|
1
|
|
|
package org.apereo.cas.support.saml.services; |
|
2
|
|
|
|
|
3
|
|
|
import org.apache.commons.lang3.BooleanUtils; |
|
4
|
|
|
import org.apereo.cas.support.saml.services.idp.metadata.SamlRegisteredServiceServiceProviderMetadataFacade; |
|
5
|
|
|
import org.apereo.cas.support.saml.services.idp.metadata.cache.SamlRegisteredServiceCachingMetadataResolver; |
|
6
|
|
|
import org.apereo.cas.util.RegexUtils; |
|
7
|
|
|
import org.opensaml.saml.saml2.metadata.EntityDescriptor; |
|
8
|
|
|
import org.slf4j.Logger; |
|
9
|
|
|
import org.slf4j.LoggerFactory; |
|
10
|
|
|
import org.springframework.context.ApplicationContext; |
|
11
|
|
|
|
|
12
|
|
|
import java.util.HashMap; |
|
13
|
|
|
import java.util.Map; |
|
14
|
|
|
import java.util.regex.Matcher; |
|
15
|
|
|
import java.util.regex.Pattern; |
|
16
|
|
|
|
|
17
|
|
|
/** |
|
18
|
|
|
* This is {@link PatternMatchingEntityIdAttributeReleasePolicy}. |
|
19
|
|
|
* |
|
20
|
|
|
* @author Misagh Moayyed |
|
21
|
|
|
* @since 5.1.0 |
|
22
|
|
|
*/ |
|
23
|
|
|
public class PatternMatchingEntityIdAttributeReleasePolicy extends BaseSamlRegisteredServiceAttributeReleasePolicy { |
|
24
|
|
|
private static final long serialVersionUID = 2633701342213724854L; |
|
25
|
|
|
private static final Logger LOGGER = LoggerFactory.getLogger(PatternMatchingEntityIdAttributeReleasePolicy.class); |
|
26
|
|
|
|
|
27
|
|
|
private String entityIds = RegexUtils.MATCH_NOTHING_PATTERN.pattern(); |
|
28
|
|
|
private boolean fullMatch = true; |
|
29
|
|
|
|
|
30
|
|
|
@Override |
|
31
|
|
|
protected Map<String, Object> getAttributesForSamlRegisteredService(final Map<String, Object> attributes, |
|
32
|
|
|
final SamlRegisteredService service, |
|
33
|
|
|
final ApplicationContext applicationContext, |
|
34
|
|
|
final SamlRegisteredServiceCachingMetadataResolver resolver, |
|
35
|
|
|
final SamlRegisteredServiceServiceProviderMetadataFacade facade, |
|
36
|
|
|
final EntityDescriptor entityDescriptor) { |
|
37
|
|
|
final Pattern pattern = RegexUtils.createPattern(this.entityIds); |
|
38
|
|
|
final Matcher matcher = pattern.matcher(entityDescriptor.getEntityID()); |
|
39
|
|
|
LOGGER.debug("Creating pattern [{}] to match against entity id [{}]", pattern.pattern(), entityDescriptor.getEntityID()); |
|
40
|
|
|
|
|
41
|
|
|
final boolean matched = fullMatch ? matcher.matches() : matcher.find(); |
|
42
|
|
|
LOGGER.debug("Pattern [{}] matched against [{}]? [{}]", pattern.pattern(), entityDescriptor.getEntityID(), BooleanUtils.toStringYesNo(matched)); |
|
43
|
|
|
|
|
44
|
|
|
if (matched) { |
|
45
|
|
|
return authorizeReleaseOfAllowedAttributes(attributes); |
|
46
|
|
|
} |
|
47
|
|
|
return new HashMap<>(0); |
|
48
|
|
|
} |
|
49
|
|
|
|
|
50
|
|
|
public String getEntityIds() { |
|
51
|
|
|
return entityIds; |
|
52
|
|
|
} |
|
53
|
|
|
|
|
54
|
|
|
public void setEntityIds(final String entityIds) { |
|
55
|
|
|
this.entityIds = entityIds; |
|
56
|
|
|
} |
|
57
|
|
|
} |
|
58
|
|
|
|
apereo /
cas
