Added saml configation for production

src/main/java/net/gepafin/tendermanagement/config/SamlConfig.java

@@ -50,6 +50,12 @@ public class SamlConfig {
     @Value("${base-url}")
     String baseUrl;
     
+    @Value("${spid.ipd.base.url}")
+    String ipdBaseUrl;
+    
+    @Value("${active.profile.folder}")
+    String activeProfileFolder;
+
     @Bean
     public RelyingPartyRegistrationRepository relyingPartyRegistrationRepository() {
 
@@ -66,8 +72,8 @@ public class SamlConfig {
                     }
                 })
                 .assertionConsumerServiceLocation(acsUrl)
-                .assertingPartyDetails(details -> details.entityId("https://federatest.umbriadigitale.it/gw/metadata")
-                    .singleSignOnServiceLocation("https://federatest.umbriadigitale.it/gw/SSOProxy/SAML2")
+                .assertingPartyDetails(details -> details.entityId(ipdBaseUrl + "/gw/metadata")
+                    .singleSignOnServiceLocation(ipdBaseUrl + "/gw/SSOProxy/SAML2")
                     .singleSignOnServiceBinding(Saml2MessageBinding.POST)
                     .wantAuthnRequestsSigned(true)
                     .verificationX509Credentials(credentials -> {
@@ -158,7 +164,7 @@ private RequestedAuthnContext buildRequestedAuthnContext() {
     
     public PrivateKey readPrivateKey() throws Exception {
         // Path to your private key PEM file
-        try (PemReader pemReader = new PemReader(new InputStreamReader(readKey("dev/saml/private-key.pem")))) {
+        try (PemReader pemReader = new PemReader(new InputStreamReader(readKey(activeProfileFolder + "/saml/private-key.pem")))) {
             // Read the PEM content
             byte[] pemContent = pemReader.readPemObject().getContent();
             // Decode the PEM content
@@ -170,7 +176,7 @@ private RequestedAuthnContext buildRequestedAuthnContext() {
     }
     public X509Certificate readCertificate() throws Exception {
         // Path to your certificate PEM fileFile
-        try (InputStream inStream = readKey("dev/saml/public-cert.pem")) {
+        try (InputStream inStream = readKey(activeProfileFolder + "/saml/public-cert.pem")) {
             CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
             return (X509Certificate) certFactory.generateCertificate(inStream);
         }
@@ -178,7 +184,7 @@ private RequestedAuthnContext buildRequestedAuthnContext() {
     
     public X509Certificate readIdpCertificate() throws Exception {
         // Path to your IDP public certificate PEM file
-        try (InputStream inStream = readKey("dev/saml/idp-certificate.pem")) {
+        try (InputStream inStream = readKey(activeProfileFolder + "/saml/idp-certificate.pem")) {
             CertificateFactory certFactory = CertificateFactory.getInstance("X.509");
             return (X509Certificate) certFactory.generateCertificate(inStream);
         }

src/main/java/net/gepafin/tendermanagement/config/SamlSuccessHandler.java

@@ -45,6 +45,7 @@ public class SamlSuccessHandler implements AuthenticationSuccessHandler {
 	public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
 			Authentication authentication) throws IOException {
 		try {
+			logger.info("SAML login in Authentication Success Handler");
 			Saml2Authentication samlAuth = (Saml2Authentication) authentication;
 			Saml2AuthenticatedPrincipal principal = (Saml2AuthenticatedPrincipal) samlAuth.getPrincipal();
 

src/main/resources/application-production.properties

@@ -10,3 +10,7 @@ base-url=http://bandi-api.gepafin.it
 
 isVatCheckGloballyDisabled = false
 fe.base.url=http://gepafin-production-fe.s3-website.eu-central-1.amazonaws.com
+
+#SPID configuration
+spid.ipd.base.url=https://login.regione.umbria.it
+active.profile.folder=production

src/main/resources/application.properties

@@ -44,3 +44,7 @@ isVatCheckGloballyDisabled = true
 vatCheckNewToken: 66026bd891a51044e90e08c4
 fe.base.url=http://gepafin-staging-fe.s3-website.eu-central-1.amazonaws.com
 
+#SPID configuration
+spid.ipd.base.url=https://federatest.umbriadigitale.it
+active.profile.folder=dev
+

src/main/resources/production/saml/idp-certificate.pem

@@ -0,0 +1,3 @@
+-----BEGIN CERTIFICATE-----
+MIIHBzCCBe+gAwIBAgIQBa/5uQoACfZc0a+0cFPKaDANBgkqhkiG9w0BAQsFADBwMQswCQYDVQQG EwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3d3cuZGlnaWNlcnQuY29tMS8w LQYDVQQDEyZEaWdpQ2VydCBTSEEyIEhpZ2ggQXNzdXJhbmNlIFNlcnZlciBDQTAeFw0xNDAyMDMw MDAwMDBaFw0xNzAyMDcxMjAwMDBaMIGRMQswCQYDVQQGEwJJVDEOMAwGA1UECBMFSXRhbHkxEDAO BgNVBAcTB1BlcnVnaWExFzAVBgNVBAoTDlJlZ2lvbmUgVW1icmlhMSkwJwYDVQQLEyBTZXJ2aXpp byBJbmZyYXN0cnV0dHVyZSBEaWdpdGFsaTEcMBoGA1UEAwwTKi5yZWdpb25lLnVtYnJpYS5pdDCC ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALx+hg0/SsF+kpakHw24sO8LFawtMiILsEKS jLbqU8LjUcvDj50CVDa/jz21OwdBfCEB6SBVEKp0a61x5RZFKBUnL795y7Na56VWzqA0kyLg7QNn 73Tu0SJPRF0Hm+2ePLLypU+TkIFfC85GO5iXn82E5rb6XRA8blLj/GauQ0DSHkY3ZTQGGzN3La9a ZJ1Tl80cIATY10iuwQdVkLXRx8VriVrS4jVJOOl8vGJ4VWLVwGYUkhmwvoR/zfeNkSQe7USjHmdf Zm4lLMYZjLM0S2wJMRQbj3MscVBKaXMHc6POqMlKrgO1nRK4/1dRYtnJeMCK/uK/ms/MYpxIX2ZG G/MCAwEAAaOCA3kwggN1MB8GA1UdIwQYMBaAFFFo/5CvAgd1PMzZZWRiohK4WXI7MB0GA1UdDgQW BBShweIeUSOk3EJgXqB9164xrkURDDAxBgNVHREEKjAoghMqLnJlZ2lvbmUudW1icmlhLml0ghFy ZWdpb25lLnVtYnJpYS5pdDAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG AQUFBwMCMHUGA1UdHwRuMGwwNKAyoDCGLmh0dHA6Ly9jcmwzLmRpZ2ljZXJ0LmNvbS9zaGEyLWhh LXNlcnZlci1nMS5jcmwwNKAyoDCGLmh0dHA6Ly9jcmw0LmRpZ2ljZXJ0LmNvbS9zaGEyLWhhLXNl cnZlci1nMS5jcmwwggHEBgNVHSAEggG7MIIBtzCCAbMGCWCGSAGG/WwBATCCAaQwOgYIKwYBBQUH AgEWLmh0dHA6Ly93d3cuZGlnaWNlcnQuY29tL3NzbC1jcHMtcmVwb3NpdG9yeS5odG0wggFkBggr BgEFBQcCAjCCAVYeggFSAEEAbgB5ACAAdQBzAGUAIABvAGYAIAB0AGgAaQBzACAAQwBlAHIAdABp AGYAaQBjAGEAdABlACAAYwBvAG4AcwB0AGkAdAB1AHQAZQBzACAAYQBjAGMAZQBwAHQAYQBuAGMA ZQAgAG8AZgAgAHQAaABlACAARABpAGcAaQBDAGUAcgB0ACAAQwBQAC8AQwBQAFMAIABhAG4AZAAg AHQAaABlACAAUgBlAGwAeQBpAG4AZwAgAFAAYQByAHQAeQAgAEEAZwByAGUAZQBtAGUAbgB0ACAA dwBoAGkAYwBoACAAbABpAG0AaQB0ACAAbABpAGEAYgBpAGwAaQB0AHkAIABhAG4AZAAgAGEAcgBl ACAAaQBuAGMAbwByAHAAbwByAGEAdABlAGQAIABoAGUAcgBlAGkAbgAgAGIAeQAgAHIAZQBmAGUA cgBlAG4AYwBlAC4wgYMGCCsGAQUFBwEBBHcwdTAkBggrBgEFBQcwAYYYaHR0cDovL29jc3AuZGlM aWNlcnQuY29tME0GCCsGAQUFBzAChkFodHRwOi8vY2FjZXJ0cy5kaWdpY2VydC5jb20vRGlnaUNl cnRTSEEySGlnaEFzc3VyYW5jZVNlcnZlckNBLmNydDAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEB CwUAA4IBAQBPWrp7uoj9qX8h+7iGwyNOB7274/GDQZSqnk52FTQ3Qi8AzM7YV/tNDZG2j1Ran7vG /q214cqsv/gtyxSBfRR4/WgGCIylw5uZv35FsEC0lyAyPJGLKsZSMALqKkeBGQlzsmkNo7TyZgQV XMzoeuQz2mocC+ShpQjn4Uug/FptmbnYKCiKFShc0IAwAj5+U3kPmOhskml2tj+BTXDKpq4m9onY C8eN928I7tkJPvCYGDwdsBkf3EHyM/AUB4oZ/zcnT/8F7SoRfexmD9Eojslzs+hEMKkKg7M/UxJt ySAVQF/BznGvWiWfZtHrtvBCKgXsvUJ3h/7M/SqtRQnpNZ0C
+-----END CERTIFICATE-----

src/main/resources/production/saml/private-key.pem

@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCKHE1L4E95N6jG
+4bED1vd7c5ZMry6J0qIqojpHAzG1YIEtfL28twxBfN9voNhFL9TD6dGsfWDwYaa7
+LXyMAHLRi7pI+sH852d7sq3xRd1ynKDmt+cU+6kMlDtUPulkbzeU9Z0lGFuS9qJw
+CdjYliCuwUxwJsU3tVHTHlV8nAz5RaXw31Gl6u11QpgxLPeFP5AUWHzfduTA2Wr0
+5ePtx5iuMj1oIMv0o50DJaqGmCKtQAtGZMGSKIrtXhLerUAfEteH6M+6POzoKg0F
+ZyfLEiuqAE1Ymt16P5PLfTPjRHz4XRBCcd6a+iAAvIpG0yQE9dS7PfNtY1akk51J
+La150Ef1AgMBAAECggEAIH3MCX+58rCPekp6VIbsLhThVSUZc78j+5ey0iYEOcF8
+YnEoSg9eSMHR5vcWKiC4k2act1G/zo2KphprZJxuZrHSn3yuyoq+I7HDjjF7iY0j
+pWO6b4tNF/J/irBKRCCOGPM3hxSV5pszV9xZMYsQIUzEaNYWK6bymxJV1jz4KGRL
+w3nPIpeu8MwMZwOzQwz980bZ2vbr67Ft3GmsflKzM5SesmsW8ZyaYbVfHExvfQxV
+nsf9ya0PLQqE9Gi81xY1sVkL3V+niU+AXYZ3w/neuXPz6eaJrxlu4hFdJifWlrQV
+vW7mgfOmUuR/bEXr/1c95nZQykobrMqHCRVPpfesQQKBgQDCBrlYKD1XJXfXENnG
+32O3TksbxVtL0Eyw1lstp20j6txetHn3F/rx/SFy70J02r2jdFHeP/V1iLrEJ81/
+5QVpsA+Au5Oxwdfee/izUFqhXwSpgvtLoVypBUNcglw/qi2tCKrL10nb0i+bocoD
+PGaTIECJ0MWUxTX3SrzqC8XX2QKBgQC2OWw7gGu12eutQBHujTbaZXhjwv2QEBup
+UZcVYeVn8KrPrK5621aLgQXUq5Db7GoelB09SXOoqy04WZkYy5XeF+ULRtz0M5ZD
+cNgAaQXuuZZdxKWFVXbK1iliGJjcMkd9PEpx5BjM49Gq2r5n3FS5KK9A44iSPMbB
+IZoYWsIbfQKBgQCeME08itI4Etw6BAsKEWeDM9oYsjdVAGcGZj3AYxigiANTU2F9
+C5gVY4O56UgNbanfch6tTQga43ciJjFtbJOVL230TvqDmr8dLYX+7Cx4FLgAXEH1
+z4F0bE4XRlFftqe2w7I8rzIQfrVB9g51xPD8UvdLZWMxf/gXvl93klGjQQKBgQCw
+JWv5TJdR73jBPZjX50up68JndRrUwq1qjAMm2T3/roX/QCZdfl73dV4kiT/7R1oB
+ex2Um8cguW959Cpo7ItPZ/uxXevCZ4eOY6t5IgxpCp9OvwNdkxLE2iagu7Qvzq6K
+Ydh4pYxPqr2HkfHSxgpj/e8DI69l5TgfgxLJDhpqpQKBgAgSgck834l8lNZwVPa8
++Vi9nOtoWy7pyf8pv7sDEKcVkTmUU6+53eZoccW8AUu6ilL1PtrQ7cNPTJcUom80
+IVyJsVTQjDy17mj1DU8Fw15pjFWE4zRfQo9vondblJaxs9aIIG/6x9vDQVjN0hwe
+jTOz1k3Du8fEEpKQMgn97J/+
+-----END PRIVATE KEY-----

src/main/resources/production/saml/public-cert.pem

@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID7TCCAtWgAwIBAgIUQ2G093CKO3nbHlyw68f5998BIjkwDQYJKoZIhvcNAQEL
+BQAwgYUxCzAJBgNVBAYTAklUMQ4wDAYDVQQIDAVJdGFseTEQMA4GA1UEBwwHUGVy
+dWdpYTEQMA4GA1UECgwHR2VwYWZpbjELMAkGA1UECwwCSVQxEDAOBgNVBAMMB0dl
+cGFmaW4xIzAhBgkqhkiG9w0BCQEWFGMubW9yZXR0aUBnZXBhZmluLml0MB4XDTI0
+MTAwMTA5MjIwMloXDTI1MTAwMTA5MjIwMlowgYUxCzAJBgNVBAYTAklUMQ4wDAYD
+VQQIDAVJdGFseTEQMA4GA1UEBwwHUGVydWdpYTEQMA4GA1UECgwHR2VwYWZpbjEL
+MAkGA1UECwwCSVQxEDAOBgNVBAMMB0dlcGFmaW4xIzAhBgkqhkiG9w0BCQEWFGMu
+bW9yZXR0aUBnZXBhZmluLml0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAihxNS+BPeTeoxuGxA9b3e3OWTK8uidKiKqI6RwMxtWCBLXy9vLcMQXzfb6DY
+RS/Uw+nRrH1g8GGmuy18jABy0Yu6SPrB/Odne7Kt8UXdcpyg5rfnFPupDJQ7VD7p
+ZG83lPWdJRhbkvaicAnY2JYgrsFMcCbFN7VR0x5VfJwM+UWl8N9RpertdUKYMSz3
+hT+QFFh833bkwNlq9OXj7ceYrjI9aCDL9KOdAyWqhpgirUALRmTBkiiK7V4S3q1A
+HxLXh+jPujzs6CoNBWcnyxIrqgBNWJrdej+Ty30z40R8+F0QQnHemvogALyKRtMk
+BPXUuz3zbWNWpJOdSS2tedBH9QIDAQABo1MwUTAdBgNVHQ4EFgQUQ+GP6sby5ZQX
+KTgq0/MsCWfdcHcwHwYDVR0jBBgwFoAUQ+GP6sby5ZQXKTgq0/MsCWfdcHcwDwYD
+VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAWnzvIOhK4Z/GQA2H0jb+
+tkpPiwXucybEEOwQyb6+ErNGLjM7aj/HXJv70zibchmuPN5yd6C9dmrlajf/qLFz
+T+Dfy6zl3r0mNErcT/bgaJzVA87u0z2/DRP77XqwV23zDGK56bp8G2C1nZGq6x2k
+zswESJYBquXtBWNEJnreDKOLic9AucSyf8T0C9aeWhC8L0Hz4Bd825J2n54L4YZD
+ShkCDSdCOZVdaZNikRv+KyD1SI6HM3KeUNNknW6z7g2jb5PG4dn5U9+lpzOsfoYD
+QEBrNG8qFZ7k9DYzh8l1dTo9izSNmudaiyjhgFw+5DZ0pcrhti6h3hnPPysSA8q/
+Mg==
+-----END CERTIFICATE-----