[SHIBUI-1058]

More security WIP goodness.
TIER · Jan 28, 2019 · ebb0605 · ebb0605
1 parent 2e79fb5
commit ebb0605
Show file tree

Hide file tree

Showing 5 changed files with 3,754 additions and 167 deletions.
diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/AddNewUserFilter.java
@@ -25,7 +25,6 @@
 import javax.servlet.http.HttpServletResponse;
 import java.io.IOException;
 import java.util.List;
-import java.util.Map;
 import java.util.Optional;
 
 /**

diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/Pac4jConfiguration.java
@@ -33,12 +33,12 @@ public Config config(final Pac4jConfigurationProperties pac4jConfigurationProper
         saml2ClientConfiguration.setServiceProviderMetadataPath(pac4jConfigurationProperties.getServiceProviderMetadataPath());
         saml2ClientConfiguration.setForceServiceProviderMetadataGeneration(pac4jConfigurationProperties.isForceServiceProviderMetadataGeneration());
         saml2ClientConfiguration.setWantsAssertionsSigned(pac4jConfigurationProperties.isWantAssertionsSigned());
-        // TODO: make not hardcoded
-        saml2ClientConfiguration.setAttributeAsId("email");
-        Map<String, String> mappedAttributes = new HashMap<>();
-        // TODO: make not hardcoded
-        mappedAttributes.put("email", Pac4jConstants.USERNAME);
-        saml2ClientConfiguration.setMappedAttributes(mappedAttributes);
+
+/*        Map<String, String> mappedAttributes = new HashMap<>();
+        mappedAttributes.put(pac4jConfigurationProperties.getSaml2ProfileMapping().getUsername(), Pac4jConstants.USERNAME);
+        saml2ClientConfiguration.setMappedAttributes(mappedAttributes);*/
+
+        saml2ClientConfiguration.setAttributeAsId(pac4jConfigurationProperties.getSaml2ProfileMapping().getUsername());
 
         final SAML2Client saml2Client = new SAML2Client(saml2ClientConfiguration);
         saml2Client.setName("Saml2Client");

diff --git a/pac4j-module/src/main/java/net/unicon/shibui/pac4j/SAML2ModelAuthorizationGenerator.java b/pac4j-module/src/main/java/net/unicon/shibui/pac4j/SAML2ModelAuthorizationGenerator.java
@@ -17,7 +17,7 @@ public SAML2ModelAuthorizationGenerator(UserRepository userRepository) {
 
     @Override
     public SAML2Profile generate(WebContext context, SAML2Profile profile) {
-        Optional<User> user = userRepository.findByUsername(profile.getUsername());
+        Optional<User> user = userRepository.findByUsername(profile.getId());
         user.ifPresent( u -> profile.addRole(u.getRole()));
         return profile;
     }

diff --git a/pac4j-module/src/main/java/org/pac4j/core/profile/CommonProfile.java b/pac4j-module/src/main/java/org/pac4j/core/profile/CommonProfile.java