Commit fb9e754a authored by michael.simon's avatar michael.simon
Browse files

more changes regarding AA

parent ae3704c6
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package edu.kit.scc.webreg.dao;
import java.util.List;
import edu.kit.scc.webreg.entity.FederationEntity;
import edu.kit.scc.webreg.entity.SamlAAMetadataEntity;
import edu.kit.scc.webreg.entity.SamlMetadataEntityStatus;
import edu.kit.scc.webreg.entity.SamlSpMetadataEntity;
public interface SamlAAMetadataDao extends BaseDao<SamlAAMetadataEntity, Long> {
List<SamlAAMetadataEntity> findAllByFederation(FederationEntity federation);
List<SamlAAMetadataEntity> findAllByFederationOrderByOrgname(
FederationEntity federation);
SamlAAMetadataEntity findByEntityId(String entityId);
SamlAAMetadataEntity findByScope(String scope);
SamlAAMetadataEntity findByIdWithAll(Long id);
List<SamlAAMetadataEntity> findAllByStatusOrderedByOrgname(
SamlMetadataEntityStatus status);
}
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package edu.kit.scc.webreg.dao;
import java.util.List;
import edu.kit.scc.webreg.entity.FederationEntity;
import edu.kit.scc.webreg.entity.SamlMetadataEntityStatus;
import edu.kit.scc.webreg.entity.SamlSpMetadataEntity;
public interface SamlSpMetadataDao extends BaseDao<SamlSpMetadataEntity, Long> {
List<SamlSpMetadataEntity> findAllByFederation(FederationEntity federation);
List<SamlSpMetadataEntity> findAllByFederationOrderByOrgname(
FederationEntity federation);
SamlSpMetadataEntity findByEntityId(String entityId);
SamlSpMetadataEntity findByScope(String scope);
SamlSpMetadataEntity findByIdWithAll(Long id);
List<SamlSpMetadataEntity> findAllByStatusOrderedByOrgname(
SamlMetadataEntityStatus status);
}
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package edu.kit.scc.webreg.dao.jpa;
import java.util.List;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Named;
import javax.persistence.NoResultException;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.JoinType;
import javax.persistence.criteria.Root;
import edu.kit.scc.webreg.dao.SamlAAMetadataDao;
import edu.kit.scc.webreg.entity.FederationEntity;
import edu.kit.scc.webreg.entity.SamlAAMetadataEntity;
import edu.kit.scc.webreg.entity.SamlMetadataEntityStatus;
@Named
@ApplicationScoped
public class JpaSamlAAMetadataDao extends JpaBaseDao<SamlAAMetadataEntity, Long> implements SamlAAMetadataDao {
@Override
public SamlAAMetadataEntity findByIdWithAll(Long id) {
CriteriaBuilder builder = em.getCriteriaBuilder();
CriteriaQuery<SamlAAMetadataEntity> criteria = builder.createQuery(SamlAAMetadataEntity.class);
Root<SamlAAMetadataEntity> user = criteria.from(SamlAAMetadataEntity.class);
criteria.where(builder.equal(user.get("id"), id));
criteria.select(user);
criteria.distinct(true);
user.fetch("scopes", JoinType.LEFT);
user.fetch("genericStore", JoinType.LEFT);
user.fetch("federations", JoinType.LEFT);
try {
return em.createQuery(criteria).getSingleResult();
}
catch (NoResultException e) {
return null;
}
}
@SuppressWarnings("unchecked")
@Override
public List<SamlAAMetadataEntity> findAllByFederation(FederationEntity federation) {
return em.createQuery(
"select distinct e from SamlAAMetadataEntity e join e.federations f where f = :fed")
.setParameter("fed", federation).getResultList();
}
@SuppressWarnings("unchecked")
@Override
public List<SamlAAMetadataEntity> findAllByStatusOrderedByOrgname(SamlMetadataEntityStatus status) {
return em.createQuery(
"select distinct e from SamlAAMetadataEntity e where e.status = :status order by e.orgName asc")
.setParameter("status", status).getResultList();
}
@Override
public SamlAAMetadataEntity findByEntityId(String entityId) {
CriteriaBuilder builder = em.getCriteriaBuilder();
CriteriaQuery<SamlAAMetadataEntity> criteria = builder.createQuery(SamlAAMetadataEntity.class);
Root<SamlAAMetadataEntity> root = criteria.from(SamlAAMetadataEntity.class);
criteria.where(
builder.equal(root.get("entityId"), entityId));
criteria.select(root);
List<SamlAAMetadataEntity> idps = em.createQuery(criteria).getResultList();
if (idps.size() < 1)
return null;
else
return idps.get(0);
}
@Override
@SuppressWarnings("unchecked")
public SamlAAMetadataEntity findByScope(String scope) {
List<SamlAAMetadataEntity> idpList = em.createQuery(
"select e from SamlAAMetadataEntity as e join e.scopes as s where s.scope = :scope")
.setParameter("scope", scope).getResultList();
/*
* Always return first idp found for scope. Could be more than one.
*/
if (idpList.size() == 0)
return null;
else
return idpList.get(0);
}
@SuppressWarnings("unchecked")
@Override
public List<SamlAAMetadataEntity> findAllByFederationOrderByOrgname(FederationEntity federation) {
return em.createQuery(
"select distinct e from SamlAAMetadataEntity e join e.federations f where f = :fed order by e.orgName asc")
.setParameter("fed", federation).getResultList();
}
@Override
public Class<SamlAAMetadataEntity> getEntityClass() {
return SamlAAMetadataEntity.class;
}
}
/*******************************************************************************
* Copyright (c) 2014 Michael Simon.
* All rights reserved. This program and the accompanying materials
* are made available under the terms of the GNU Public License v3.0
* which accompanies this distribution, and is available at
* http://www.gnu.org/licenses/gpl.html
*
* Contributors:
* Michael Simon - initial
******************************************************************************/
package edu.kit.scc.webreg.dao.jpa;
import java.util.List;
import javax.enterprise.context.ApplicationScoped;
import javax.inject.Named;
import javax.persistence.NoResultException;
import javax.persistence.criteria.CriteriaBuilder;
import javax.persistence.criteria.CriteriaQuery;
import javax.persistence.criteria.JoinType;
import javax.persistence.criteria.Root;
import edu.kit.scc.webreg.dao.SamlSpMetadataDao;
import edu.kit.scc.webreg.entity.FederationEntity;
import edu.kit.scc.webreg.entity.SamlMetadataEntityStatus;
import edu.kit.scc.webreg.entity.SamlSpMetadataEntity;
@Named
@ApplicationScoped
public class JpaSamlSpMetadataDao extends JpaBaseDao<SamlSpMetadataEntity, Long> implements SamlSpMetadataDao {
@Override
public SamlSpMetadataEntity findByIdWithAll(Long id) {
CriteriaBuilder builder = em.getCriteriaBuilder();
CriteriaQuery<SamlSpMetadataEntity> criteria = builder.createQuery(SamlSpMetadataEntity.class);
Root<SamlSpMetadataEntity> user = criteria.from(SamlSpMetadataEntity.class);
criteria.where(builder.equal(user.get("id"), id));
criteria.select(user);
criteria.distinct(true);
user.fetch("scopes", JoinType.LEFT);
user.fetch("genericStore", JoinType.LEFT);
user.fetch("federations", JoinType.LEFT);
try {
return em.createQuery(criteria).getSingleResult();
}
catch (NoResultException e) {
return null;
}
}
@SuppressWarnings("unchecked")
@Override
public List<SamlSpMetadataEntity> findAllByFederation(FederationEntity federation) {
return em.createQuery(
"select distinct e from SamlSpMetadataEntity e join e.federations f where f = :fed")
.setParameter("fed", federation).getResultList();
}
@SuppressWarnings("unchecked")
@Override
public List<SamlSpMetadataEntity> findAllByStatusOrderedByOrgname(SamlMetadataEntityStatus status) {
return em.createQuery(
"select distinct e from SamlSpMetadataEntity e where e.status = :status order by e.orgName asc")
.setParameter("status", status).getResultList();
}
@Override
public SamlSpMetadataEntity findByEntityId(String entityId) {
CriteriaBuilder builder = em.getCriteriaBuilder();
CriteriaQuery<SamlSpMetadataEntity> criteria = builder.createQuery(SamlSpMetadataEntity.class);
Root<SamlSpMetadataEntity> root = criteria.from(SamlSpMetadataEntity.class);
criteria.where(
builder.equal(root.get("entityId"), entityId));
criteria.select(root);
List<SamlSpMetadataEntity> idps = em.createQuery(criteria).getResultList();
if (idps.size() < 1)
return null;
else
return idps.get(0);
}
@Override
@SuppressWarnings("unchecked")
public SamlSpMetadataEntity findByScope(String scope) {
List<SamlSpMetadataEntity> idpList = em.createQuery(
"select e from SamlSpMetadataEntity as e join e.scopes as s where s.scope = :scope")
.setParameter("scope", scope).getResultList();
/*
* Always return first idp found for scope. Could be more than one.
*/
if (idpList.size() == 0)
return null;
else
return idpList.get(0);
}
@SuppressWarnings("unchecked")
@Override
public List<SamlSpMetadataEntity> findAllByFederationOrderByOrgname(FederationEntity federation) {
return em.createQuery(
"select distinct e from SamlSpMetadataEntity e join e.federations f where f = :fed order by e.orgName asc")
.setParameter("fed", federation).getResultList();
}
@Override
public Class<SamlSpMetadataEntity> getEntityClass() {
return SamlSpMetadataEntity.class;
}
}
......@@ -24,18 +24,21 @@ import org.opensaml.saml2.metadata.EntitiesDescriptor;
import org.opensaml.saml2.metadata.EntityDescriptor;
import org.slf4j.Logger;
import edu.kit.scc.webreg.bootstrap.ApplicationConfig;
import edu.kit.scc.webreg.dao.BaseDao;
import edu.kit.scc.webreg.dao.FederationDao;
import edu.kit.scc.webreg.dao.SamlAAMetadataDao;
import edu.kit.scc.webreg.dao.SamlIdpMetadataDao;
import edu.kit.scc.webreg.dao.SamlIdpScopeDao;
import edu.kit.scc.webreg.dao.SamlSpMetadataDao;
import edu.kit.scc.webreg.drools.KnowledgeSessionService;
import edu.kit.scc.webreg.entity.BusinessRulePackageEntity;
import edu.kit.scc.webreg.entity.FederationEntity;
import edu.kit.scc.webreg.entity.SamlAAMetadataEntity;
import edu.kit.scc.webreg.entity.SamlIdpMetadataEntity;
import edu.kit.scc.webreg.entity.SamlIdpScopeEntity;
import edu.kit.scc.webreg.entity.SamlMetadataEntityStatus;
import edu.kit.scc.webreg.entity.SamlSpMetadataEntity;
import edu.kit.scc.webreg.service.FederationService;
import edu.kit.scc.webreg.service.SamlIdpMetadataService;
import edu.kit.scc.webreg.service.SamlIdpScopeService;
import edu.kit.scc.webreg.service.saml.MetadataHelper;
import edu.kit.scc.webreg.service.saml.SamlHelper;
......@@ -51,10 +54,16 @@ public class FederationServiceImpl extends BaseServiceImpl<FederationEntity, Lon
private FederationDao dao;
@Inject
private SamlIdpMetadataService idpService;
private SamlIdpMetadataDao idpDao;
@Inject
private SamlIdpScopeService idpScopeService;
private SamlIdpScopeDao idpScopeDao;
@Inject
private SamlSpMetadataDao spDao;
@Inject
private SamlAAMetadataDao aaDao;
@Inject
private KnowledgeSessionService knowledgeSessionService;
......@@ -70,33 +79,16 @@ public class FederationServiceImpl extends BaseServiceImpl<FederationEntity, Lon
logger.info("Starting updateFederation for federation {}", entity.getName());
EntitiesDescriptor entities = metadataHelper.fetchMetadata(entity.getFederationMetadataUrl());
List<EntityDescriptor> tempEntityList = metadataHelper.convertEntitiesDescriptor(entities);
logger.debug("Got entity List size {}", tempEntityList.size());
List<EntityDescriptor> entityList = metadataHelper.convertEntitiesDescriptor(entities);
logger.debug("Got entity List size {}", entityList.size());
List<EntityDescriptor> entityList = new ArrayList<EntityDescriptor>();
if (entity.getFetchIdps()) {
logger.debug("Getting IDPs");
entityList.addAll(metadataHelper.filterIdps(tempEntityList));
}
if (entity.getFetchSps()) {
logger.debug("Getting SPs");
entityList.addAll(metadataHelper.filterSps(tempEntityList));
}
if (entity.getFetchAAs()) {
logger.debug("Getting AAs");
entityList.addAll(metadataHelper.filterAAs(tempEntityList));
}
if ((entity.getEntityCategoryFilter() != null) && (! entity.getEntityCategoryFilter().equals(""))) {
logger.debug("Filtering entity category: {}", entity.getEntityCategoryFilter());
entityList = metadataHelper.filterEntityCategory(entityList, entity.getEntityCategoryFilter());
}
logger.debug("Got Entity List size {}", entityList.size());
if (entity.getEntityFilterRulePackage() != null) {
long a = System.currentTimeMillis();
......@@ -125,24 +117,187 @@ public class FederationServiceImpl extends BaseServiceImpl<FederationEntity, Lon
logger.debug("Got IDP entity List size {}", entityList.size());
}
List<EntityDescriptor> idpList = new ArrayList<EntityDescriptor>();
List<EntityDescriptor> spList = new ArrayList<EntityDescriptor>();
List<EntityDescriptor> aaList = new ArrayList<EntityDescriptor>();
if (entity.getFetchIdps()) {
logger.debug("Getting IDPs");
idpList.addAll(metadataHelper.filterIdps(entityList));
}
if (entity.getFetchSps()) {
logger.debug("Getting SPs");
spList.addAll(metadataHelper.filterSps(entityList));
}
if (entity.getFetchAAs()) {
logger.debug("Getting AAs");
aaList.addAll(metadataHelper.filterAAs(entityList));
}
entity.setEntityId(entities.getName());
updateIdpEntities(entity, entityList);
entity = dao.findById(entity.getId());
updateIdpEntities(entity, idpList);
updateSpEntities(entity, spList);
updateAAEntities(entity, aaList);
entity.setPolledAt(new Date());
dao.persist(entity);
logger.debug("Updated SAML Entities for Federation {}", entity.getName());
}
private void updateIdpEntities(FederationEntity entity, List<EntityDescriptor> entityList) {
private void updateAAEntities(FederationEntity entity, List<EntityDescriptor> entityList) {
entity = dao.findById(entity.getId());
List<SamlAAMetadataEntity> oldList = aaDao.findAllByFederation(entity);
List<SamlAAMetadataEntity> updatedList = new ArrayList<SamlAAMetadataEntity>();
for (EntityDescriptor ed : entityList) {
SamlAAMetadataEntity aa = aaDao.findByEntityId(ed.getEntityID());
Boolean newSp = (aa == null ? true : false);
if (newSp) {
aa = aaDao.createNew();
aa.setFederations(new HashSet<FederationEntity>());
logger.info("Creating new aa {}", ed.getEntityID());
}
aa.setEntityId(ed.getEntityID());
aa.setEntityDescriptor(samlHelper.marshal(ed));
aa.setOrgName(metadataHelper.getOrganisation(ed));
aa.getFederations().add(entity);
aa.setStatus(SamlMetadataEntityStatus.ACTIVE);
// metadataHelper.fillDisplayData(ed, sp);
// sp.setEntityCategoryList(metadataHelper.getEntityCategoryList(ed));
aa = aaDao.persist(aa);
// Set<SamlIdpScopeEntity> scopes = metadataHelper.getScopes(ed, idp);
//
// List<SamlIdpScopeEntity> oldScopes;
// if (newIdp)
// oldScopes = new ArrayList<SamlIdpScopeEntity>();
// else
// oldScopes = idpScopeService.findByIdp(idp);
//
// Set<SamlIdpScopeEntity> deleteScopes = new HashSet<SamlIdpScopeEntity>(oldScopes);
// deleteScopes.removeAll(scopes);
// for (SamlIdpScopeEntity scope : deleteScopes) {
// logger.info("Deleting idp scope {}", scope.getScope());
// idpScopeService.delete(scope);
// }
//
// scopes.removeAll(oldScopes);
// for (SamlIdpScopeEntity scope : scopes) {
// logger.info("Creating new idp scope {}", scope.getScope());
// idpScopeService.save(scope);
// }
updatedList.add(aa);
}
oldList.removeAll(updatedList);
for (SamlAAMetadataEntity aa : oldList) {
aa.getFederations().remove(entity);
entity.getIdps().remove(aa);
if (aa.getFederations().size() == 0) {
//SP is orphaned, set Status to DELETED
aa.setStatus(SamlMetadataEntityStatus.DELETED);
}
else {
aa.setStatus(SamlMetadataEntityStatus.ACTIVE);
}
aa = aaDao.persist(aa);
logger.info("remove sp {} from federation {}", aa.getEntityId(), entity.getEntityId());
}
}
private void updateSpEntities(FederationEntity entity, List<EntityDescriptor> entityList) {
List<SamlSpMetadataEntity> oldList = spDao.findAllByFederation(entity);
List<SamlSpMetadataEntity> updatedList = new ArrayList<SamlSpMetadataEntity>();
for (EntityDescriptor ed : entityList) {
SamlSpMetadataEntity sp = spDao.findByEntityId(ed.getEntityID());
Boolean newSp = (sp == null ? true : false);
if (newSp) {
sp = spDao.createNew();
sp.setFederations(new HashSet<FederationEntity>());
logger.info("Creating new sp {}", ed.getEntityID());
}
sp.setEntityId(ed.getEntityID());
sp.setEntityDescriptor(samlHelper.marshal(ed));
sp.setOrgName(metadataHelper.getOrganisation(ed));
sp.getFederations().add(entity);
sp.setStatus(SamlMetadataEntityStatus.ACTIVE);
// metadataHelper.fillDisplayData(ed, sp);
// sp.setEntityCategoryList(metadataHelper.getEntityCategoryList(ed));
sp = spDao.persist(sp);
// Set<SamlIdpScopeEntity> scopes = metadataHelper.getScopes(ed, idp);
//
// List<SamlIdpScopeEntity> oldScopes;
// if (newIdp)
// oldScopes = new ArrayList<SamlIdpScopeEntity>();
// else
// oldScopes = idpScopeService.findByIdp(idp);
//
// Set<SamlIdpScopeEntity> deleteScopes = new HashSet<SamlIdpScopeEntity>(oldScopes);
// deleteScopes.removeAll(scopes);
// for (SamlIdpScopeEntity scope : deleteScopes) {
// logger.info("Deleting idp scope {}", scope.getScope());
// idpScopeService.delete(scope);
// }
//
// scopes.removeAll(oldScopes);
// for (SamlIdpScopeEntity scope : scopes) {
// logger.info("Creating new idp scope {}", scope.getScope());
// idpScopeService.save(scope);
// }
updatedList.add(sp);
}
oldList.removeAll(updatedList);
for (SamlSpMetadataEntity sp : oldList) {
sp.getFederations().remove(entity);
entity.getIdps().remove(sp);
if (sp.getFederations().size() == 0) {
//SP is orphaned, set Status to DELETED
sp.setStatus(SamlMetadataEntityStatus.DELETED);
}
else {
sp.setStatus(SamlMetadataEntityStatus.ACTIVE);
}
sp = spDao.persist(sp);
logger.info("remove sp {} from federation {}", sp.getEntityId(), entity.getEntityId());
}
}
private void updateIdpEntities(FederationEntity entity, List<EntityDescriptor> entityList) {
List<SamlIdpMetadataEntity> oldList = idpService.findAllByFederation(entity);
List<SamlIdpMetadataEntity> oldList = idpDao.findAllByFederation(entity);
List<SamlIdpMetadataEntity> updatedList = new ArrayList<SamlIdpMetadataEntity>();
for (EntityDescriptor ed : entityList) {
SamlIdpMetadataEntity idp = idpService.findByEntityId(ed.getEntityID());
SamlIdpMetadataEntity idp = idpDao.findByEntityId(ed.getEntityID());
Boolean newIdp = (idp == null ? true : false);
if (newIdp) {
idp = idpService.createNew();
idp = idpDao.createNew();
idp.setFederations(new HashSet<FederationEntity>());
logger.info("Creating new idp {}"