SHIBUI-799: SHIBUI-1022 implement predicate rules during filter reload

TIER · Nov 29, 2018 · 332504c · 332504c
1 parent 91a8736
commit 332504c
Showing 1 changed file with 21 additions and 0 deletions.
diff --git a/...oovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy b/...oovy/edu/internet2/tier/shibboleth/admin/ui/service/JPAMetadataResolverServiceImpl.groovy
@@ -28,6 +28,7 @@ import org.opensaml.saml.common.profile.logic.EntityIdPredicate
 import org.opensaml.saml.metadata.resolver.MetadataResolver
 import org.opensaml.saml.metadata.resolver.filter.MetadataFilter
 import org.opensaml.saml.metadata.resolver.filter.MetadataFilterChain
+import org.opensaml.saml.metadata.resolver.filter.impl.NameIDFormatFilter
 import org.opensaml.saml.saml2.core.Attribute
 import org.opensaml.saml.saml2.metadata.EntityDescriptor
 import org.springframework.beans.factory.annotation.Autowired
@@ -96,6 +97,26 @@ class JPAMetadataResolverServiceImpl implements MetadataResolverService {
                     target.setRules(rules)
                     metadataFilters.add(target)
                 }
+                if(metadataFilter instanceof NameIdFormatFilter) {
+                    NameIdFormatFilter nameIdFormatFilter = NameIdFormatFilter.cast(metadataFilter)
+                    NameIDFormatFilter openSamlTargetFilter = new NameIDFormatFilter()
+                    Map<Predicate<EntityDescriptor>, Collection<String>> predicateRules = [:]
+                    nameIdFormatFilter.formats.each {
+                        switch (it.type) {
+                            case ENTITY:
+                                predicateRules.put(new EntityIdPredicate([it.value]), [it.format])
+                                break
+                            case CONDITION_SCRIPT:
+                                predicateRules.put(new ScriptedPredicate(new EvaluableScript(it.value)), [it.format])
+                                break
+                            default:
+                                // do nothing, we'd have exploded elsewhere previously.
+                                break
+                        }
+                    }
+                    openSamlTargetFilter.rules = predicateRules
+                    metadataFilters << openSamlTargetFilter
+                }
             }
             metadataFilterChain.setFilters(metadataFilters)
         }