etan39
/
cloudstack
mirror of https://github.com/apache/cloudstack.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch '4.16'

This commit is contained in:
nvazquez 2022-03-30 00:00:34 -03:00
parent d910c3c6cc ee27708ffb
commit 1c238e101d
No known key found for this signature in database
GPG Key ID: 656E1BCC8CB54F84
2 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
plugins/user-authenticators/saml2/src/main/java/org/apache/cloudstack/saml/SAMLUtils.java
View File

@ -100,8 +100,11 @@ import com.cloud.utils.HttpUtils;
public class SAMLUtils { public class SAMLUtils {
public static final Logger s_logger = Logger.getLogger(SAMLUtils.class); public static final Logger s_logger = Logger.getLogger(SAMLUtils.class);
static final String charset = "abcdefghijklmnopqrstuvwxyz";
public static String generateSecureRandomId() { public static String generateSecureRandomId() {
return new BigInteger(160, new SecureRandom()).toString(32); return new BigInteger(160, new SecureRandom()).toString(32).replaceFirst("^[0-9]",
String.valueOf(charset.charAt(new SecureRandom().nextInt(charset.length()))));
} }
public static String getValueFromAttributeStatements(final List<AttributeStatement> attributeStatements, final String attributeKey) { public static String getValueFromAttributeStatements(final List<AttributeStatement> attributeStatements, final String attributeKey) {

10
plugins/user-authenticators/saml2/src/test/java/org/apache/cloudstack/SAMLUtilsTest.java
View File

@ -22,6 +22,7 @@ package org.apache.cloudstack;
import java.security.KeyPair; import java.security.KeyPair;
import java.security.PrivateKey; import java.security.PrivateKey;
import java.security.PublicKey; import java.security.PublicKey;
import java.util.regex.Pattern;
import org.apache.cloudstack.saml.SAMLUtils; import org.apache.cloudstack.saml.SAMLUtils;
import org.apache.cloudstack.utils.security.CertUtils; import org.apache.cloudstack.utils.security.CertUtils;
@ -38,6 +39,15 @@ public class SAMLUtilsTest extends TestCase {
assertTrue(SAMLUtils.generateSecureRandomId().length() > 0); assertTrue(SAMLUtils.generateSecureRandomId().length() > 0);
} }
@Test
public void testGenerateSecureRandomId2() throws Exception {
for (int i = 0; i < 20; i++) {
String randomId = SAMLUtils.generateSecureRandomId();
System.out.println("randomId is " + randomId);
assertTrue(Pattern.compile("^[a-z]").matcher(randomId).find());
}
}
@Test @Test
public void testBuildAuthnRequestObject() throws Exception { public void testBuildAuthnRequestObject() throws Exception {
String consumerUrl = "http://someurl.com"; String consumerUrl = "http://someurl.com";