CustomIdentityMapper.java

package org.atricore.idbus.examples.sso.idmapper;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.atricore.idbus.kernel.main.federation.IdentityMapper;
import org.atricore.idbus.kernel.main.federation.SubjectNameID;
import org.atricore.idbus.kernel.main.federation.SubjectRole;

import javax.security.auth.Subject;
import java.security.Principal;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

/**
 * Created by sgonzalez on 3/12/15.
 */
public class CustomIdentityMapper implements IdentityMapper {

    private static final Log logger = LogFactory.getLog(CustomIdentityMapper.class);

    private String customCfg;

    @Override
    public Subject map(Subject remoteSubject, Subject localSubject) {
        return map(remoteSubject, localSubject, null);
    }

    /**
     * Create a new federated subject based on the remote Subject, and the local subject (if any).
     *
     * @param remoteSubject the subject information received from the IdP.
     * @param localSubject the local subject retrieved from the Identity Source
     * @param additionalPrincipals a set of principals that must be added to the final subject
     *
     * @return the federated subject
     */
    @Override
    public Subject map(Subject remoteSubject, Subject localSubject, Set<Principal> additionalPrincipals) {

        Subject federatedSubject = null;

        SubjectNameID id = null;
        Set<SubjectNameID> localIds = localSubject.getPrincipals(SubjectNameID.class);
        if (localIds.size() == 1) {
            id = localIds.iterator().next();
        }

        if (id == null) {
            Set<SubjectNameID> idpIds = remoteSubject.getPrincipals(SubjectNameID.class);
            if (idpIds.size() == 1) {
                id = idpIds.iterator().next();
            }
        }

        Set<Principal> merged = new HashSet<Principal>();
        merged.add(id);

        for (Principal p : remoteSubject.getPrincipals()) {
            if (p instanceof SubjectNameID)
                continue;

            if (logger.isTraceEnabled())
                logger.trace("Merging IDP principal " + p);

            merged.add(p);
        }

        for (Principal p : localSubject.getPrincipals()) {
            if (p instanceof SubjectNameID)
                continue;

            if (logger.isTraceEnabled())
                logger.trace("Merging Local principal " + p);

            merged.add(p);
        }

        // Automatically assigned roles
        List<SubjectRole> roles = new ArrayList<SubjectRole>();
        roles.add(new SubjectRole("role1"));
        merged.addAll(roles);

        // Create federated subject
        federatedSubject = new Subject(true, merged,
                localSubject.getPublicCredentials(),
                localSubject.getPrivateCredentials());

        if (logger.isDebugEnabled())
            logger.debug("Merged subject " + federatedSubject);

        return federatedSubject;
    }

    public String getCustomCfg() {
        return customCfg;
    }

    public void setCustomCfg(String customCfg) {
        this.customCfg = customCfg;
    }
}