def setRelyingPartyLoginUrl(self, identity):
print "ThumbSignIn. Inside setRelyingPartyLoginUrl..."
sessionId = identity.getSessionId()
sessionAttribute = sessionId.getSessionAttributes()
stateJWTToken = sessionAttribute.get("state")
relyingPartyLoginUrl = ""
relyingPartyId = ""
if (stateJWTToken != None):
stateJWTTokenArray = String(stateJWTToken).split("\\.")
stateJWTTokenPayload = stateJWTTokenArray[1]
statePayloadStr = String(
Base64Util.base64urldecode(stateJWTTokenPayload), "UTF-8")
statePayloadJson = JSONObject(statePayloadStr)
print "ThumbSignIn. Value of state JWT token Payload is %s" % statePayloadJson
additional_claims = statePayloadJson.get("additional_claims")
relyingPartyId = additional_claims.get("relyingPartyId")
print "ThumbSignIn. Value of relyingPartyId is %s" % relyingPartyId
identity.setWorkingParameter("relyingPartyId", relyingPartyId)
if (String(relyingPartyId).startsWith("google.com")):
#google.com/a/unphishableenterprise.com
relyingPartyIdArray = String(relyingPartyId).split("/")
googleDomain = relyingPartyIdArray[2]
print "ThumbSignIn. Value of googleDomain is %s" % googleDomain
relyingPartyLoginUrl = "https://www.google.com/accounts/AccountChooser?hd=" + googleDomain + "%26continue=https://apps.google.com/user/hub"
#elif (String(relyingPartyId).startsWith("xyz")):
#relyingPartyLoginUrl = "xyz.com"
else:
relyingPartyLoginUrl = relyingPartyId
print "ThumbSignIn. Value of relyingPartyLoginUrl is %s" % relyingPartyLoginUrl
identity.setWorkingParameter("relyingPartyLoginUrl",
relyingPartyLoginUrl)
return None
def set_relying_party_login_url(identity):
print "ThumbSignIn. Inside set_relying_party_login_url..."
session_id = identity.getSessionId()
session_attribute = session_id.getSessionAttributes()
state_jwt_token = session_attribute.get("state")
relying_party_login_url = ""
if state_jwt_token is not None:
state_jwt_token_array = String(state_jwt_token).split("\\.")
state_jwt_token_payload = state_jwt_token_array[1]
state_payload_str = String(Base64Util.base64urldecode(state_jwt_token_payload), "UTF-8")
state_payload_json = JSONObject(state_payload_str)
print "ThumbSignIn. Value of state JWT token Payload is %s" % state_payload_json
additional_claims = state_payload_json.get("additional_claims")
relying_party_id = additional_claims.get(RELYING_PARTY_ID)
print "ThumbSignIn. Value of relying_party_id is %s" % relying_party_id
identity.setWorkingParameter(RELYING_PARTY_ID, relying_party_id)
if String(relying_party_id).startsWith("google.com"):
# google.com/a/unphishableenterprise.com
relying_party_id_array = String(relying_party_id).split("/")
google_domain = relying_party_id_array[2]
print "ThumbSignIn. Value of google_domain is %s" % google_domain
relying_party_login_url = "https://www.google.com/accounts/AccountChooser?hd="+ google_domain + "%26continue=https://apps.google.com/user/hub"
# elif (String(relying_party_id).startsWith("xyz")):
# relying_party_login_url = "xyz.com"
else:
# If relying_party_login_url is empty, Gluu's default login URL will be used
relying_party_login_url = ""
print "ThumbSignIn. Value of relying_party_login_url is %s" % relying_party_login_url
identity.setWorkingParameter(RELYING_PARTY_LOGIN_URL, relying_party_login_url)
return None
def getProviderFromJson(self, providerJson):
provider = None
try:
obj = json.loads(Base64Util.base64urldecodeToString(providerJson))
provider = obj["provider"]
except:
print "Passport. getProviderFromJson. Could not parse provided Json string. Returning None"
return provider
def prepareForStep(self, configurationAttributes, requestParameters, step):
extensionResult = self.extensionPrepareForStep(configurationAttributes,
requestParameters, step)
if extensionResult != None:
return extensionResult
if (step == 1):
print "Passport-saml: Prepare for Step 1 method call"
identity = CdiUtil.bean(Identity)
sessionId = identity.getSessionId()
sessionAttribute = sessionId.getSessionAttributes()
print "Passport-saml: session %s" % sessionAttribute
oldState = sessionAttribute.get("state")
if (oldState == None):
print "Passport-saml: old state is none"
return True
else:
print "Passport-saml: state is obtained"
try:
stateBytes = Base64Util.base64urldecode(oldState)
state = StringUtil.fromBytes(stateBytes)
stateObj = json.loads(state)
print stateObj["provider"]
for y in stateObj:
print(y, ':', stateObj[y])
httpService = CdiUtil.bean(HttpService)
facesService = CdiUtil.bean(FacesService)
facesContext = CdiUtil.bean(FacesContext)
httpclient = httpService.getHttpsClient()
headersMap = HashMap()
headersMap.put("Accept", "text/json")
host = facesContext.getExternalContext().getRequest(
).getServerName()
url = "https://" + host + "/passport/token"
print "Passport-saml: url %s" % url
resultResponse = httpService.executeGet(
httpclient, url, headersMap)
http_response = resultResponse.getHttpResponse()
response_bytes = httpService.getResponseContent(
http_response)
szResponse = httpService.convertEntityToString(
response_bytes)
print "Passport-saml: szResponse %s" % szResponse
tokenObj = json.loads(szResponse)
print "Passport-saml: /passport/auth/saml/" + stateObj[
"provider"] + "/" + tokenObj["token_"]
facesService.redirectToExternalURL("/passport/auth/saml/" +
stateObj["provider"] +
"/" +
tokenObj["token_"])
except Exception, err:
print str(err)
return True
return True
def encodeProvider(self, name):
enc = {"provider": name}
return Base64Util.base64urlencode(String(json.dumps(enc)).getBytes())