1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18 package edu.internet2.middleware.shibboleth.idp.ui;
19
20 import java.net.URI;
21 import java.net.URISyntaxException;
22 import java.util.List;
23
24 import javax.servlet.ServletContext;
25 import javax.servlet.http.HttpServletRequest;
26 import javax.servlet.jsp.tagext.BodyTagSupport;
27
28 import org.opensaml.saml2.common.Extensions;
29 import org.opensaml.saml2.metadata.AttributeConsumingService;
30 import org.opensaml.saml2.metadata.EntityDescriptor;
31 import org.opensaml.saml2.metadata.LocalizedString;
32 import org.opensaml.saml2.metadata.RoleDescriptor;
33 import org.opensaml.saml2.metadata.SPSSODescriptor;
34 import org.opensaml.saml2.metadata.ServiceName;
35 import org.opensaml.samlext.saml2mdui.DisplayName;
36 import org.opensaml.samlext.saml2mdui.UIInfo;
37 import org.opensaml.xml.XMLObject;
38 import org.owasp.esapi.ESAPI;
39 import org.owasp.esapi.Encoder;
40 import org.slf4j.Logger;
41 import org.slf4j.LoggerFactory;
42
43 import edu.internet2.middleware.shibboleth.common.relyingparty.RelyingPartyConfigurationManager;
44 import edu.internet2.middleware.shibboleth.idp.authn.LoginContext;
45 import edu.internet2.middleware.shibboleth.idp.util.HttpServletHelper;
46
47
48
49
50
51
52
53
54
55
56
57 public class ServiceTagSupport extends BodyTagSupport{
58
59
60
61
62 private static final long serialVersionUID = 7988646597267865255L;
63
64
65 private static Logger log = LoggerFactory.getLogger(ServiceTagSupport.class);
66
67
68 private String cssClass;
69
70 private String cssId;
71
72 private String cssStyle;
73
74
75
76
77 public void setCssClass(String value) {
78 cssClass = value;
79 }
80
81
82
83 public void setCssId(String value) {
84 cssId = value;
85 }
86
87
88
89
90 public void setCssStyle(String value) {
91 cssStyle = value;
92 }
93
94
95
96
97
98 protected void addClassAndId(StringBuilder sb) {
99 if (cssClass != null) {
100 sb.append(" class=\"").append(cssClass).append('"');
101 }
102 if (cssId != null) {
103 sb.append(" id=\"").append(cssId).append('"');
104 }
105 if (cssStyle != null) {
106 sb.append(" style=\"").append(cssStyle).append('"');
107 }
108 }
109
110
111
112
113
114
115
116 protected String buildHyperLink(String url, String text) {
117 String encodedUrl;
118 Encoder esapiEncoder = ESAPI.encoder();
119
120 try {
121 URI theUrl = new URI(url);
122 String scheme = theUrl.getScheme();
123
124 if (!"http".equals(scheme) && !"https".equals(scheme) && !"mailto".equals(scheme)) {
125 log.warn("The URL " + url + " contained an invalid scheme");
126 return "";
127 }
128 encodedUrl = esapiEncoder.encodeForHTMLAttribute(url);
129 } catch (URISyntaxException e) {
130
131
132
133 log.warn("The URL " + url + " was invalid: " + e.toString());
134 return "";
135 }
136
137 StringBuilder sb = new StringBuilder("<a href=\"");
138 sb.append(encodedUrl).append('"');
139 addClassAndId(sb);
140 sb.append(">").append(text).append("</a>");
141 return sb.toString();
142 }
143
144
145
146
147
148 protected EntityDescriptor getSPEntityDescriptor() {
149 LoginContext loginContext;
150 HttpServletRequest request;
151 ServletContext application;
152 RelyingPartyConfigurationManager rpConfigMngr;
153 EntityDescriptor spEntity;
154
155
156
157
158 request = (HttpServletRequest) pageContext.getRequest();
159 application = pageContext.getServletContext();
160
161 if (request == null || application == null) {
162 return null;
163 }
164
165
166
167 loginContext = HttpServletHelper.getLoginContext(HttpServletHelper.getStorageService(application),
168 application, request);
169 rpConfigMngr = HttpServletHelper.getRelyingPartyConfigurationManager(application);
170 if (loginContext == null || rpConfigMngr == null) {
171 return null;
172 }
173 spEntity = HttpServletHelper.getRelyingPartyMetadata(loginContext.getRelyingPartyId(), rpConfigMngr);
174
175 return spEntity;
176 }
177
178
179
180
181 protected UIInfo getSPUIInfo() {
182 EntityDescriptor spEntity = getSPEntityDescriptor();
183 Extensions exts;
184
185 if (null == spEntity) {
186
187
188
189 return null;
190 }
191
192 for (RoleDescriptor role:spEntity.getRoleDescriptors(SPSSODescriptor.DEFAULT_ELEMENT_NAME)) {
193 exts = role.getExtensions();
194 if (exts != null) {
195 for (XMLObject object:exts.getOrderedChildren()) {
196 if (object instanceof UIInfo) {
197 return (UIInfo) object;
198 }
199 }
200 }
201 }
202 return null;
203 }
204
205
206
207
208
209 protected String getBrowserLanguage() {
210 HttpServletRequest request;
211 request = (HttpServletRequest) pageContext.getRequest();
212
213 return request.getLocale().getLanguage();
214 }
215
216
217
218
219 private String getNameFromEntityId() {
220 EntityDescriptor sp = getSPEntityDescriptor();
221
222 if (null == sp) {
223 log.debug("No relying party, nothing to display");
224 return null;
225 }
226
227 try {
228 URI entityId = new URI(sp.getEntityID());
229 String scheme = entityId.getScheme();
230
231 if ("http".equals(scheme) || "https".equals(scheme)) {
232 return entityId.getHost();
233 }
234 } catch (URISyntaxException e) {
235
236
237
238 return sp.getEntityID();
239 }
240
241
242
243 return sp.getEntityID();
244 }
245
246
247
248
249
250 private String getNameFromUIInfo() {
251 String lang = getBrowserLanguage();
252
253 if (getSPUIInfo() != null) {
254 for (DisplayName name:getSPUIInfo().getDisplayNames()) {
255 if (log.isDebugEnabled()){
256 log.debug("Found name in UIInfo, language=" + name.getXMLLang());
257 }
258 if (name.getXMLLang().equals(lang)) {
259
260
261
262 if (log.isDebugEnabled()){
263 log.debug("returning name from UIInfo " + name.getName().getLocalString());
264 }
265 return name.getName().getLocalString();
266 }
267 }
268 if (log.isDebugEnabled()){
269 log.debug("No name in UIInfo");
270 }
271 }
272 return null;
273 }
274
275
276
277
278
279 private String getNameFromAttributeConsumingService(){
280 String lang = getBrowserLanguage();
281 List<RoleDescriptor> roles;
282 AttributeConsumingService acs = null;
283 EntityDescriptor sp = getSPEntityDescriptor();
284
285 if (null == sp) {
286 log.warn("No relying party, nothing to display");
287 return null;
288 }
289
290 roles = sp.getRoleDescriptors(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
291 if (!roles.isEmpty()) {
292 SPSSODescriptor spssod = (SPSSODescriptor) roles.get(0);
293 acs = spssod.getDefaultAttributeConsumingService();
294 }
295 if (acs != null) {
296 for (ServiceName name:acs.getNames()) {
297 LocalizedString localName = name.getName();
298 if (log.isDebugEnabled()){
299 log.debug("Found name in AttributeConsumingService, language=" + localName.getLanguage());
300 }
301 if (localName.getLanguage().equals(lang)) {
302 if (log.isDebugEnabled()){
303 log.debug("returning name from AttributeConsumingService " + name.getName().getLocalString());
304 }
305 return localName.getLocalString();
306 }
307 }
308 if (log.isDebugEnabled()){
309 log.debug("No name in AttributeConsumingService");
310 }
311 }
312 return null;
313 }
314
315
316
317
318
319 protected String getServiceName() {
320 String result;
321
322
323
324 if (getSPEntityDescriptor() == null) {
325 log.debug("No relying party, nothing to display");
326 return null;
327 }
328
329
330
331 result = getNameFromUIInfo();
332 if (result != null) {
333 return result;
334 }
335
336
337
338
339 result = getNameFromAttributeConsumingService();
340 if (result != null) {
341 return result;
342 }
343
344
345
346
347 return getNameFromEntityId();
348 }
349
350
351 }