/*
* JBoss, Home of Professional Open Source.
* Copyright 2008, Red Hat Middleware LLC, and individual contributors
* as indicated by the @author tags. See the copyright.txt file in the
* distribution for a full listing of individual contributors.
*
* This is free software; you can redistribute it and/or modify it
* under the terms of the GNU Lesser General Public License as
* published by the Free Software Foundation; either version 2.1 of
* the License, or (at your option) any later version.
*
* This software is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this software; if not, write to the Free
* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
* 02110-1301 USA, or see the FSF site: http://www.fsf.org.
*/
package org.jboss.identity.federation.bindings.servlets;
import java.io.IOException;
import java.io.InputStream;
import java.net.HttpURLConnection;
import java.net.URL;
import java.util.HashMap;
import java.util.Map;
import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import javax.xml.bind.JAXBElement;
import javax.xml.bind.JAXBException;
import javax.xml.bind.Unmarshaller;
import org.jboss.identity.federation.api.saml.v2.metadata.MetaDataBuilder;
import org.jboss.identity.federation.core.saml.v2.metadata.store.FileBasedMetadataConfigurationStore;
import org.jboss.identity.federation.core.saml.v2.metadata.store.IMetadataConfigurationStore;
import org.jboss.identity.federation.saml.v2.metadata.EntityDescriptorType;
/**
* Circle of trust establishing servlet that accesses
* the metadata urls of the various sites and updates
* the common store
* @author Anil.Saldhana@redhat.com
* @since Apr 23, 2009
*/
public class CircleOfTrustServlet extends HttpServlet
{
private static final long serialVersionUID = 1L;
private IMetadataConfigurationStore configProvider = new FileBasedMetadataConfigurationStore();
@Override
public void init(ServletConfig config) throws ServletException
{
super.init(config);
String cstr = config.getInitParameter("configProvider");
if(cstr != null && cstr.length() > 0)
{
ClassLoader tcl;
try
{
tcl = SecurityActions.getContextClassLoader();
configProvider = (IMetadataConfigurationStore) tcl.loadClass(cstr).newInstance();
}
catch (Exception e)
{
throw new ServletException(e);
}
}
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException
{
//Handle listing of providers for either idp or sp
//Handle adding an IDP
//Handle adding a SP
String action = req.getParameter("action");
String type = req.getParameter("type");
if(action == null)
throw new ServletException("action is null");
if(type == null)
throw new ServletException("type is null");
//SP
if("sp".equalsIgnoreCase(type))
{
if("add".equalsIgnoreCase(action))
{
try
{
addIDP(req,resp);
req.getRequestDispatcher("/addedIDP.jsp").forward(req, resp);
}
catch (Exception e)
{
throw new ServletException(e);
}
}
if("display_trusted_providers".equalsIgnoreCase(action))
{
try
{
displayTrustedProvidersForSP(req,resp);
req.getRequestDispatcher("/spTrustedProviders.jsp").forward(req, resp);
}
catch (Exception e)
{
throw new ServletException(e);
}
}
}
else
//IDP
if("idp".equalsIgnoreCase(type))
{
if("add".equalsIgnoreCase(action))
{
try
{
addSP(req,resp);
req.getRequestDispatcher("/addedSP.jsp").forward(req, resp);
}
catch (Exception e)
{
throw new ServletException(e);
}
}
if("display_trusted_providers".equalsIgnoreCase(action))
{
try
{
displayTrustedProvidersForIDP(req,resp);
req.getRequestDispatcher("/idpTrustedProviders.jsp").forward(req, resp);
}
catch (Exception e)
{
throw new ServletException(e);
}
}
}
}
private void addIDP(HttpServletRequest request, HttpServletResponse response)
throws IOException, JAXBException
{
String spName = request.getParameter("spname");
String idpName = request.getParameter("idpname");
String metadataURL = request.getParameter("metadataURL");
EntityDescriptorType edt = getMetaData(metadataURL);
configProvider.persist(edt, idpName);
HttpSession httpSession = request.getSession();
httpSession.setAttribute("idp", edt);
//Let us add the trusted providers
Map<String,String> trustedProviders = new HashMap<String, String>();
try
{
trustedProviders = configProvider.loadTrustedProviders(spName);
}
catch (ClassNotFoundException e)
{
log("Error obtaining the trusted providers for "+spName);
throw new RuntimeException(e);
}
finally
{
trustedProviders.put(idpName, metadataURL);
configProvider.persistTrustedProviders(spName, trustedProviders);
}
}
private void addSP(HttpServletRequest request, HttpServletResponse response)
throws JAXBException, IOException
{
String idpName = request.getParameter("idpname");
String spName = request.getParameter("spname");
String metadataURL = request.getParameter("metadataURL");
EntityDescriptorType edt = getMetaData(metadataURL);
configProvider.persist(edt, spName);
HttpSession httpSession = request.getSession();
httpSession.setAttribute("sp", edt);
//Let us add the trusted providers
Map<String,String> trustedProviders = new HashMap<String, String>();
try
{
trustedProviders = configProvider.loadTrustedProviders(spName);
}
catch(Exception e)
{
log("Error obtaining the trusted providers for "+spName);
}
finally
{
trustedProviders.put(spName, metadataURL);
configProvider.persistTrustedProviders(idpName, trustedProviders);
}
}
private EntityDescriptorType getMetaData(String metadataURL) throws JAXBException, IOException
{
InputStream is;
URL md = new URL(metadataURL);
HttpURLConnection http = (HttpURLConnection) md.openConnection();
http.setInstanceFollowRedirects(true);
is = http.getInputStream();
Unmarshaller un = MetaDataBuilder.getUnmarshaller();
JAXBElement<?> j = (JAXBElement<?>) un.unmarshal(is);
Object obj = j.getValue();
if(obj instanceof EntityDescriptorType == false)
throw new RuntimeException("Unsupported type:"+ obj.getClass());
EntityDescriptorType edt = (EntityDescriptorType) obj;
return edt;
}
private void displayTrustedProvidersForIDP(HttpServletRequest request, HttpServletResponse response)
throws IOException, ClassNotFoundException
{
String idpName = request.getParameter("name");
Map<String, String> trustedProviders = configProvider.loadTrustedProviders(idpName);
HttpSession httpSession = request.getSession();
httpSession.setAttribute("idpName", idpName);
httpSession.setAttribute("providers", trustedProviders);
}
private void displayTrustedProvidersForSP(HttpServletRequest request, HttpServletResponse response)
throws IOException, ClassNotFoundException
{
String spName = request.getParameter("name");
Map<String, String> trustedProviders = configProvider.loadTrustedProviders(spName);
HttpSession httpSession = request.getSession();
httpSession.setAttribute("spName", spName);
httpSession.setAttribute("providers", trustedProviders);
}
}