Skip to content

Commit

Permalink
Merge pull request #367 from mauromol/improve-sp-contacts
Browse files Browse the repository at this point in the history
Improve SP contacts
  • Loading branch information
pitbulk authored Nov 27, 2021
2 parents 7735163 + 6900702 commit 1198878
Show file tree
Hide file tree
Showing 15 changed files with 640 additions and 87 deletions.
37 changes: 25 additions & 12 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -250,6 +250,31 @@ onelogin.saml2.sp.x509certNew =
# If you have PKCS#1 BEGIN RSA PRIVATE KEY convert it by openssl pkcs8 -topk8 -inform pem -nocrypt -in sp.rsa_key -outform pem -out sp.pem
onelogin.saml2.sp.privatekey =

# Organization
onelogin.saml2.organization.name = SP Java
onelogin.saml2.organization.displayname = SP Java Example
onelogin.saml2.organization.url = http://sp.example.com
onelogin.saml2.organization.lang = en

# Contacts (use indexes to specify multiple contacts, multiple e-mail addresses per contact, multiple phone numbers per contact)
onelogin.saml2.sp.contact[0].contactType=administrative
onelogin.saml2.sp.contact[0].company=ACME
onelogin.saml2.sp.contact[0].given_name=Guy
onelogin.saml2.sp.contact[0].sur_name=Administrative
onelogin.saml2.sp.contact[0].email_address[0]=administrative@example.com
onelogin.saml2.sp.contact[0].email_address[1]=administrative2@example.com
onelogin.saml2.sp.contact[0].telephone_number[0]=+1-123456789
onelogin.saml2.sp.contact[0].telephone_number[1]=+1-987654321
onelogin.saml2.sp.contact[1].contactType=other
onelogin.saml2.sp.contact[1].company=Big Corp
onelogin.saml2.sp.contact[1].email_address=info@example.com

# Legacy contacts (legacy way to specify just a technical and a support contact with minimal info)
onelogin.saml2.contacts.technical.given_name = Technical Guy
onelogin.saml2.contacts.technical.email_address = technical@example.com
onelogin.saml2.contacts.support.given_name = Support Guy
onelogin.saml2.contacts.support.email_address = support@example.com

## Identity Provider Data that we want connect with our SP ##

# Identifier of the IdP entity (must be a URI)
Expand Down Expand Up @@ -374,18 +399,6 @@ onelogin.saml2.security.reject_deprecated_alg = true
onelogin.saml2.parsing.trim_name_ids = false
onelogin.saml2.parsing.trim_attribute_values = false

# Organization
onelogin.saml2.organization.name = SP Java
onelogin.saml2.organization.displayname = SP Java Example
onelogin.saml2.organization.url = http://sp.example.com
onelogin.saml2.organization.lang = en

# Contacts
onelogin.saml2.contacts.technical.given_name = Technical Guy
onelogin.saml2.contacts.technical.email_address = technical@example.com
onelogin.saml2.contacts.support.given_name = Support Guy
onelogin.saml2.contacts.support.email_address = support@example.com

# Prefix used in generated Unique IDs.
# Optional, defaults to ONELOGIN_ or full ID is like ONELOGIN_ebb0badd-4f60-4b38-b20a-a8e01f0592b1.
# At minimun, the prefix can be non-numeric character such as "_".
Expand Down
108 changes: 92 additions & 16 deletions core/src/main/java/com/onelogin/saml2/model/Contact.java
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
package com.onelogin.saml2.model;

import java.util.Arrays;
import java.util.Collections;
import java.util.List;

/**
* Contact class of OneLogin's Java Toolkit.
Expand All @@ -8,34 +11,78 @@
*/
public class Contact {
/**
* Contact type
*/
* Contact type
*/
private final String contactType;

/**
* Contact given name
*/
* Contact company
*/
private final String company;

/**
* Contact given name
*/
private final String givenName;

/**
* Contact surname
*/
private final String surName;

/**
* Contact email
*/
private final String emailAddress;
* Contact email
*/
private final List<String> emailAddresses;

/**
* Constructor
* Contact phone number
*/
private final List<String> telephoneNumbers;

/**
* Constructor to specify minimal contact data.
* <p>
* To maintain backward compatibility, a <code>null</code> given name and a
* <code>null</code> e-mail address are handled as being empty strings.
*
* @param contactType
* String. Contact type
* Contact type
* @param givenName
* String. Contact given name
* Contact given name
* @param emailAddress
* String. Contact email
* Contact e-mail
* @deprecated use {@link #Contact(String, String, String, String, List, List)}
*/
@Deprecated
public Contact(String contactType, String givenName, String emailAddress) {
this(contactType, null, givenName != null ? givenName : "", null,
Arrays.asList(emailAddress != null ? emailAddress : ""), null);
}

/**
* Constructor
*
* @param contactType
* Contact type
* @param givenName
* Contact given name
* @param surName
* Contact surname
* @param company
* Contact company
* @param emailAddresses
* Contact e-mails
* @param telephoneNumbers
* Contact phone numbers
*/
public Contact(String contactType, String company, String givenName, String surName, List<String> emailAddresses, List<String> telephoneNumbers) {
this.contactType = contactType != null? contactType : "";
this.givenName = givenName != null? givenName : "";
this.emailAddress = emailAddress != null? emailAddress : "";
this.company = company;
this.givenName = givenName;
this.surName = surName;
this.emailAddresses = emailAddresses != null? emailAddresses: Collections.emptyList();
this.telephoneNumbers = telephoneNumbers != null? telephoneNumbers: Collections.emptyList();
}

/**
Expand All @@ -46,17 +93,46 @@ public final String getContactType() {
}

/**
* @return string the contact email
* @return the contact email
* @deprecated this returns just the first e-mail address in {@link #getEmailAddresses()}
*/
@Deprecated
public final String getEmailAddress() {
return emailAddress;
return emailAddresses.size() > 0? emailAddresses.get(0): null;
}

/**
* @return string the contact given name
* @return a list containing the contact e-mail addresses (never <code>null</code>)
*/
public final List<String> getEmailAddresses() {
return emailAddresses;
}

/**
* @return the contact given name
*/
public final String getGivenName() {
return givenName;
}

/**
* @return the contact surname
*/
public final String getSurName() {
return surName;
}

/**
* @return the contact company
*/
public final String getCompany() {
return company;
}

/**
* @return a list containing the contact phone numbers (never <code>null</code>)
*/
public final List<String> getTelephoneNumbers() {
return telephoneNumbers;
}
}
17 changes: 15 additions & 2 deletions core/src/main/java/com/onelogin/saml2/settings/Metadata.java
Original file line number Diff line number Diff line change
Expand Up @@ -277,8 +277,21 @@ private String toContactsXml(List<Contact> contacts) {

for (Contact contact : contacts) {
contactsXml.append("<md:ContactPerson contactType=\"" + Util.toXml(contact.getContactType()) + "\">");
contactsXml.append("<md:GivenName>" + Util.toXml(contact.getGivenName()) + "</md:GivenName>");
contactsXml.append("<md:EmailAddress>" + Util.toXml(contact.getEmailAddress()) + "</md:EmailAddress>");
final String company = contact.getCompany();
if(company != null)
contactsXml.append("<md:Company>" + Util.toXml(company) + "</md:Company>");
final String givenName = contact.getGivenName();
if(givenName != null)
contactsXml.append("<md:GivenName>" + Util.toXml(givenName) + "</md:GivenName>");
final String surName = contact.getSurName();
if(surName != null)
contactsXml.append("<md:SurName>" + Util.toXml(surName) + "</md:SurName>");
final List<String> emailAddresses = contact.getEmailAddresses();
emailAddresses.forEach(emailAddress -> contactsXml
.append("<md:EmailAddress>" + Util.toXml(emailAddress) + "</md:EmailAddress>"));
final List<String> telephoneNumbers = contact.getTelephoneNumbers();
telephoneNumbers.forEach(telephoneNumber -> contactsXml
.append("<md:TelephoneNumber>" + Util.toXml(telephoneNumber) + "</md:TelephoneNumber>"));
contactsXml.append("</md:ContactPerson>");
}

Expand Down
29 changes: 17 additions & 12 deletions core/src/main/java/com/onelogin/saml2/settings/Saml2Settings.java
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,14 @@
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashSet;
import java.util.LinkedList;
import java.util.List;
import java.util.Set;

import com.onelogin.saml2.model.hsm.HSM;

import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.w3c.dom.Document;
Expand Down Expand Up @@ -1015,24 +1019,25 @@ public List<String> checkSPSettings() {

List<Contact> contacts = this.getContacts();
if (!contacts.isEmpty()) {
/*
List<String> validTypes = new ArrayList<String>();
validTypes.add("technical");
validTypes.add("support");
validTypes.add("administrative");
validTypes.add("billing");
validTypes.add("other");
*/
Set<String> validTypes = new HashSet<>();
validTypes.add(Constants.CONTACT_TYPE_TECHNICAL);
validTypes.add(Constants.CONTACT_TYPE_SUPPORT);
validTypes.add(Constants.CONTACT_TYPE_ADMINISTRATIVE);
validTypes.add(Constants.CONTACT_TYPE_BILLING);
validTypes.add(Constants.CONTACT_TYPE_OTHER);
for (Contact contact : contacts) {
/*
if (!validTypes.contains(contact.getContactType())) {
errorMsg = "contact_type_invalid";
errors.add(errorMsg);
LOGGER.error(errorMsg);
}
*/

if (contact.getEmailAddress().isEmpty() || contact.getGivenName().isEmpty()) {
if ((contact.getEmailAddresses().isEmpty()
|| contact.getEmailAddresses().stream().allMatch(StringUtils::isEmpty))
&& (contact.getTelephoneNumbers().isEmpty() || contact.getTelephoneNumbers()
.stream().allMatch(StringUtils::isEmpty))
&& StringUtils.isEmpty(contact.getCompany())
&& StringUtils.isEmpty(contact.getGivenName())
&& StringUtils.isEmpty(contact.getSurName())) {
errorMsg = "contact_not_enough_data";
errors.add(errorMsg);
LOGGER.error(errorMsg);
Expand Down
Loading

0 comments on commit 1198878

Please sign in to comment.