DaanHoogland commented on code in PR #10311:
URL: https://github.com/apache/cloudstack/pull/10311#discussion_r1973093624
##########
plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/saml/SAMLUtils.java:
##########
@@ -168,28 +168,33 @@ public static String buildAuthnRequestUrl(final String
authnId, final SAMLProvid
return redirectUrl;
}
- public static AuthnRequest buildAuthnRequestObject(final String authnId,
final String spId, final String idpUrl, final String consumerUrl) {
+ public static AuthnRequest buildAuthnRequestObject(final String authnId,
final String spId, final String idpUrl, final String consumerUrl, boolean
requirePasswordAuthentication) {
// Issuer object
IssuerBuilder issuerBuilder = new IssuerBuilder();
Issuer issuer = issuerBuilder.buildObject();
issuer.setValue(spId);
- // AuthnContextClass
- AuthnContextClassRefBuilder authnContextClassRefBuilder = new
AuthnContextClassRefBuilder();
- AuthnContextClassRef authnContextClassRef =
authnContextClassRefBuilder.buildObject(
- SAMLConstants.SAML20_NS,
- "AuthnContextClassRef", "saml");
-
authnContextClassRef.setAuthnContextClassRef(AuthnContext.PPT_AUTHN_CTX);
-
- // AuthnContext
- RequestedAuthnContextBuilder requestedAuthnContextBuilder = new
RequestedAuthnContextBuilder();
- RequestedAuthnContext requestedAuthnContext =
requestedAuthnContextBuilder.buildObject();
-
requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
-
requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
-
// Creation of AuthRequestObject
AuthnRequestBuilder authRequestBuilder = new AuthnRequestBuilder();
AuthnRequest authnRequest = authRequestBuilder.buildObject();
+
+ // AuthnContextClass. When this is false, the authentication
requirements are defered to the SAML IDP and its default or configured workflow
+ if (requirePasswordAuthentication) {
+ AuthnContextClassRefBuilder authnContextClassRefBuilder = new
AuthnContextClassRefBuilder();
+ AuthnContextClassRef authnContextClassRef =
authnContextClassRefBuilder.buildObject(
+ SAMLConstants.SAML20_NS,
+ "AuthnContextClassRef", "saml");
+
authnContextClassRef.setAuthnContextClassRef(AuthnContext.PPT_AUTHN_CTX);
+
+ // AuthnContext
+ RequestedAuthnContextBuilder requestedAuthnContextBuilder = new
RequestedAuthnContextBuilder();
+ RequestedAuthnContext requestedAuthnContext =
requestedAuthnContextBuilder.buildObject();
+
requestedAuthnContext.setComparison(AuthnContextComparisonTypeEnumeration.EXACT);
+
requestedAuthnContext.getAuthnContextClassRefs().add(authnContextClassRef);
+ authnRequest.setRequestedAuthnContext(requestedAuthnContext);
+ }
+
Review Comment:
no critisism of your PR , but some modularisation is possible. For instance
this bit.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
