2024-09-23 21:49:11 -07:00
parent d9c428262a
commit ab52e844d1
1 changed files with 36 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java
View File

@@ -8,11 +8,14 @@ import java.security.PrivateKey;
import java.security.cert.CertificateFactory; import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.PKCS8EncodedKeySpec;
import java.util.UUID;
import org.bouncycastle.util.io.pem.PemReader; import org.bouncycastle.util.io.pem.PemReader;
import org.opensaml.saml.common.SAMLVersion;
import org.opensaml.saml.common.xml.SAMLConstants; import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.core.AuthnContextClassRef; import org.opensaml.saml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration; import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.RequestedAuthnContext; import org.opensaml.saml.saml2.core.RequestedAuthnContext;
import org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder; import org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder;
import org.opensaml.saml.saml2.core.impl.RequestedAuthnContextBuilder; import org.opensaml.saml.saml2.core.impl.RequestedAuthnContextBuilder;
@@ -256,30 +259,35 @@ public class SecurityConfig {
return new InMemoryRelyingPartyRegistrationRepository(registration); return new InMemoryRelyingPartyRegistrationRepository(registration);
} }
@Bean
public Saml2AuthenticationRequestResolver authenticationRequestResolver(RelyingPartyRegistrationRepository registrations) { @Bean
public Saml2AuthenticationRequestResolver authenticationRequestResolver(RelyingPartyRegistrationRepository registrations) {
RelyingPartyRegistrationResolver registrationResolver = new DefaultRelyingPartyRegistrationResolver(registrations); RelyingPartyRegistrationResolver registrationResolver = new DefaultRelyingPartyRegistrationResolver(registrations);
OpenSaml4AuthenticationRequestResolver authenticationRequestResolver = new OpenSaml4AuthenticationRequestResolver(registrationResolver); OpenSaml4AuthenticationRequestResolver authenticationRequestResolver = new OpenSaml4AuthenticationRequestResolver(registrationResolver);
// Customize and log the AuthnRequest after setting the context
authenticationRequestResolver.setAuthnRequestCustomizer((context) -> { authenticationRequestResolver.setAuthnRequestCustomizer((context) -> {
context.getAuthnRequest().setRequestedAuthnContext(buildRequestedAuthnContext()); // Set the required attributes
AuthnRequest authnRequest = context.getAuthnRequest();
authnRequest.setID("_" + UUID.randomUUID().toString()); // Add a unique ID
authnRequest.setVersion(SAMLVersion.VERSION_20); // Ensure version is 2.0
authnRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI); // HTTP-POST
// Log the SAML AuthnRequest after setting the authentication context // Set Authentication Context
String samlRequest = SamlRequestLogger.convertSAMLObjectToString(context.getAuthnRequest()); authnRequest.setRequestedAuthnContext(buildRequestedAuthnContext());
// Log the SAML AuthnRequest after setting context
String samlRequest = SamlRequestLogger.convertSAMLObjectToString(authnRequest);
logger.info("SAML AuthnRequest after setting context: " + samlRequest); logger.info("SAML AuthnRequest after setting context: " + samlRequest);
}); });
return authenticationRequestResolver; return authenticationRequestResolver;
} }
private RequestedAuthnContext buildRequestedAuthnContext() {
private RequestedAuthnContext buildRequestedAuthnContext() {
AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder(); AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject( AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject(
SAMLConstants.SAML20_NS, AuthnContextClassRef.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX SAMLConstants.SAML20_NS, AuthnContextClassRef.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX
); );
// Set the SPID Level 2 authentication context // Set the SPID Level 2 authentication context
authnContextClassRef.setURI("urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword"); authnContextClassRef.setURI("urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword");
@@ -289,8 +297,7 @@ public class SecurityConfig {
requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef); requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
return requestedAuthnContext; return requestedAuthnContext;
} }
public PrivateKey readPrivateKey() throws Exception { public PrivateKey readPrivateKey() throws Exception {
// Path to your private key PEM file // Path to your private key PEM file