This is an automated email from the ASF dual-hosted git repository.
ilgrosso pushed a commit to branch 4_0_X
in repository https://gitbox.apache.org/repos/asf/syncope.git
The following commit(s) were added to refs/heads/4_0_X by this push:
new 268ee88d99 [SYNCOPE-1875] Re-generate SAML SP keystore only if not
found
268ee88d99 is described below
commit 268ee88d99dd709ccfc2fee40057705343fc880c
Author: Francesco Chicchiriccò <[email protected]>
AuthorDate: Wed Apr 30 13:16:38 2025 +0200
[SYNCOPE-1875] Re-generate SAML SP keystore only if not found
---
.../pac4j/saml/WASAML2ClientKeystoreGenerator.java | 38 ++++++++++++----------
1 file changed, 21 insertions(+), 17 deletions(-)
diff --git
a/wa/starter/src/main/java/org/apache/syncope/wa/starter/pac4j/saml/WASAML2ClientKeystoreGenerator.java
b/wa/starter/src/main/java/org/apache/syncope/wa/starter/pac4j/saml/WASAML2ClientKeystoreGenerator.java
index 8de963dddf..a02327dab0 100644
---
a/wa/starter/src/main/java/org/apache/syncope/wa/starter/pac4j/saml/WASAML2ClientKeystoreGenerator.java
+++
b/wa/starter/src/main/java/org/apache/syncope/wa/starter/pac4j/saml/WASAML2ClientKeystoreGenerator.java
@@ -49,36 +49,40 @@ public class WASAML2ClientKeystoreGenerator extends
BaseSAML2KeystoreGenerator {
@Override
public boolean shouldGenerate() {
- return true;
+ try {
+ SAML2SPEntityTO spEntity =
waRestClient.getService(SAML2SPEntityService.class).get(saml2Client.getName());
+ return spEntity.getKeystore() == null;
+ } catch (Exception e) {
+ LOG.error("While attempting to read if keystore is available for
SP Entity {}", saml2Client.getName(), e);
+ return true;
+ }
}
@Override
protected void store(final KeyStore ks, final X509Certificate certificate,
final PrivateKey privateKey)
throws Exception {
+ String encodedKeystore;
try (ByteArrayOutputStream out = new ByteArrayOutputStream()) {
char[] password =
saml2Configuration.getKeystorePassword().toCharArray();
ks.store(out, password);
out.flush();
- String encodedKeystore =
Base64.getEncoder().encodeToString(out.toByteArray());
+ encodedKeystore =
Base64.getEncoder().encodeToString(out.toByteArray());
LOG.debug("Encoded keystore {}", encodedKeystore);
+ }
- SAML2SPEntityTO entityTO;
- try {
- entityTO =
waRestClient.getService(SAML2SPEntityService.class).get(saml2Client.getName());
- entityTO.setKeystore(encodedKeystore);
- } catch (Exception e) {
- LOG.debug("SP Entity {} not found, creating new",
saml2Client.getName(), e);
-
- entityTO = new SAML2SPEntityTO.Builder().
- key(saml2Client.getName()).
- keystore(encodedKeystore).
- build();
- }
+ SAML2SPEntityTO entityTO;
+ try {
+ entityTO =
waRestClient.getService(SAML2SPEntityService.class).get(saml2Client.getName());
+ entityTO.setKeystore(encodedKeystore);
+ } catch (Exception e) {
+ LOG.debug("SP Entity {} keystore not found, creating new",
saml2Client.getName(), e);
- LOG.debug("Storing SP Entity {}", entityTO);
- waRestClient.getService(SAML2SPEntityService.class).set(entityTO);
+ entityTO = new
SAML2SPEntityTO.Builder().key(saml2Client.getName()).keystore(encodedKeystore).build();
}
+
+ LOG.debug("Storing SP Entity {}", entityTO);
+ waRestClient.getService(SAML2SPEntityService.class).set(entityTO);
}
@Override
@@ -91,7 +95,7 @@ public class WASAML2ClientKeystoreGenerator extends
BaseSAML2KeystoreGenerator {
} catch (Exception e) {
String message = "Unable to fetch SAML2 SP keystore for " +
saml2Client.getName();
LOG.error(message, e);
- throw new Exception(message);
+ throw new Exception(message, e);
}
}
}
