java source code of SamlAuthProperties

Project: centraldogma (GitHub Link)

centraldogma-master
- testing-internal
  - src
    - main
      - resources
        logback-test.xml
        META-INF
        services
        org.junit.jupiter.api.extension.Extension
        junit-platform.properties
      - java
        com
        linecorp
        centraldogma
        testing
        internal
        TestUtil.java
        TemporaryFolderExtension.java
        ProjectManagerExtension.java
        ExpectedExceptionAppender.java
        auth
        TestAuthMessageUtil.java
        TestAuthProviderFactory.java
        TestAuthProvider.java
    - test
      - java
        com
        linecorp
        centraldogma
        testing
        internal
        TemporaryFolderExtensionTest.java
  - build.gradle
- NOTICE.txt
- .github
  - pom.xml
  - CODEOWNERS
- server-auth
  - shiro
    - src
      - main
        java
        com
        linecorp
        centraldogma
        server
        auth
        shiro
        LimitedMemorySessionDAO.java
        LoginService.java
        ShiroAuthProviderFactory.java
        ShiroAuthProvider.java
        package-info.java
        LogoutService.java
        realm
        package-info.java
        SearchFirstActiveDirectoryRealm.java
      - test
        java
        com
        linecorp
        centraldogma
        server
        auth
        shiro
        ShiroLoginAndLogoutTest.java
    - build.gradle
  - saml
    - src
      - main
        java
        com
        linecorp
        centraldogma
        server
        auth
        saml
        SamlAuthProperties.java
        SamlAuthSsoHandler.java
        SamlAuthProvider.java
        package-info.java
        SamlAuthProviderFactory.java
        HtmlUtil.java
      - test
        resources
        test.jks
        java
        com
        linecorp
        centraldogma
        server
        auth
        saml
        SamlAuthTest.java
    - build.gradle
  - webapp
    - src
      - App.tsx
      - LoginForm.tsx
      - index.tsx
      - LogoutForm.tsx
      - App.css
      - index.css
      - react-app-env.d.ts
    - public
      - index.html
    - tslint.json
    - build.gradle
    - package.json
    - tsconfig.json
- it
  - src
    - test
      - resources
        com
        linecorp
        centraldogma
        it
        import
        test2.json
        test1.json
      - java
        com
        linecorp
        centraldogma
        it
        TestConstants.java
        ProjectManagementTest.java
        RepositoryManagementTest.java
        PreviewDiffsTest.java
        updater
        CentralDogmaBeanTest.java
        GracefulShutdownTest.java
        FileManagementTest.java
        PrematureClientFactoryCloseTest.java
        GetDiffTest.java
        mirror
        git
        GitMirrorAuthTest.java
        GitMirrorTest.java
        ClientType.java
        CentralDogmaExtensionWithScaffolding.java
        CentralDogmaEndpointGroupTest.java
        FileHistoryAndDiffTest.java
        CacheTest.java
        GetFileTest.java
        RevisionNormalizationTest.java
        MergeFileTest.java
        WatchTest.java
  - build.gradle
- gradle.properties
- gradle
  - wrapper
    - gradle-wrapper.properties
  - scripts
    - .github
      - CODEOWNERS
    - .gitrepo
    - build-flags.gradle
    - lib
      - java-coverage.gradle
      - common-git.gradle
      - common-info.gradle
      - java-javadoc.pre-jdk9.css
      - java-alpn.gradle
      - java-javadoc.css
      - java.gradle
      - prerequisite.gradle
      - common-dependencies.gradle
      - java-shade.gradle
      - java-publish.gradle
      - java-rpc-thrift.gradle
      - common-publish.gradle
      - common-release.gradle
      - common-misc.gradle
      - java-javadoc.gradle
      - bom.gradle
      - java-rpc-proto.gradle
      - common-wrapper.gradle
      - thrift
        0.11
        0.10
        0.12
        0.13
        0.9
      - java-versionprops.gradle
    - README.md
    - settings-flags.gradle
- licenses
  - LICENSE.assertj.al20.txt
  - LICENSE.cron-utils.al20.txt
  - LICENSE.angular-cache-buster.mit.txt
  - LICENSE.jetty-alpn-api.al20.txt
  - LICENSE.angular-translate.mit.txt
  - LICENSE.angular-ui-notification.mit.txt
  - LICENSE.spring.al20.txt
  - LICENSE.zookeeper.al20.txt
  - LICENSE.bgentry-go-netrc.mit.txt
  - LICENSE.logback.epl10.html
  - LICENSE.jsdiff.bsd.txt
  - LICENSE.jsr305.al20.txt
  - LICENSE.armeria.al20.txt
  - LICENSE.fast-json-patch.mit.txt
  - LICENSE.fge-json-patch.al20.txt
  - LICENSE.urfave-cli.mit.txt
  - LICENSE.jayway-jsonpath.al20.txt
  - LICENSE.guava.al20.txt
  - LICENSE.hamcrest.bsd.txt
  - LICENSE.jackson.al20.txt
  - LICENSE.es6-promise.mit.txt
  - LICENSE.fontawesome.ofl11.txt
  - LICENSE.bootstrap.mit.txt
  - LICENSE.jcommander.al20.txt
  - LICENSE.jquery.mit.txt
  - LICENSE.jsch.bsd.txt
  - LICENSE.jsonunit.al20.txt
  - LICENSE.mockito.mit.txt
  - LICENSE.javax-validation.al20.txt
  - LICENSE.angularjs.mit.txt
  - LICENSE.angular-ui.mit.txt
  - LICENSE.fontawesome.mit.txt
  - LICENSE.momentjs.mit.txt
  - LICENSE.javax-inject.al20.txt
  - LICENSE.json3.mit.txt
  - LICENSE.ace.bsd.txt
  - LICENSE.slf4j.mit.txt
  - LICENSE.junit.epl10.html
  - LICENSE.curator.al20.txt
  - LICENSE.completable-futures.al20.txt
  - LICENSE.hibernate.al20.txt
  - LICENSE.bootswatch.mit.txt
  - LICENSE.rtdtheme.mit.txt
  - LICENSE.thrift.al20.txt
  - LICENSE.quartz.al20.txt
  - LICENSE.requirejs.mit.txt
  - LICENSE.awaitility.al20.txt
  - LICENSE.jgit.edl10.txt
  - LICENSE.javassist.mpl11.html
  - LICENSE.testng.al20.txt
  - LICENSE.angular-dynamic-locale.mit.txt
  - LICENSE.java-diff-utils.al11.txt
  - LICENSE.angular-local-storage.mit.txt
  - LICENSE.jetty-alpn-agent.al20.txt
  - LICENSE.caffeine.al20.txt
  - LICENSE.shiro.al20.txt
- client
  - java-armeria
    - src
      - main
        java
        com
        linecorp
        centraldogma
        client
        armeria
        ArmeriaCentralDogma.java
        ArmeriaCentralDogmaBuilder.java
        CentralDogmaEndpointGroup.java
        AbstractArmeriaCentralDogmaBuilder.java
        EndpointListDecoder.java
        TextEndpointListDecoder.java
        package-info.java
        EndpointListCodecUtils.java
        CompositeEndpointGroup.java
        ArmeriaClientConfigurator.java
        JsonEndpointListDecoder.java
      - test
        resources
        centraldogma-profiles-test.json
        java
        com
        linecorp
        centraldogma
        client
        armeria
        ArmeriaCentralDogmaBuilderTest.java
        TextEndpointListDecoderTest.java
        JsonEndpointListDecoderTest.java
        ArmeriaCentralDogmaTest.java
    - build.gradle
  - java-armeria-legacy
    - src
      - main
        java
        com
        linecorp
        centraldogma
        client
        armeria
        legacy
        LegacyCentralDogmaBuilder.java
        LegacyCentralDogma.java
        package-info.java
        LegacyCentralDogmaTimeoutScheduler.java
      - test
        java
        com
        linecorp
        centraldogma
        client
        armeria
        legacy
        LegacyCentralDogmaTimeoutSchedulerTest.java
        ThriftTypes.java
        LegacyCentralDogmaTest.java
    - build.gradle
  - java-spring-boot1-starter
    - build.gradle
  - java-spring-boot-starter
    - build.gradle
  - java-spring-boot1-autoconfigure
    - build.gradle
  - java
    - src
      - main
        java
        com
        linecorp
        centraldogma
        client
        AbstractCentralDogmaBuilder.java
        TransformingWatcher.java
        WatchConstants.java
        Watcher.java
        CentralDogma.java
        updater
        CentralDogmaBeanFactory.java
        CloseMethodDelegate.java
        CentralDogmaBeanMethodHandler.java
        package-info.java
        CentralDogmaBean.java
        DefaultMethodDelegate.java
        MethodDelegate.java
        RevisionMethodDelegate.java
        CentralDogmaBeanConfigBuilder.java
        CentralDogmaBeanConfig.java
        AbstractCentralDogma.java
        Latest.java
        package-info.java
        RepositoryInfo.java
        ClientProfile.java
        internal
        client
        FileWatcher.java
        RepositoryWatcher.java
        ReplicationLagTolerantCentralDogma.java
        AbstractWatcher.java
      - test
        resources
        centraldogma-profiles.json
        centraldogma-profiles-test.json
        java
        com
        linecorp
        centraldogma
        client
        CentralDogmaBuilderTest.java
        internal
        client
        ReplicationLagTolerantCentralDogmaTest.java
    - build.gradle
  - java-spring-boot-autoconfigure
    - src
      - main
        resources
        META-INF
        spring.factories
        java
        com
        linecorp
        centraldogma
        client
        spring
        CentralDogmaClientAutoConfiguration.java
        package-info.java
        CentralDogmaSettings.java
      - test
        resources
        centraldogma-profiles-test.json
        config
        application-otherProps.yml
        application-useProfile.yml
        application-useHosts.yml
        java
        com
        linecorp
        centraldogma
        client
        spring
        CentralDogmaAutoConfigurationTest.java
        CentralDogmaClientAutoConfigurationHostsTest.java
        CentralDogmaClientAutoConfigurationOtherPropsTest.java
        CentralDogmaClientAutoConfigurationProfileTest.java
        CentralDogmaClientAutoConfigurationSpringProfileTest.java
        CentralDogmaClientAutoConfigurationWithClientFactoryTest.java
    - build.gradle
- gradlew.bat
- site
  - src
    - xref
      - stylesheet.css
    - sphinx
      - _extensions
        highlightjs.py
        api.py
      - mirroring.rst
      - setup-configuration.rst
      - _images
      - auth.rst
      - setup.rst
      - setup-installation.rst
      - known-issues.rst
      - index.rst
      - conf.py
      - client-cli.rst
      - _templates
        breadcrumbs.html
        layout.html
      - concepts.rst
      - _static
        central_dogma.ai
        schema-centraldogma-profiles.json
        add_badges.js
        center_page.js
        overrides.css
      - client-java.rst
    - apidocs
      - package-lists
        jackson-databind
        package-list
        commons-daemon
        package-list
        shiro
        package-list
        armeria
        package-list
        java
        package-list
        junit
        package-list
      - stylesheet.css
  - build.gradle
- dist
  - src
    - bin
      - shutdown
      - common.pre.sh
      - common.sh
      - dogma
      - startup
    - conf
      - logback.xml
      - shiro.example.ldap.ini
      - shiro.example.local.ini
      - shiro.example.jdbc.ini
      - dogma.json
  - build.gradle
  - Dockerfile
- cli
  - build.gradle
- gradlew
- .post-release-msg
- common
  - src
    - main
      - resources
        com
        linecorp
        centraldogma
        internal
        jsonpatch
        messages.properties
      - java
        com
        linecorp
        centraldogma
        common
        JsonMergeQuery.java
        ChangeFormatException.java
        RepositoryExistsException.java
        DefaultChange.java
        RedundantChangeException.java
        MergeQuery.java
        PushResult.java
        ProjectNotFoundException.java
        EntryNotFoundException.java
        Entry.java
        AuthorizationException.java
        EntryNoContentException.java
        ChangeConflictException.java
        ContentHolder.java
        Query.java
        RepositoryNotFoundException.java
        util
        NonNullByDefault.java
        package-info.java
        Markup.java
        QueryExecutionException.java
        ProjectExistsException.java
        CentralDogmaException.java
        MergedEntry.java
        package-info.java
        Revision.java
        RevisionNotFoundException.java
        EntryType.java
        MergeSource.java
        QuerySyntaxException.java
        Author.java
        QueryType.java
        RevisionJsonSerializer.java
        Commit.java
        RevisionJsonDeserializer.java
        RevisionRange.java
        IdentityQuery.java
        Change.java
        ChangeType.java
        JsonPathQuery.java
        ShuttingDownException.java
        internal
        CsrfToken.java
        Jackson.java
        api
        v1
        CreateRepositoryRequest.java
        AccessToken.java
        PushResultDto.java
        ChangeDto.java
        CommitMessageDto.java
        CommitDto.java
        HttpApiV1Constants.java
        RepositoryDto.java
        WatchTimeout.java
        CreateProjectRequest.java
        ProjectDto.java
        MergedEntryDto.java
        WatchResultDto.java
        EntryDto.java
        CommitMessageDtoDeserializer.java
        jsonpatch
        SafeReplaceOperation.java
        JsonPatchUtil.java
        CopyOperation.java
        TestOperation.java
        JsonPatchException.java
        JsonNumEquals.java
        RemoveIfExistsOperation.java
        RemoveOperation.java
        AddOperation.java
        DiffProcessor.java
        package-info.java
        MoveOperation.java
        JsonPatch.java
        DualPathOperation.java
        PathValueOperation.java
        ReplaceOperation.java
        JsonPatchOperation.java
        TestAbsenceOperation.java
        ReplaceMode.java
        Util.java
        DeletingFileVisitor.java
    - test
      - resources
        jsonpatch
        removeIfExists.json
        copy.json
        remove.json
        safe_replace.json
        test.json
        add.json
        diff
        unchanged.json
        diff.json
        replace.json
        move.json
        testsuite.json
        testAbsence.json
      - java
        com
        linecorp
        centraldogma
        common
        CentralDogmaExceptionTest.java
        EntryTest.java
        ChangeTest.java
        RevisionTest.java
        AuthorTest.java
        RevisionRangeTest.java
        internal
        UtilTest.java
        JacksonTest.java
        api
        v1
        WatchTimeoutTest.java
        jsonpatch
        JsonPatchOperationTest.java
        JsonPatchGenerationTest.java
        JsonPatchTestSuite.java
        JsonPatchUnchangedTest.java
        JsonPatchTest.java
        RemoveIfExistsOperationTest.java
        RemoveOperationTest.java
        JsonPatchOperationSerializationTest.java
        thrift
        QueryConverterTest.java
        RevisionConverterTest.java
        AuthorConverterTest.java
        CommitConverterTest.java
        EntryConverterTest.java
        ChangeConverterTest.java
        MarkupConverterTest.java
  - build.gradle
- dependencies.yml
- CONTRIBUTING.md
- .gitattributes
- .appveyor.yml
- build.gradle
- .travis.yml
- README.md
- common-legacy
  - src
    - main
      - java
        com
        linecorp
        centraldogma
        internal
        thrift
        ChangeConverter.java
        RevisionConverter.java
        MarkupConverter.java
        MergeQueryConverter.java
        AuthorConverter.java
        PushResultConverter.java
        CommitConverter.java
        EntryConverter.java
        QueryConverter.java
      - thrift
        CentralDogma.thrift
    - test
      - java
        com
        linecorp
        centraldogma
        internal
        thrift
        ThriftTextCompatibilityTest.java
  - build.gradle
- CODE_OF_CONDUCT.md
- server
  - src
    - main
      - resources
        META-INF
        services
        com.linecorp.centraldogma.server.plugin.Plugin
        webapp
        robots.txt
        i18n
        en.main.json
        fonts
        glyphicons-halflings-regular.woff
        glyphicons-halflings-regular.eot
        glyphicons-halflings-regular.woff2
        glyphicons-halflings-regular.ttf
        glyphicons-halflings-regular.svg
        scripts
        components
        language
        language.controller.js
        language.service.js
        user
        user.service.js
        util
        confirmation-dialog.js
        api.service.js
        confirmation-dialog.html
        string-util.service.js
        api.v1.service.js
        search.directive.js
        notification-util.service.js
        revision.directive.js
        truncate.filter.js
        ace-editor.directive.js
        title
        title.service.js
        navbar
        navbar.directive.js
        navbar.controller.js
        navbar.html
        auth
        authority.directive.js
        security.service.js
        principal.service.js
        entities
        permission.js
        repository.service.js
        project.service.js
        settings.service.js
        identifier.with.role.js
        entities.util.js
        app
        user
        user.js
        app.js
        entities
        metadata
        metadata.js
        metadata.project.controller.js
        metadata.project.html
        metadata.repository.controller.js
        metadata.repository.html
        repositories
        repository.history.html
        repositories.js
        repository.file.delete.controller.js
        repository.file.edit.controller.js
        repository.new.controller.js
        repository.new.html
        repository.query.controller.js
        repository.file.html
        repository.file.new.html
        repository.tree.html
        repository.file.new.controller.js
        repository.file.edit.html
        repository.file.delete.html
        repository.tree.controller.js
        repository.search.controller.js
        repository.search.html
        repository.history.controller.js
        repository.query.html
        repository.file.controller.js
        projects
        projects.controller.js
        projects.html
        project.controller.js
        project.new.html
        projects.js
        project.html
        project.new.controller.js
        entity.js
        settings
        tokens
        token.new.controller.js
        token.new.html
        tokens.js
        tokens.html
        tokens.controller.js
        token.generated.html
        token.generated.controller.js
        setting.js
        styles
        main.css
        index.html
      - java
        com
        linecorp
        centraldogma
        server
        ReplicationMethod.java
        CacheStatsSerializer.java
        GracefulShutdownTimeout.java
        storage
        StorageException.java
        project
        Project.java
        package-info.java
        ProjectManager.java
        StorageManager.java
        package-info.java
        repository
        FindOptions.java
        RepositoryManager.java
        MetaRepository.java
        package-info.java
        Repository.java
        RepositoryUtil.java
        FindOption.java
        ZooKeeperAddress.java
        MirrorException.java
        PluginGroup.java
        plugin
        Plugin.java
        PluginTarget.java
        package-info.java
        PluginContext.java
        CentralDogma.java
        TlsConfig.java
        metadata
        Tokens.java
        Token.java
        MigrationUtil.java
        PerRolePermissions.java
        UserWithToken.java
        RepositorySupport.java
        UserAndTimestamp.java
        MetadataServiceInjector.java
        MetadataService.java
        Identifiable.java
        TokenRegistration.java
        package-info.java
        Permission.java
        HolderWithRevision.java
        ProjectRole.java
        ProjectMetadata.java
        User.java
        RepositoryMetadata.java
        Member.java
        MirroringService.java
        mirror
        MirrorUtil.java
        package-info.java
        MirrorCredential.java
        MirrorSchemes.java
        Mirror.java
        MirrorDirection.java
        Main.java
        package-info.java
        internal
        storage
        PurgeSchedulingServicePlugin.java
        PurgeSchedulingService.java
        DirectoryBasedStorageManager.java
        project
        SafeProjectManager.java
        ProjectInitializer.java
        DefaultProject.java
        DefaultProjectManager.java
        package-info.java
        RequestAlreadyTimedOutException.java
        repository
        RepositoryCache.java
        RepositoryMetadataException.java
        DefaultMetaRepository.java
        CacheableCall.java
        RepositoryWrapper.java
        cache
        CacheableMergeQueryCall.java
        CacheableMultiDiffCall.java
        CacheableSingleDiffCall.java
        CacheableHistoryCall.java
        CacheableFindLatestRevCall.java
        CacheableFindCall.java
        CachingRepositoryManager.java
        CacheableQueryCall.java
        CachingRepository.java
        RepositoryManagerWrapper.java
        git
        CommitUtil.java
        PathPatternFilter.java
        TagUtil.java
        LruMap.java
        CommitIdDatabase.java
        GitRepositoryManager.java
        CacheableCompareTreesCall.java
        GitRepositoryFormat.java
        FailFastUtil.java
        GitRepository.java
        CommitWatchers.java
        replication
        ZooKeeperCommandExecutor.java
        ReplicationLog.java
        ReplicationException.java
        EmbeddedZooKeeper.java
        admin
        dto
        CommentDto.java
        AuthorDto.java
        RevisionDto.java
        PluginDto.java
        ChangeDto.java
        SchemaDto.java
        CommitMessageDto.java
        CommitDto.java
        PluginOperationParamDefDto.java
        SchemaEntryDto.java
        PluginOperationReturnDefDto.java
        SubscriberDto.java
        RepositoryDto.java
        ExceptionDto.java
        package-info.java
        GetFileResultDto.java
        ProjectDto.java
        EntryDto.java
        PluginOperationDto.java
        PropertyFilterDto.java
        util
        RestfulJsonResponseConverter.java
        service
        UserService.java
        DtoConverter.java
        RepositoryService.java
        TokenNotFoundException.java
        package-info.java
        DefaultLogoutService.java
        auth
        AuthUtil.java
        SessionTokenAuthorizer.java
        ExpiredSessionDeletingSessionManager.java
        OrElseDefaultHttpFileService.java
        FileBasedSessionManager.java
        package-info.java
        LegacyToken.java
        CsrfTokenAuthorizer.java
        ForwardingSessionManager.java
        CachedSessionManager.java
        api
        ContentServiceV1.java
        HttpApiUtil.java
        HttpApiExceptionHandler.java
        WatchService.java
        DtoConverter.java
        ProjectServiceV1.java
        AbstractService.java
        converter
        CommitMessageRequestConverter.java
        MergeQueryRequestConverter.java
        HttpApiResponseConverter.java
        CreateApiResponseConverter.java
        WatchRequestConverter.java
        QueryRequestConverter.java
        ChangesRequestConverter.java
        HttpApiRequestConverter.java
        auth
        ApplicationTokenAuthorizer.java
        RequiresReadPermission.java
        RequiresAdministrator.java
        RequiresAdministratorDecorator.java
        RequiresWritePermission.java
        package-info.java
        RequiresRoleDecorator.java
        RequiresRole.java
        RequiresPermissionDecorator.java
        TokenService.java
        MetadataApiService.java
        RepositoryServiceV1.java
        AdministrativeService.java
        mirror
        CentralDogmaMirror.java
        DefaultMirroringService.java
        credential
        MirrorCredentialUtil.java
        AbstractMirrorCredential.java
        NoneMirrorCredential.java
        PublicKeyMirrorCredential.java
        PasswordMirrorCredential.java
        GitMirror.java
        GitWithAuth.java
        AbstractMirror.java
        MirrorState.java
        DefaultMirroringServicePlugin.java
        thrift
        CentralDogmaServiceImpl.java
        CentralDogmaTimeoutScheduler.java
        TokenlessClientLogger.java
        Converter.java
        CentralDogmaExceptionTranslator.java
        CentralDogmaExceptions.java
        NoneReplicationConfig.java
        CentralDogmaConfig.java
        CentralDogmaBuilder.java
        auth
        AuthProviderFactory.java
        AuthException.java
        SessionManager.java
        AuthConfig.java
        AuthProvider.java
        Session.java
        package-info.java
        RawSessionJsonSerializer.java
        RawSessionJsonDeserializer.java
        AuthProviderParameters.java
        command
        ForwardingCommandExecutor.java
        RemoveSessionCommand.java
        CommandExecutor.java
        PurgeRepositoryCommand.java
        CreateRepositoryCommand.java
        RemoveProjectCommand.java
        CreateProjectCommand.java
        PurgeProjectCommand.java
        StandaloneCommandExecutor.java
        UnremoveProjectCommand.java
        Command.java
        PushCommand.java
        package-info.java
        CreateSessionCommand.java
        AbstractCommandExecutor.java
        ProjectCommand.java
        AbstractCommand.java
        RemoveRepositoryCommand.java
        SessionCommand.java
        RepositoryCommand.java
        CommandType.java
        RootCommand.java
        UnremoveRepositoryCommand.java
        CentralDogmaAuthFailureHandler.java
        ReplicationConfig.java
        ZooKeeperReplicationConfig.java
    - jmh
      - java
        com
        linecorp
        centraldogma
        server
        internal
        storage
        repository
        git
        GitRepositoryBenchmark.java
    - test
      - resources
        META-INF
        services
        com.linecorp.centraldogma.server.plugin.Plugin
        mockito-extensions
        org.mockito.plugins.MockMaker
      - java
        com
        linecorp
        centraldogma
        server
        PluginGroupTest.java
        CentralDogmaAuthFailureHandlerTest.java
        TlsServerTest.java
        plugin
        AbstractNoopPlugin.java
        NoopPluginForAllReplicas.java
        NoopPluginForLeader.java
        metadata
        MigrationUtilTest.java
        MetadataServiceTest.java
        MissingRepositoryMetadataTest.java
        ThriftBackwardCompatibilityTest.java
        ContentCompressionTest.java
        CentralDogmaConfigTest.java
        internal
        storage
        PurgeSchedulingServiceTest.java
        DefaultProjectManagerTest.java
        repository
        cache
        CachingRepositoryTest.java
        git
        GitRepositoryManagerTest.java
        CommitIdDatabaseTest.java
        GitRepositoryTest.java
        TagUtilTest.java
        GitRepositoryMigrationTest.java
        RepositoryManagerWrapperTest.java
        DefaultMetaRepositoryTest.java
        replication
        ZooKeeperCommandExecutorTest.java
        StartStopWithoutInitialQuorumTest.java
        ReplicationLogTest.java
        admin
        auth
        FileBasedSessionManagerTest.java
        ExpiredSessionDeletingSessionManagerTest.java
        CachedSessionManagerTest.java
        model
        SerializationTest.java
        api
        AdministrativeServiceTest.java
        ContentServiceV1Test.java
        RepositoryServiceV1Test.java
        ListCommitsAndDiffTest.java
        ProjectServiceV1Test.java
        TokenServiceTest.java
        converter
        MergeQueryRequestConverterTest.java
        QueryRequestConverterTest.java
        WatchRequestConverterTest.java
        auth
        PermissionTest.java
        MergeFileTest.java
        mirror
        credential
        PublicKeyMirrorCredentialTest.java
        NoneMirrorCredentialTest.java
        PasswordMirrorCredentialTest.java
        MirrorCredentialTest.java
        DefaultMirroringServiceTest.java
        MirrorTest.java
        thrift
        TokenlessClientLoggerTest.java
        ConfigDeserializationTest.java
        NoneReplicationConfigTest.java
        auth
        ReplicatedLoginAndLogoutTest.java
        command
        PurgeProjectCommandTest.java
        UnremoveRepositoryCommandTest.java
        PurgeRepositoryCommandTest.java
        PushCommandTest.java
        RemoveProjectCommandTest.java
        UnremoveProjectCommandTest.java
        CreateProjectCommandTest.java
        CreateRepositoryCommandTest.java
        RemoveSessionCommandTest.java
        CreateSessionCommandTest.java
        RemoveRepositoryCommandTest.java
        MetricsTest.java
        ZooKeeperReplicationConfigTest.java
  - build.gradle
- .codecov.yml
- settings.gradle
- settings
  - checkstyle
    - checkstyle.xml
    - checkstyle-suppressions.xml
  - intellij_idea
  - eclipse
    - cleanup.xml
    - formatter.importorder
    - formatter.xml
- .gitignore
- LICENSE.txt
- testing
  - junit4
    - src
      - main
        java
        com
        linecorp
        centraldogma
        testing
        junit4
        CentralDogmaRule.java
        package-info.java
    - build.gradle
  - common
    - src
      - main
        java
        com
        linecorp
        centraldogma
        testing
        internal
        CentralDogmaRuleDelegate.java
        TemporaryFolder.java
        package-info.java
    - build.gradle
  - junit
    - src
      - main
        java
        com
        linecorp
        centraldogma
        testing
        junit
        package-info.java
        CentralDogmaExtension.java
        AbstractAllOrEachExtension.java
      - test
        java
        com
        linecorp
        centraldogma
        testing
        junit
        AbstractAllOrEachExtensionTest.java
    - build.gradle

/*
 * Copyright 2018 LINE Corporation
 *
 * LINE Corporation licenses this file to you under the Apache License,
 * version 2.0 (the "License"); you may not use this file except in compliance
 * with the License. You may obtain a copy of the License at:
 *
 *   https://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 * License for the specific language governing permissions and limitations
 * under the License.
 */
package com.linecorp.centraldogma.server.auth.saml;

import static com.google.common.base.MoreObjects.firstNonNull;
import static java.util.Objects.requireNonNull;

import java.util.Map;

import javax.annotation.Nullable;

import org.opensaml.xmlsec.signature.support.SignatureConstants;

import com.fasterxml.jackson.annotation.JsonCreator;
import com.fasterxml.jackson.annotation.JsonProperty;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.google.common.collect.ImmutableMap;
import com.google.common.collect.ImmutableMap.Builder;

import com.linecorp.armeria.server.saml.SamlBindingProtocol;
import com.linecorp.armeria.server.saml.SamlEndpoint;
import com.linecorp.armeria.server.saml.SamlNameIdFormat;
import com.linecorp.centraldogma.internal.Jackson;

/**
 * Properties which are used to configure SAML authentication for Central Dogma server.
 * A user can specify them as the authentication property in the {@code dogma.json} as follows:
 * <pre>{@code
 * "authentication": {
 *     "factoryClassName": "com.linecorp.centraldogma.server.auth.saml.SamlAuthProviderFactory",
 *     "properties": {
 *         "entityId": "...the service provider ID...",
 *         "hostname": "dogma-example.linecorp.com",
 *         "signingKey": "...the name of signing key (optional)...",
 *         "encryptionKey": "...the name of encryption key (optional)...",
 *         "keyStore": {
 *             "type": "...the type of the keystore (optional)...",
 *             "path": "...the path where keystore file exists...",
 *             "password": "...the password of the keystore (optional)...",
 *             "keyPasswords": {
 *                 "signing": "...the password of the signing key...",
 *                 "encryption": "...the password of the encryption key..."
 *             },
 *             "signatureAlgorithm": "...the signature algorithm for signing and encryption (optional)..."
 *         },
 *         "idp": {
 *             "entityId": "...the identity provider ID...",
 *             "uri": "https://idp-example.linecorp.com/saml/sso",
 *             "binding": "HTTP_POST or HTTP_REDIRECT (optional)",
 *             "signingKey": "...the name of signing certificate (optional)...",
 *             "encryptionKey": "...the name of encryption certificate (optional)...",
 *             "subjectLoginNameIdFormat":
 *                  "...the name ID format of a subject which holds a login name (optional)...",
 *             "attributeLoginName": "...the attribute name which holds a login name (optional)..."
 *         }
 *     }
 * }
 * }</pre>
 */
final class SamlAuthProperties {
    /**
     * A default key name for signing.
     */
    private static final String DEFAULT_SIGNING_KEY = "signing";

    /**
     * A default key name for encryption.
     */
    private static final String DEFAULT_ENCRYPTION_KEY = "encryption";

    /**
     * An ID of this service provider.
     */
    private final String entityId;

    /**
     * A hostname of this service provider.
     */
    private final String hostname;

    /**
     * A key name which is used for signing. The default name is {@value DEFAULT_SIGNING_KEY}.
     */
    private final String signingKey;

    /**
     * A key name which is used for encryption. The default name is {@value DEFAULT_ENCRYPTION_KEY}.
     */
    private final String encryptionKey;

    /**
     * A configuration for the keystore.
     */
    private final KeyStore keyStore;

    /**
     * An identity provider configuration. A single identity provider is supported.
     */
    private final Idp idp;

    @JsonCreator
    SamlAuthProperties(
            @JsonProperty("entityId") String entityId,
            @JsonProperty("hostname") String hostname,
            @JsonProperty("signingKey") @Nullable String signingKey,
            @JsonProperty("encryptionKey") @Nullable String encryptionKey,
            @JsonProperty("keyStore") KeyStore keyStore,
            @JsonProperty("idp") Idp idp) {
        this.entityId = requireNonNull(entityId, "entityId");
        this.hostname = requireNonNull(hostname, "hostname");
        this.signingKey = firstNonNull(signingKey, DEFAULT_SIGNING_KEY);
        this.encryptionKey = firstNonNull(encryptionKey, DEFAULT_ENCRYPTION_KEY);
        this.keyStore = requireNonNull(keyStore, "keyStore");
        this.idp = requireNonNull(idp, "idp");
    }

    @JsonProperty
    public String entityId() {
        return entityId;
    }

    @JsonProperty
    public String hostname() {
        return hostname;
    }

    @JsonProperty
    public String signingKey() {
        return signingKey;
    }

    @JsonProperty
    public String encryptionKey() {
        return encryptionKey;
    }

    @JsonProperty
    public KeyStore keyStore() {
        return keyStore;
    }

    @JsonProperty
    public Idp idp() {
        return idp;
    }

    @Override
    public String toString() {
        try {
            return Jackson.writeValueAsPrettyString(this);
        } catch (JsonProcessingException e) {
            throw new IllegalStateException(e);
        }
    }

    static class KeyStore {
        /**
         * A default signature algorithm.
         */
        private static final String DEFAULT_SIGNATURE_ALGORITHM = SignatureConstants.ALGO_ID_SIGNATURE_RSA;

        /**
         * A type of the keystore. The default value is retrieved from
         * {@code java.security.KeyStore.getDefaultType()}.
         */
        private final String type;

        /**
         * A path of the keystore.
         */
        private final String path;

        /**
         * A password of the keystore. The empty string is used by default.
         */
        @Nullable
        private final String password;

        /**
         * A map of the key name and its password.
         */
        private final Map<String, String> keyPasswords;

        /**
         * A signature algorithm for signing and encryption. The default algorithm is
         * {@value DEFAULT_SIGNATURE_ALGORITHM}.
         *
         * @see SignatureConstants for more information about the signature algorithm
         */
        private final String signatureAlgorithm;

        @JsonCreator
        KeyStore(@JsonProperty("type") @Nullable String type,
                 @JsonProperty("path") String path,
                 @JsonProperty("password") @Nullable String password,
                 @JsonProperty("keyPasswords") @Nullable Map<String, String> keyPasswords,
                 @JsonProperty("signatureAlgorithm") @Nullable String signatureAlgorithm) {
            this.type = firstNonNull(type, java.security.KeyStore.getDefaultType());
            this.path = requireNonNull(path, "path");
            this.password = password;
            this.keyPasswords = sanitizePasswords(keyPasswords);
            this.signatureAlgorithm = firstNonNull(signatureAlgorithm, DEFAULT_SIGNATURE_ALGORITHM);
        }

        private static Map<String, String> sanitizePasswords(@Nullable Map<String, String> keyPasswords) {
            if (keyPasswords == null) {
                return ImmutableMap.of();
            }
            final ImmutableMap.Builder<String, String> builder = new Builder<>();
            keyPasswords.forEach((key, password) -> builder.put(key, firstNonNull(password, "")));
            return builder.build();
        }

        @JsonProperty
        public String type() {
            return type;
        }

        @JsonProperty
        public String path() {
            return path;
        }

        @Nullable
        @JsonProperty
        public String password() {
            return password;
        }

        @JsonProperty
        public Map<String, String> keyPasswords() {
            return keyPasswords;
        }

        @JsonProperty
        public String signatureAlgorithm() {
            return signatureAlgorithm;
        }
    }

    static class Idp {
        /**
         * An ID of the identity provider.
         */
        private final String entityId;

        /**
         * A location of the single sign-on service.
         */
        private final String uri;

        /**
         * A name of a {@link SamlBindingProtocol}. The default name is the
         * {@link SamlBindingProtocol#HTTP_POST}.
         */
        private final SamlBindingProtocol binding;

        /**
         * A certificate name which is used for signing. The default name is the {@link #entityId()}.
         */
        private final String signingKey;

        /**
         * A certificate name which is used for encryption. The default name is the {@link #entityId()}.
         */
        private final String encryptionKey;

        /**
         * A name ID format of a subject which holds a login name of an authenticated user. If both
         * {@code subjectLoginNameIdFormat} and {@code attributeLoginName} are {@code null},
         * {@code urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress} is set by default.
         */
        @Nullable
        private final String subjectLoginNameIdFormat;

        /**
         * An attribute name which holds a login name of an authenticated user.
         */
        @Nullable
        private final String attributeLoginName;

        @JsonCreator
        Idp(@JsonProperty("entityId") String entityId,
            @JsonProperty("uri") String uri,
            @JsonProperty("binding") @Nullable String binding,
            @JsonProperty("signingKey") @Nullable String signingKey,
            @JsonProperty("encryptionKey") @Nullable String encryptionKey,
            @JsonProperty("subjectLoginNameIdFormat") @Nullable String subjectLoginNameIdFormat,
            @JsonProperty("attributeLoginName") @Nullable String attributeLoginName) {
            this.entityId = requireNonNull(entityId, "entityId");
            this.uri = requireNonNull(uri, "uri");
            this.binding = binding != null ? SamlBindingProtocol.valueOf(binding)
                                           : SamlBindingProtocol.HTTP_POST;
            this.signingKey = firstNonNull(signingKey, entityId);
            this.encryptionKey = firstNonNull(encryptionKey, entityId);

            if (subjectLoginNameIdFormat == null && attributeLoginName == null) {
                this.subjectLoginNameIdFormat = SamlNameIdFormat.EMAIL.urn();
                this.attributeLoginName = null;
            } else {
                this.subjectLoginNameIdFormat = subjectLoginNameIdFormat;
                this.attributeLoginName = attributeLoginName;
            }
        }

        @JsonProperty
        public String entityId() {
            return entityId;
        }

        @JsonProperty
        public String uri() {
            return uri;
        }

        @JsonProperty
        public String binding() {
            return binding.name();
        }

        @JsonProperty
        public String signingKey() {
            return signingKey;
        }

        @JsonProperty
        public String encryptionKey() {
            return encryptionKey;
        }

        @Nullable
        @JsonProperty
        public String subjectLoginNameIdFormat() {
            return subjectLoginNameIdFormat;
        }

        @Nullable
        @JsonProperty
        public String attributeLoginName() {
            return attributeLoginName;
        }

        public SamlEndpoint endpoint() {
            switch (binding) {
                case HTTP_POST:
                    return SamlEndpoint.ofHttpPost(uri);
                case HTTP_REDIRECT:
                    return SamlEndpoint.ofHttpRedirect(uri);
                default:
                    throw new IllegalStateException("Failed to get an endpoint of the IdP: " + entityId);
            }
        }
    }
}