BFLOWS/bflows-bandi-be
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Updated config

Browse Source
This commit is contained in:
rajesh
2024-09-23 21:49:11 -07:00
parent d9c428262a
commit ab52e844d1
1 changed files with 36 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

65
src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java
View File

@@ -8,11 +8,14 @@ import java.security.PrivateKey;
import java.security.cert.CertificateFactory; import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate; import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec; import java.security.spec.PKCS8EncodedKeySpec;
import java.util.UUID;
import org.bouncycastle.util.io.pem.PemReader; import org.bouncycastle.util.io.pem.PemReader;
import org.opensaml.saml.common.SAMLVersion;
import org.opensaml.saml.common.xml.SAMLConstants; import org.opensaml.saml.common.xml.SAMLConstants;
import org.opensaml.saml.saml2.core.AuthnContextClassRef; import org.opensaml.saml.saml2.core.AuthnContextClassRef;
import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration; import org.opensaml.saml.saml2.core.AuthnContextComparisonTypeEnumeration;
import org.opensaml.saml.saml2.core.AuthnRequest;
import org.opensaml.saml.saml2.core.RequestedAuthnContext; import org.opensaml.saml.saml2.core.RequestedAuthnContext;
import org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder; import org.opensaml.saml.saml2.core.impl.AuthnContextClassRefBuilder;
import org.opensaml.saml.saml2.core.impl.RequestedAuthnContextBuilder; import org.opensaml.saml.saml2.core.impl.RequestedAuthnContextBuilder;
@@ -256,41 +259,45 @@ public class SecurityConfig {
return new InMemoryRelyingPartyRegistrationRepository(registration); return new InMemoryRelyingPartyRegistrationRepository(registration);
} }
@Bean
public Saml2AuthenticationRequestResolver authenticationRequestResolver(RelyingPartyRegistrationRepository registrations) {
RelyingPartyRegistrationResolver registrationResolver = new DefaultRelyingPartyRegistrationResolver(registrations);
OpenSaml4AuthenticationRequestResolver authenticationRequestResolver = new OpenSaml4AuthenticationRequestResolver(registrationResolver);
// Customize and log the AuthnRequest after setting the context @Bean
authenticationRequestResolver.setAuthnRequestCustomizer((context) -> { public Saml2AuthenticationRequestResolver authenticationRequestResolver(RelyingPartyRegistrationRepository registrations) {
context.getAuthnRequest().setRequestedAuthnContext(buildRequestedAuthnContext()); RelyingPartyRegistrationResolver registrationResolver = new DefaultRelyingPartyRegistrationResolver(registrations);
OpenSaml4AuthenticationRequestResolver authenticationRequestResolver = new OpenSaml4AuthenticationRequestResolver(registrationResolver);
// Log the SAML AuthnRequest after setting the authentication context
String samlRequest = SamlRequestLogger.convertSAMLObjectToString(context.getAuthnRequest());
logger.info("SAML AuthnRequest after setting context: " + samlRequest);
});
return authenticationRequestResolver; authenticationRequestResolver.setAuthnRequestCustomizer((context) -> {
} // Set the required attributes
AuthnRequest authnRequest = context.getAuthnRequest();
authnRequest.setID("_" + UUID.randomUUID().toString()); // Add a unique ID
authnRequest.setVersion(SAMLVersion.VERSION_20); // Ensure version is 2.0
authnRequest.setProtocolBinding(SAMLConstants.SAML2_POST_BINDING_URI); // HTTP-POST
// Set Authentication Context
authnRequest.setRequestedAuthnContext(buildRequestedAuthnContext());
private RequestedAuthnContext buildRequestedAuthnContext() { // Log the SAML AuthnRequest after setting context
AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder(); String samlRequest = SamlRequestLogger.convertSAMLObjectToString(authnRequest);
AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject( logger.info("SAML AuthnRequest after setting context: " + samlRequest);
SAMLConstants.SAML20_NS, AuthnContextClassRef.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX });
);
// Set the SPID Level 2 authentication context
authnContextClassRef.setURI("urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword");
RequestedAuthnContextBuilder requestedAuthnContextBuilder = new RequestedAuthnContextBuilder(); return authenticationRequestResolver;
RequestedAuthnContext requestedAuthnContext = requestedAuthnContextBuilder.buildObject(); }
requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
return requestedAuthnContext; private RequestedAuthnContext buildRequestedAuthnContext() {
} AuthnContextClassRefBuilder authnContextClassRefBuilder = new AuthnContextClassRefBuilder();
AuthnContextClassRef authnContextClassRef = authnContextClassRefBuilder.buildObject(
SAMLConstants.SAML20_NS, AuthnContextClassRef.DEFAULT_ELEMENT_LOCAL_NAME, SAMLConstants.SAML20_PREFIX
);
// Set the SPID Level 2 authentication context
authnContextClassRef.setURI("urn:oasis:names:tc:SAML:2.0:ac:classes:SecureRemotePassword");
RequestedAuthnContextBuilder requestedAuthnContextBuilder = new RequestedAuthnContextBuilder();
RequestedAuthnContext requestedAuthnContext = requestedAuthnContextBuilder.buildObject();
requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
return requestedAuthnContext;
}
public PrivateKey readPrivateKey() throws Exception { public PrivateKey readPrivateKey() throws Exception {
// Path to your private key PEM file // Path to your private key PEM file