Commit cdf14ae6 authored by michael.simon's avatar michael.simon
Browse files

Add IDP Debug page to view current status of IDP

parent 43368cdf
......@@ -90,7 +90,7 @@ public class IdpAdminIndexBean implements Serializable {
}
if (selectedIdp == null) {
selectedIdp = idpList.get(0);
selectedIdp = getIdpList().get(0);
}
}
......
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package edu.kit.scc.webreg.bean.idpadmn;
import java.io.ByteArrayInputStream;
import java.io.Serializable;
import java.security.cert.CertificateFactory;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import javax.faces.bean.ManagedBean;
import javax.faces.bean.ViewScoped;
import javax.faces.event.ComponentSystemEvent;
import javax.inject.Inject;
import org.apache.commons.codec.binary.Base64;
import org.opensaml.saml.saml2.metadata.EntityDescriptor;
import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
import org.opensaml.saml.saml2.metadata.KeyDescriptor;
import org.opensaml.xmlsec.signature.KeyInfo;
import org.opensaml.xmlsec.signature.X509Certificate;
import org.opensaml.xmlsec.signature.X509Data;
import org.slf4j.Logger;
import edu.kit.scc.webreg.entity.SamlIdpMetadataEntity;
import edu.kit.scc.webreg.entity.SamlUserEntity;
import edu.kit.scc.webreg.entity.UserEntity;
import edu.kit.scc.webreg.entity.identity.IdentityEntity;
import edu.kit.scc.webreg.service.RoleService;
import edu.kit.scc.webreg.service.SamlIdpMetadataService;
import edu.kit.scc.webreg.service.UserService;
import edu.kit.scc.webreg.service.identity.IdentityService;
import edu.kit.scc.webreg.service.saml.SamlHelper;
import edu.kit.scc.webreg.session.SessionManager;
@ManagedBean
@ViewScoped
public class IdpDebugIndexBean implements Serializable {
private static final long serialVersionUID = 1L;
@Inject
private Logger logger;
@Inject
private SessionManager session;
@Inject
private UserService userService;
@Inject
private IdentityService identityService;
@Inject
private SamlIdpMetadataService idpService;
@Inject
private SamlHelper samlHelper;
@Inject
private RoleService roleService;
private IdentityEntity identity;
private List<UserEntity> userList;
private List<SamlIdpMetadataEntity> idpList;
private SamlIdpMetadataEntity selectedIdp;
private SamlIdpMetadataEntity idp;
private EntityDescriptor entityDescriptor;
private IDPSSODescriptor idpssoDescriptor;
private Map<KeyDescriptor, List<java.security.cert.X509Certificate>> certMap;
public void preRenderView(ComponentSystemEvent ev) {
if (selectedIdp == null) {
selectedIdp = getIdpList().get(0);
}
}
public IdentityEntity getIdentity() {
if (identity == null) {
identity = identityService.findById(session.getIdentityId());
}
return identity;
}
public List<UserEntity> getUserList() {
if (userList == null) {
userList = new ArrayList<UserEntity>();
for (UserEntity user : userService.findByIdentity(getIdentity())) {
userList.add(userService.findByIdWithAttrs(user.getId(), "attributeStore", "roles"));
}
}
return userList;
}
public List<SamlIdpMetadataEntity> getIdpList() {
if (idpList == null) {
idpList = new ArrayList<SamlIdpMetadataEntity>();
for (UserEntity user : getUserList()) {
if (user instanceof SamlUserEntity) {
idpList.add(((SamlUserEntity) user).getIdp());
}
}
}
return idpList;
}
public SamlIdpMetadataEntity getSelectedIdp() {
return selectedIdp;
}
public void setSelectedIdp(SamlIdpMetadataEntity selectedIdp) {
if (selectedIdp != null && (! selectedIdp.equals(this.selectedIdp))) {
idp = null;
this.selectedIdp = selectedIdp;
}
}
public SamlIdpMetadataEntity getIdp() {
if (idp == null || (! idp.equals(getSelectedIdp()))) {
idp = idpService.findByIdWithAll(getSelectedIdp().getId());
certMap = new HashMap<KeyDescriptor, List<java.security.cert.X509Certificate>>();
entityDescriptor = samlHelper.unmarshal(idp.getEntityDescriptor(), EntityDescriptor.class);
idpssoDescriptor = (IDPSSODescriptor) entityDescriptor.getRoleDescriptors(IDPSSODescriptor.DEFAULT_ELEMENT_NAME).get(0);
}
return idp;
}
public List<java.security.cert.X509Certificate> getCert(KeyDescriptor kd) {
if (kd == null)
return null;
if (certMap.containsKey(kd))
return certMap.get(kd);
List<java.security.cert.X509Certificate> certList = new ArrayList<java.security.cert.X509Certificate>();
KeyInfo keyInfo = kd.getKeyInfo();
if (keyInfo == null)
return null;
for (X509Data x509 : keyInfo.getX509Datas()) {
for (X509Certificate x509cert : x509.getX509Certificates()) {
try {
String certValue = x509cert.getValue();
byte[] certBytes = Base64.decodeBase64(certValue.getBytes());
java.security.cert.X509Certificate crt = (java.security.cert.X509Certificate)
CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(certBytes));
certList.add(crt);
} catch (Exception e) {
String cause = "";
if (e.getCause() != null)
cause = e.getCause().getMessage();
logger.warn("Unable to parse Certificate: " + e.toString() + " cause: " + cause);
}
}
}
certMap.put(kd, certList);
return certList;
}
public EntityDescriptor getEntityDescriptor() {
return entityDescriptor;
}
public IDPSSODescriptor getIdpssoDescriptor() {
return idpssoDescriptor;
}
}
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:bw="http://www.scc.kit.edu/bwfacelets"
xmlns:p="http://primefaces.org/ui"
xmlns:of="http://omnifaces.org/functions">
<h:head>
<f:facet name="first">
<meta charset="utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=edge" />
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
<meta name="theme-color" content="#009682" />
<meta http-equiv="cleartype" content="on" />
<title>IDP Debug Infos</title>
</f:facet>
<h:outputScript library="javax.faces" name="jsf.js" target="head"/>
</h:head>
<h:body>
<f:view>
<f:metadata>
<f:event type="javax.faces.event.PreRenderViewEvent"
listener="#{idpDebugIndexBean.preRenderView}" />
</f:metadata>
<h:form id="form" class="full form">
<h2>IDP Debug Infos</h2>
<p:selectOneMenu value="#{idpDebugIndexBean.selectedIdp}"
converter="#{samlIdpMetadataConverter}">
<f:selectItems value="#{idpDebugIndexBean.idpList}"
var="idp" itemLabel="#{idp.entityId}" itemValue="#{idp}"/>
<f:ajax render=":form:idpDetailPanel" execute="@this" />
</p:selectOneMenu>
<p:tabView id="idpDetailPanel" dynamic="true" cache="false">
<p:tab id="tab1" title="#{messages.overview}">
<p:panelGrid id="baseData" columns="2">
<h:outputText value="#{messages.entity_id}:"/>
<h:outputText value="#{idpDebugIndexBean.idp.entityId}"/>
<h:outputText value="#{messages.status}:"/>
<h:outputText value="#{idpDebugIndexBean.idp.status}"/>
<h:outputText value="#{messages.name}:"/>
<h:outputText value="#{idpDebugIndexBean.idp.displayName}"/>
<h:outputText value="#{messages.information_url}:"/>
<h:outputText value="#{idpDebugIndexBean.idp.informationUrl}"/>
<h:outputText value="#{messages.org_name}:"/>
<h:outputText value="#{idpDebugIndexBean.idp.orgName}"/>
<h:outputText value="#{messages.description}:"/>
<h:outputText value="#{idpDebugIndexBean.idp.description}"/>
<h:outputText value="#{messages.scopes}:"/>
<h:panelGroup>
<ul>
<ui:repeat var="s" value="#{idpDebugIndexBean.idp.scopes.toArray()}">
<li><h:outputText value="#{s.scope} (is regex: #{s.regex})"/></li>
</ui:repeat>
</ul>
</h:panelGroup>
</p:panelGrid>
</p:tab>
</p:tabView>
</h:form>
</f:view>
</h:body>
</html>
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment