ITfoxtec SAML 2.0: Dynamic configuration - itfoxtec-identity-saml2

I would like to know if it's possible to configure the library during runtime (Saml2Configuration). We want to have the ability to set the configuration options and get them from DB.
Thank you

Yes no problem. You can populate the Saml2Configuration at runtime on load or in the controller just before setting the Saml2Configuration object in the constructor.
Here an example from FoxIDs https://github.com/ITfoxtec/FoxIDs/blob/master/src/FoxIDs/Logic/Saml/SamlAuthnDownLogic.cs#L70

Related

Spring Data index autocreate

Is it possible for Spring Data Mongo to create indexes automatically based on Repository methods? Maybe there is some third-party plugin or annotation? Maybe there is an API (provides requested fields) that can help me with this task?
In annotation #EnableMongoRepositories you need set property createIndexesForQueryMethods((doc)) to true and enable automatic index creation(doc).

Spring SAML Extension - Programmatically setting entityBaseURL

I am using the Spring SAML extension with WSO2 IS as the IdP. Currently I set the entityBaseURL property for the MetadataGenerator inside the Spring XML config. For now, this works fine going against a single server since the entityBaseURL matches the servername. Since I have several environments (dev, test, and UAT) I need to programmatically set the entityBaseURL because each environment has a different server name and that servername won't match the entityBaseURL prop. It is undesirable to rebuild the WAR artifact for every environment. We keep our config for each environment in a database. So settings and properties specific to a particular stack of machines can be read at runtime. I would like to read the servername for the entityBaseURL property from our DB and set it programmatically. Should I replace the MetadataGenerator with my own class? It is unclear to me where the entityBaseURL property is initialized.
I have found a workable path to solve this. I ended up extending the MetadataGeneratorFilter class and overriding the getDefaultBaseURL method. The default implementation of the getDefaultBaseURL method is to compute the value using properties found in the HTTP request. I changed this behavior to do a DB lookup and return the value stored in the database. I could be short-sited here, but this does work. I was able to verify that the AssertionConsumerServiceURL attribute of the SAML AuthnRquest is getting set properly. The generated metadata is also correct.
Note: the entityBaseURL property can still be set manually in the Spring config. If it is then the value returned from the getDefaultBaseURL method is not used.

Method GetTokenAsync unavailable

I´m following the Quickstarts from IdentityServer4. When I implement the "Switching to Hybrid Flow and adding API Access back" tutorial, I found that the method to get the access token in line:
ViewContext.HttpContext.Authentication.GetTokenAsync("access_token")
is not available. Someone knows what method I must to use? Thanks.
The problem was that in my MVC controller I had the using Microsoft.AspNetCore.Authorization;. This library allows use the [Authorize] attribute but has his own HttpContext.Authentication namespace. The solution is add using Microsoft.AspNetCore.Authentication and now I can access to the GetTokenAsync method.

authentication/http headers support in forge.file trigger.io module?

in the official trigger.io docs there seems to be no provision for custom http headers when it comes to the forge.file module. I need this so I can download files behind an http authentication scheme. This seems like an easy thing to add, if support is not already there.
any workarounds? any chance of a quick fix in the next update? I know I could use forge.request instead, but I'd like to keep a local copy (saveURL).
thanks
Unfortunately the file module just uses simple "download url" methods rather than a full HTTP request library, which makes it a fairly big task to add support for custom headers.
I've added a task to our backlog for this, but I don't have a timeframe for it being added.
Currently on iOS you can do basic auth by using urls in the form http://user:password#url.com in case that helps.
Maybe to avoid this you can configure your server differently, or have a proxy server in front that allows you to pass authentication details as get parameters?

Reference a remote site setting URL in Apex class?

I have a webservice class that will be in a managed package and distributed to multiple clients. The class currently has a variable with the hardcoded value of the server it's hitting.
The problem: the server will be different for each client, so a hardcoded value will not work.
I figured since each client will have to add their server to their remote site settings, the easiest way might be to grab the correct URL from their setting. Is this possible? Or is there another "right" way to accomplish this? Thanks
The best way I've found to save configuration values is to use Apex Custom Settings. To set the Remote Site settings programmatically you could use the Metadata API.

Resources