Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: ukf/ua-attribute-idp-ext
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: hide24/ua-attribute-idp-ext
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
Able to merge. These branches can be automatically merged.
  • 10 commits
  • 5 files changed
  • 1 contributor

Commits on Jun 15, 2012

  1. get CIDR block definition from another attribute.

    @hide24
    hide24 committed Jun 15, 2012
    Copy the full SHA
    8d41dc0 View commit details

Commits on Jun 16, 2012

  1. bug fix

    @hide24
    hide24 committed Jun 16, 2012
    Copy the full SHA
    003b09b View commit details

Commits on Jun 18, 2012

  1. xsd updated

    @hide24
    hide24 committed Jun 18, 2012
    Copy the full SHA
    0c41a6f View commit details

  2. Revert "xsd updated" 

    This reverts commit 0c41a6f.
    @hide24
    hide24 committed Jun 18, 2012
    Copy the full SHA
    0d535b1 View commit details

  3. xsd updated

    @hide24
    hide24 committed Jun 18, 2012
    Copy the full SHA
    1d87afb View commit details

  4. README updated

    @hide24
    hide24 committed Jun 18, 2012
    Copy the full SHA
    2f381ba View commit details

  5. xsd updated

    @hide24
    hide24 committed Jun 18, 2012
    Copy the full SHA
    21a210e View commit details

  6. xsd updated

    @hide24
    hide24 committed Jun 18, 2012
    Copy the full SHA
    455ea95 View commit details

Commits on Jun 19, 2012

  1. bug fix

    @hide24
    hide24 committed Jun 19, 2012
    Copy the full SHA
    3ef7e35 View commit details

Commits on Jun 20, 2012

  1. bug fix

    @hide24
    hide24 committed Jun 20, 2012
    Copy the full SHA
    a00d96e View commit details
16 changes: 15 additions & 1 deletion README.txt
View file
Original file line number Diff line number Diff line change
@@ -68,4 +68,18 @@ requires, and only accepts, following XML attributes:
You can have more than one mapping rule with the same CIDR block. This allows
you to create multiple attributes for the given CIDR block. You can also specify
a given attribute ID more than once in order to generate multiple values
for the ID.
for the ID.

CIDR Block definition from another attribute
=============================================
The following XML attribute was added.
* cidrAttributeId - the ID of the attribute that contains CIDR block definition

When any value of the attribute matches the IP address of the user agent, mapping is triggered.
The attribute needs to be resolved before starting this data connector.

<resolver:DataConnector id="UNIQUE_ID" xsi:type="uadc:UserAgentMappedAttributes">
<uadc:Mapping cidrAttributeId="ATTRIBUTE_ID" attributeId="..." attributeValue="..." />
<resolver:Dependency ref="ATTRIBUTE_ID" />
</resolver:DataConnector>

58 changes: 53 additions & 5 deletions ...ain/java/uk/org/ukfederation/uaattribute/resolver/UserAgentAttributeMapDataConnector.java
View file
Original file line number Diff line number Diff line change
@@ -17,6 +17,7 @@
import java.util.Collections;
import java.util.HashMap;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.util.Set;

@@ -43,14 +44,14 @@ public class UserAgentAttributeMapDataConnector extends BaseDataConnector {
private final Logger log = LoggerFactory.getLogger(UserAgentAttributeMapDataConnector.class);

/** Map from IP ranges to the attribute name/value pairs that they trigger. */
private List<Pair<IPRange, Pair<String, String>>> attributeMappings;
private List<Pair<Pair<String, String>, Pair<String, String>>> attributeMappings;

/**
* Sets the mappings from IP ranges to attributes/values.
*
* @param mappings mappings from IP ranges to attributes/values
*/
public void setAttributeMappings(List<Pair<IPRange, Pair<String, String>>> mappings) {
public void setAttributeMappings(List<Pair<Pair<String, String>, Pair<String, String>>> mappings) {
attributeMappings = mappings;
}

@@ -64,9 +65,26 @@ public Map<String, BaseAttribute> resolve(ShibbolethResolutionContext resolution

byte[] uaAddress = uaPrincpal.getUserAgentAddress();
HashMap<String, BaseAttribute> mappedAttributes = new HashMap<String, BaseAttribute>();
for (Pair<IPRange, Pair<String, String>> mapping : attributeMappings) {
if (mapping.getFirst().contains(uaAddress)) {
addAttributeValue(mapping.getSecond(), mappedAttributes);
String type;
IPRange ipRange;
for (Pair<Pair<String, String>, Pair<String, String>> mapping : attributeMappings) {
type = mapping.getFirst().getFirst();
if (type.equals("CIDR")) {
ipRange = IPRange.parseCIDRBlock(mapping.getFirst().getSecond());
if (ipRange.contains(uaAddress)) {
addAttributeValue(mapping.getSecond(), mappedAttributes);
}
} else {
String cidrAttributeId = mapping.getFirst().getSecond();
List<String> values = getAttributeValue(resolutionContext, cidrAttributeId);
for (String ipRangeString : values) {
log.debug("inspect IP range :" + ipRangeString.toString());
ipRange = IPRange.parseCIDRBlock(ipRangeString);
if (ipRange.contains(uaAddress)) {
log.debug("uaAddress matches :" + ipRangeString.toString());
addAttributeValue(mapping.getSecond(), mappedAttributes);
}
}
}
}

@@ -121,6 +139,36 @@ private void addAttributeValue(Pair<String, String> attributeDescriptor,
}
}

/**
* Get attribute value from resolution context.
* If no {@link BasicAttribute} with the given ID exists, it is empty list will be return.
*
* @param resolutionContext current resolution context
* @param attributeId attribute ID that you want values
*
* @return list of values
*/
private List<String> getAttributeValue(ShibbolethResolutionContext resolutionContext, String attributeId) {
log.debug("Get attribute value of (" + attributeId.toString() + ")");
List<String> values = new ArrayList<String>();
try {
BaseAttribute attribute = resolutionContext.getResolvedAttributeDefinitions().get(attributeId).resolve(resolutionContext);
if (attribute != null) {
for (Object value: attribute.getValues()) {
if (value != null && !value.toString().trim().equals("")) {
values.add(value.toString().trim());
log.debug("Detect value:" + value.toString().trim());
}
}
}
} catch(AttributeResolutionException e) {

}
// BaseAttribute attribute = attributes.get(attributeId).get(attributeId);

return values;
}

/** {@inheritDoc} */
public void validate() throws AttributeResolutionException {

23 changes: 17 additions & 6 deletions ...deration/uaattribute/resolver/UserAgentAttributeMapDataConnectorBeanDefinitionParser.java
View file
Original file line number Diff line number Diff line change
@@ -50,6 +50,9 @@ public class UserAgentAttributeMapDataConnectorBeanDefinitionParser extends Base
/** Name of the attribute carrying the value of the IdP attribute. */
public static final String ATTRIBUTE_VALUE_ATTR_NAME = "attributeValue";

/** Name of the attribute carrying the CIDR block of the IdP attribute. */
public static final String CIDR_BLOCK_ATTRIBUTE_ID_ATTR_NAME = "cidrAttributeId";

/** Class logger. */
private final Logger log = LoggerFactory.getLogger(UserAgentAttributeMapDataConnectorBeanDefinitionParser.class);

@@ -77,16 +80,18 @@ protected void doParse(String pluginId, Element pluginConfig, Map<QName, List<El
*
* @return the parsed forms of the elements
*/
private List<Pair<IPRange, Pair<String, String>>> parseAttributeMappings(List<Element> mappings) {
ArrayList<Pair<IPRange, Pair<String, String>>> parsedMappings =
new ArrayList<Pair<IPRange, Pair<String, String>>>();
private List<Pair<Pair<String, String>, Pair<String, String>>> parseAttributeMappings(List<Element> mappings) {
ArrayList<Pair<Pair<String, String>, Pair<String, String>>> parsedMappings =
new ArrayList<Pair<Pair<String, String>, Pair<String, String>>>();

String ipRangeString;
String attributeId;
String attributeValue;
String cidrAttributeId;
for (Element mapping : mappings) {
ipRangeString = DatatypeHelper.safeTrimOrNullString(mapping.getAttributeNS(null, CIDR_BLOCK_ATTR_NAME));
if (ipRangeString == null) {
cidrAttributeId = DatatypeHelper.safeTrimOrNullString(mapping.getAttributeNS(null, CIDR_BLOCK_ATTRIBUTE_ID_ATTR_NAME));
if (ipRangeString == null && cidrAttributeId == null) {
log.debug("Ignoring mapping with missing or empty CIDR block");
}

@@ -101,8 +106,14 @@ private List<Pair<IPRange, Pair<String, String>>> parseAttributeMappings(List<El
log.debug("Ignoring mapping with missing or empty attribute value");
}

parsedMappings.add(new Pair<IPRange, Pair<String, String>>(IPRange.parseCIDRBlock(ipRangeString),
new Pair<String, String>(attributeId, attributeValue)));
if (ipRangeString != null) {
parsedMappings.add(new Pair<Pair<String, String>, Pair<String, String>>(new Pair<String, String>("CIDR", ipRangeString),
new Pair<String, String>(attributeId, attributeValue)));
}
if (cidrAttributeId != null) {
parsedMappings.add(new Pair<Pair<String, String>, Pair<String, String>>(new Pair<String, String>("AttributeId", cidrAttributeId),
new Pair<String, String>(attributeId, attributeValue)));
}
}

return parsedMappings;
4 changes: 2 additions & 2 deletions .../org/ukfederation/uaattribute/resolver/UserAgentAttributeMapDataConnectorFactoryBean.java
View file
Original file line number Diff line number Diff line change
@@ -25,14 +25,14 @@
public class UserAgentAttributeMapDataConnectorFactoryBean extends BaseDataConnectorFactoryBean {

/** Map from IP ranges to the attribute name/value pairs that they trigger. */
private List<Pair<IPRange, Pair<String, String>>> attributeMappings;
private List<Pair<Pair<String, String>, Pair<String, String>>> attributeMappings;

/**
* Sets the mappings from IP ranges to attributes/values.
*
* @param mappings mappings from IP ranges to attributes/values
*/
public void setAttributeMappings(List<Pair<IPRange, Pair<String, String>>> mappings){
public void setAttributeMappings(List<Pair<Pair<String, String>, Pair<String, String>>> mappings){
attributeMappings = mappings;
}

7 changes: 5 additions & 2 deletions src/main/resources/schema/ua-attribute-resolver.xsd
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
<schema targetNamespace="http://ukfederation.org.uk/schemas/uaattribute/resolver" xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:resolver="urn:mace:shibboleth:2.0:resolver" elementFormDefault="qualified">
xmlns:resolver="urn:mace:shibboleth:2.0:resolver"
elementFormDefault="qualified">

<import namespace="urn:mace:shibboleth:2.0:resolver" schemaLocation="classpath:/schema/shibboleth-2.0-attribute-resolver.xsd" />

@@ -9,11 +10,13 @@
<sequence>
<element name="Mapping" minOccurs="0" maxOccurs="unbounded">
<complexType>
<attribute name="cidrBlock" type="string" use="required" />
<attribute name="cidrBlock" type="string" use="optional" />
<attribute name="cidrAttributeId" type="string" use="optional" />
<attribute name="attributeId" type="string" use="required" />
<attribute name="attributeValue" type="string" use="required" />
</complexType>
</element>
<element ref="resolver:Dependency" />
</sequence>
</extension>
</complexContent>