cloudstack-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bhais...@apache.org
Subject git commit: updated refs/heads/master to 008911d
Date Tue, 03 Feb 2015 11:35:39 GMT
Repository: cloudstack
Updated Branches:
  refs/heads/master 552f2ae60 -> 008911d4b


CLOUDSTACK-8195: Don't break IdP, return metadata XML

Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
(cherry picked from commit 1172867df022358e8b5a2cd435dc1d8331fca8c9)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/008911d4
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/008911d4
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/008911d4

Branch: refs/heads/master
Commit: 008911d4b13e6d90902c4579eafd2425a55b03e2
Parents: 552f2ae
Author: Rohit Yadav <rohit.yadav@shapeblue.com>
Authored: Tue Feb 3 16:59:09 2015 +0530
Committer: Rohit Yadav <rohit.yadav@shapeblue.com>
Committed: Tue Feb 3 17:05:29 2015 +0530

----------------------------------------------------------------------
 .../command/GetServiceProviderMetaDataCmd.java   | 17 +++++++++++++----
 .../command/SAML2LoginAPIAuthenticatorCmd.java   |  2 +-
 ui/index.jsp                                     |  2 +-
 ui/scripts/ui-custom/login.js                    | 19 +++++++++++++++++++
 .../apache/cloudstack/utils/auth/SAMLUtils.java  |  2 +-
 5 files changed, 35 insertions(+), 7 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/008911d4/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
index 6ab80a1..4697438 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/GetServiceProviderMetaDataCmd.java
@@ -19,6 +19,7 @@ package org.apache.cloudstack.api.command;
 
 import com.cloud.api.response.ApiResponseSerializer;
 import com.cloud.user.Account;
+import com.cloud.utils.HttpUtils;
 import org.apache.cloudstack.api.APICommand;
 import org.apache.cloudstack.api.ApiErrorCode;
 import org.apache.cloudstack.api.ApiServerService;
@@ -171,6 +172,7 @@ public class GetServiceProviderMetaDataCmd extends BaseCmd implements
APIAuthent
         spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
         spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
 
+        StringWriter stringWriter = new StringWriter();
         try {
             DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
             DocumentBuilder builder = factory.newDocumentBuilder();
@@ -179,17 +181,24 @@ public class GetServiceProviderMetaDataCmd extends BaseCmd implements
APIAuthent
             out.marshall(spEntityDescriptor, document);
 
             Transformer transformer = TransformerFactory.newInstance().newTransformer();
-            StringWriter stringWriter = new StringWriter();
             StreamResult streamResult = new StreamResult(stringWriter);
             DOMSource source = new DOMSource(document);
             transformer.transform(source, streamResult);
             stringWriter.close();
             response.setMetadata(stringWriter.toString());
         } catch (ParserConfigurationException | IOException | MarshallingException | TransformerException
e) {
-            response.setMetadata("Error creating Service Provider MetaData XML: " + e.getMessage());
+            if (responseType.equals(HttpUtils.JSON_CONTENT_TYPE)) {
+                response.setMetadata("Error creating Service Provider MetaData XML: " + e.getMessage());
+            } else {
+                return "Error creating Service Provider MetaData XML: " + e.getMessage();
+            }
         }
-
-        return ApiResponseSerializer.toSerializedString(response, responseType);
+        // For JSON type return serialized response object
+        if (responseType.equals(HttpUtils.RESPONSE_TYPE_JSON)) {
+            return ApiResponseSerializer.toSerializedString(response, responseType);
+        }
+        // For other response types return XML
+        return stringWriter.toString();
     }
 
     @Override

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/008911d4/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
----------------------------------------------------------------------
diff --git a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
index 1b4cd6a..3b6b7d3 100644
--- a/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
+++ b/plugins/user-authenticators/saml2/src/org/apache/cloudstack/api/command/SAML2LoginAPIAuthenticatorCmd.java
@@ -273,7 +273,7 @@ public class SAML2LoginAPIAuthenticatorCmd extends BaseCmd implements
APIAuthent
                 UserAccount userAccount = _userAccountDao.getUserAccount(username, domainId);
                 if (userAccount == null && uniqueUserId != null && username
!= null) {
                     CallContext.current().setEventDetails("SAML Account/User with UserName:
" + username + ", FirstName :" + password + ", LastName: " + lastName);
-                    _accountService.createUserAccount(username, password, firstName, lastName,
email, timeZone,
+                    userAccount = _accountService.createUserAccount(username, password, firstName,
lastName, email, timeZone,
                             username, (short) accountType, domainId, null, null, UUID.randomUUID().toString(),
uniqueUserId);
                 }
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/008911d4/ui/index.jsp
----------------------------------------------------------------------
diff --git a/ui/index.jsp b/ui/index.jsp
index 98dbb27..655c20a 100644
--- a/ui/index.jsp
+++ b/ui/index.jsp
@@ -67,7 +67,7 @@
                         </div>
                         <!-- Submit (login) -->
                         <input type="submit" value="<fmt:message key="label.login"/>"
/>
-                        <input type="samlsubmit" value="<fmt:message key="label.saml.login"/>"
/>
+                        <div id="saml-login"><input type="samlsubmit" value="<fmt:message
key="label.saml.login"/>"/></div>
                         <!-- Select language -->
                         <div class="select-language">
                             <select name="language">

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/008911d4/ui/scripts/ui-custom/login.js
----------------------------------------------------------------------
diff --git a/ui/scripts/ui-custom/login.js b/ui/scripts/ui-custom/login.js
index 269ab92..1f82c82 100644
--- a/ui/scripts/ui-custom/login.js
+++ b/ui/scripts/ui-custom/login.js
@@ -126,6 +126,25 @@
             });
         });
 
+        // Show SAML button if only SP is configured
+        $login.find("#saml-login").hide();
+        $.ajax({
+            type: "GET",
+            url: createURL("getSPMetadata"),
+            dataType: "json",
+            async: false,
+            success: function(data, textStatus, xhr) {
+                if (xhr.status === 200) {
+                    $login.find('#saml-login').show();
+                } else {
+                    $login.find('#saml-login').hide();
+                }
+            },
+            error: function(xhr) {
+                $login.find('#saml-login').hide();
+            },
+        });
+
         // Select language
         var $languageSelect = $login.find('select[name=language]');
         $languageSelect.change(function() {

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/008911d4/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
----------------------------------------------------------------------
diff --git a/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java b/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
index c75422f..0138807 100644
--- a/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
+++ b/utils/src/org/apache/cloudstack/utils/auth/SAMLUtils.java
@@ -309,7 +309,7 @@ public class SAMLUtils {
     public static KeyPair generateRandomKeyPair() throws NoSuchProviderException, NoSuchAlgorithmException
{
         Security.addProvider(new BouncyCastleProvider());
         KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "BC");
-        keyPairGenerator.initialize(2048, new SecureRandom());
+        keyPairGenerator.initialize(4096, new SecureRandom());
         return keyPairGenerator.generateKeyPair();
     }
 


Mime
View raw message