Avoid hard-coding localhost in IDP metadata by using idp.base_url

RallySoftware · May 6, 2020 · 55a0f1d · 55a0f1d
1 parent ea6a0e7
commit 55a0f1d
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 3 deletions.
diff --git a/mujina-idp/src/main/java/mujina/idp/MetadataController.java b/mujina-idp/src/main/java/mujina/idp/MetadataController.java
@@ -25,6 +25,7 @@
 import org.opensaml.xml.signature.Signer;
 import org.opensaml.xml.util.XMLHelper;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.core.env.Environment;
 import org.springframework.security.saml.key.KeyManager;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -35,6 +36,10 @@
 import javax.xml.parsers.ParserConfigurationException;
 import javax.xml.transform.TransformerException;
 
+import java.net.MalformedURLException;
+import java.net.URI;
+import java.net.URL;
+
 import static mujina.saml.SAMLBuilder.buildSAMLObject;
 
 @RestController
@@ -49,8 +54,9 @@ public class MetadataController {
   @Autowired
   Environment environment;
 
+  @Autowired
   @RequestMapping(method = RequestMethod.GET, value = "/metadata", produces = "application/xml")
-  public String metadata() throws SecurityException, ParserConfigurationException, SignatureException, MarshallingException, TransformerException {
+  public String metadata(@Value("${idp.base_url}") String idpBaseUrl) throws SecurityException, ParserConfigurationException, SignatureException, MarshallingException, TransformerException {
     EntityDescriptor entityDescriptor = buildSAMLObject(EntityDescriptor.class, EntityDescriptor.DEFAULT_ELEMENT_NAME);
     entityDescriptor.setEntityID(idpConfiguration.getEntityId());
     entityDescriptor.setID(SAMLBuilder.randomSAMLId());
@@ -78,8 +84,9 @@ public String metadata() throws SecurityException, ParserConfigurationException,
 
     String localPort = environment.getProperty("local.server.port");
 
+
     SingleSignOnService singleSignOnService = buildSAMLObject(SingleSignOnService.class, SingleSignOnService.DEFAULT_ELEMENT_NAME);
-    singleSignOnService.setLocation("http://localhost:" + localPort + "/SingleSignOnService");
+    singleSignOnService.setLocation(idpBaseUrl + "/SingleSignOnService");
     singleSignOnService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
 
     idpssoDescriptor.getSingleSignOnServices().add(singleSignOnService);

diff --git a/mujina-idp/src/test/java/mujina/idp/MetadataControllerTest.java b/mujina-idp/src/test/java/mujina/idp/MetadataControllerTest.java
@@ -22,7 +22,7 @@ public void metadata() throws Exception {
       .statusCode(SC_OK)
       .body(
         "EntityDescriptor.IDPSSODescriptor.SingleSignOnService.@Location",
-        equalTo("http://localhost:" + serverPort + "/SingleSignOnService"));
+        equalTo("http://localhost:8080/SingleSignOnService"));
   }
 
 }