Ref #29277: re-add saml to spel

LEDfan · LEDfan · commit a0683c81a3df · 2023-01-12T14:37:06.000+01:00
diff --git a/src/main/java/eu/openanalytics/containerproxy/auth/impl/saml/ResponseAuthenticationConverter.java b/src/main/java/eu/openanalytics/containerproxy/auth/impl/saml/ResponseAuthenticationConverter.java
@@ -103,7 +103,7 @@ public AbstractAuthenticationToken convert(@Nonnull OpenSamlAuthenticationProvid
         }
 
         return new Saml2Authentication(
-                new DefaultSaml2AuthenticatedPrincipal(nameValue.get(), principal.getAttributes()),
+                new Saml2AuthenticatedPrincipal(nameId, nameValue.get(), principal.getAttributes()),
                 authentication.getSaml2Response(),
                 grantedAuthorities);
     }
@@ -143,4 +143,19 @@ private Optional<List<Object>> getAttributeIgnoringCase(DefaultSaml2Authenticate
                 .map(Map.Entry::getValue);
     }
 
+    public static class Saml2AuthenticatedPrincipal extends DefaultSaml2AuthenticatedPrincipal {
+
+        private final String nameId;
+
+        public Saml2AuthenticatedPrincipal(String nameId, String principalName, Map<String, List<Object>> attributes) {
+            super(principalName, attributes);
+            this.nameId = nameId;
+        }
+
+        public String getNameId() {
+            return nameId;
+        }
+
+    }
+
 }
diff --git a/src/main/java/eu/openanalytics/containerproxy/spec/expression/SpecExpressionContext.java b/src/main/java/eu/openanalytics/containerproxy/spec/expression/SpecExpressionContext.java
@@ -21,6 +21,7 @@
 package eu.openanalytics.containerproxy.spec.expression;
 
 import eu.openanalytics.containerproxy.auth.impl.OpenIDAuthenticationBackend;
+import eu.openanalytics.containerproxy.auth.impl.saml.ResponseAuthenticationConverter;
 import eu.openanalytics.containerproxy.model.runtime.Proxy;
 import eu.openanalytics.containerproxy.model.spec.ContainerSpec;
 import eu.openanalytics.containerproxy.model.spec.ProxySpec;
@@ -49,7 +50,7 @@ public class SpecExpressionContext {
     Proxy proxy;
     OpenIDAuthenticationBackend.CustomNameOidcUser oidcUser;
     KeycloakPrincipal keycloakUser;
-//    private SAMLCredential samlCredential;
+    ResponseAuthenticationConverter.Saml2AuthenticatedPrincipal samlCredential;
     LdapUserDetails ldapUser;
     List<String> groups;
     String userId;
@@ -128,8 +129,8 @@ public static SpecExpressionContext create(SpecExpressionContextBuilder builder,
                 builder.oidcUser = (OpenIDAuthenticationBackend.CustomNameOidcUser) o;
             } else if (o instanceof KeycloakPrincipal) {
                 builder.keycloakUser = (KeycloakPrincipal) o;
-//            } else if (o instanceof SAMLCredential) {
-//                ctx.samlCredential = (SAMLCredential) o;
+            } else if (o instanceof ResponseAuthenticationConverter.Saml2AuthenticatedPrincipal) {
+                builder.samlCredential = (ResponseAuthenticationConverter.Saml2AuthenticatedPrincipal) o;
             } else if (o instanceof LdapUserDetails) {
                 builder.ldapUser = (LdapUserDetails) o;
             }
