/*
* Copyright (c) 2010, WSO2 Inc. (http://www.wso2.org) All Rights Reserved.
*
* WSO2 Inc. licenses this file to you under the Apache License,
* Version 2.0 (the "License"); you may not use this file except
* in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing,
* software distributed under the License is distributed on an
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
* KIND, either express or implied. See the License for the
* specific language governing permissions and limitations
* under the License.
*/
package org.wso2.carbon.identity.authenticator.saml2.sso.internal;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.osgi.service.component.ComponentContext;
import org.wso2.carbon.CarbonConstants;
import org.wso2.carbon.core.security.AuthenticatorsConfiguration;
import org.wso2.carbon.core.services.authentication.CarbonServerAuthenticator;
import org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticator;
import org.wso2.carbon.identity.authenticator.saml2.sso.SAML2SSOAuthenticatorBEConstants;
import org.wso2.carbon.registry.core.service.RegistryService;
import org.wso2.carbon.user.core.service.RealmService;
import java.util.Hashtable;
import java.util.Map;
/**
* @scr.component name="saml2.sso.authenticator.dscomponent" immediate="true"
* @scr.reference name="registry.service"
* interface="org.wso2.carbon.registry.core.service.RegistryService"
* cardinality="1..1" policy="dynamic" bind="setRegistryService"
* unbind="unsetRegistryService"
* @scr.reference name="user.realmservice.default"
* interface="org.wso2.carbon.user.core.service.RealmService"
* cardinality="1..1" policy="dynamic" bind="setRealmService"
* unbind="unsetRealmService"
*/
public class SAML2SSOAuthenticatorDSComponent {
private static final Log log = LogFactory.getLog(SAML2SSOAuthenticatorDSComponent.class);
protected void activate(ComponentContext ctxt) {
try {
SAML2SSOAuthBEDataHolder.getInstance().setBundleContext(ctxt.getBundleContext());
SAML2SSOAuthenticator authenticator = new SAML2SSOAuthenticator();
Hashtable<String, String> props = new Hashtable<String, String>();
props.put(CarbonConstants.AUTHENTICATOR_TYPE, authenticator.getAuthenticatorName());
ctxt.getBundleContext().registerService(CarbonServerAuthenticator.class.getName(), authenticator, props);
// Check whether the IdPCertAlias is set for signature validations of Tenant 0.
configureIdPCertAlias();
if (log.isDebugEnabled()) {
log.debug("SAML2 SSO Authenticator BE Bundle activated successfuly.");
}
} catch (Throwable e) {
if (log.isDebugEnabled()) {
log.error("SAML2 SSO Authenticator BE Bundle activation Failed.");
}
}
}
protected void deactivate(ComponentContext ctxt) {
SAML2SSOAuthBEDataHolder.getInstance().setBundleContext(null);
log.debug("SAML2 SSO Authenticator BE Bundle is deactivated ");
}
protected void setRegistryService(RegistryService registryService) {
SAML2SSOAuthBEDataHolder.getInstance().setRegistryService(registryService);
}
protected void unsetRegistryService(RegistryService registryService) {
SAML2SSOAuthBEDataHolder.getInstance().setRegistryService(null);
}
protected void setRealmService(RealmService realmService) {
SAML2SSOAuthBEDataHolder.getInstance().setRealmService(realmService);
}
protected void unsetRealmService(RealmService realmService) {
SAML2SSOAuthBEDataHolder.getInstance().setRealmService(null);
}
private void configureIdPCertAlias() {
// read the meta data required for signature validation for assertions issued for Super Tenant.
AuthenticatorsConfiguration authenticatorsConfiguration = AuthenticatorsConfiguration.getInstance();
AuthenticatorsConfiguration.AuthenticatorConfig authenticatorConfig =
authenticatorsConfiguration.getAuthenticatorConfig(
SAML2SSOAuthenticatorBEConstants.SAML2_SSO_AUTHENTICATOR_NAME);
if (authenticatorConfig != null) {
Map<String, String> authenticatorParams = authenticatorConfig.getParameters();
// if this parameter is set, then use it with tenant 0. Otherwise use the default cert.
if (authenticatorParams.containsKey(SAML2SSOAuthenticatorBEConstants.PropertyConfig.AUTH_CONFIG_PARAM_IDP_CERT_ALIAS)) {
SAML2SSOAuthBEDataHolder.getInstance().setIdPCertAlias(authenticatorParams.get(
SAML2SSOAuthenticatorBEConstants.PropertyConfig.AUTH_CONFIG_PARAM_IDP_CERT_ALIAS));
}
}
}
}