mraible/WebSecurityConfig.patch

## WebSecurityConfig.patch
Index: src/main/java/com/vdenotaris/spring/boot/security/saml/web/config/WebSecurityConfig.java
IDEA additional info:
Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
<+>UTF-8
===================================================================
--- src/main/java/com/vdenotaris/spring/boot/security/saml/web/config/WebSecurityConfig.java	(revision 588339818cd07dcec3a28e927ea23d2ce351cbfc)
+++ src/main/java/com/vdenotaris/spring/boot/security/saml/web/config/WebSecurityConfig.java	(revision )
@@ -16,6 +16,7 @@

 package com.vdenotaris.spring.boot.security.saml.web.config;

+import java.io.IOException;
 import java.util.ArrayList;
 import java.util.Collection;
 import java.util.HashMap;
@@ -27,6 +28,7 @@
 import org.apache.commons.httpclient.protocol.Protocol;
 import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
 import org.apache.velocity.app.VelocityEngine;
+import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
 import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
 import org.opensaml.saml2.metadata.provider.MetadataProvider;
 import org.opensaml.saml2.metadata.provider.MetadataProviderException;
@@ -37,6 +39,7 @@
 import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.core.io.ClassPathResource;
 import org.springframework.core.io.DefaultResourceLoader;
 import org.springframework.core.io.Resource;
 import org.springframework.security.authentication.AuthenticationManager;
@@ -273,9 +276,9 @@
     @Bean
     @Qualifier("idp-ssocircle")
     public ExtendedMetadataDelegate ssoCircleExtendedMetadataProvider()
-    		throws MetadataProviderException {
+    		throws MetadataProviderException {
     	@SuppressWarnings({ "deprecation"})
-    	HTTPMetadataProvider httpMetadataProvider
+    	HTTPMetadataProvider httpMetadataProvider
     		= new HTTPMetadataProvider("https://idp.ssocircle.com/idp-meta.xml", 5000);
     	httpMetadataProvider.setParserPool(parserPool());
     	ExtendedMetadataDelegate extendedMetadataDelegate =
@@ -284,7 +287,38 @@
     	extendedMetadataDelegate.setMetadataRequireSignature(false);
     	return extendedMetadataDelegate;
     }
-
+
+    @Bean
+    @Qualifier("idp-okta")
+    public ExtendedMetadataDelegate ssoOktaExtendedMetadataProvider()
+          throws MetadataProviderException {
+        FilesystemMetadataProvider fileMetadataProvider;
+        try {
+            fileMetadataProvider = new FilesystemMetadataProvider(new ClassPathResource("/okta-idp.xml").getFile());
+        } catch (IOException e) {
+            e.printStackTrace();
+            throw new MetadataProviderException(e.getMessage());
+        }
+        fileMetadataProvider.setParserPool(parserPool());
+        ExtendedMetadataDelegate extendedMetadataDelegate =
+              new ExtendedMetadataDelegate(fileMetadataProvider, extendedMetadata());
+        /*
+        Caused by: org.opensaml.saml2.metadata.provider.MetadataProviderException: Error retrieving metadata from https://medamerica.okta.com/app/k2gpb06TOMYOKAWUSXJM/sso/saml/metadata
+	at org.opensaml.saml2.metadata.provider.HTTPMetadataProvider.fetchMetadata(HTTPMetadataProvider.java:274)
+	at org.opensaml.saml2.metadata.provider.AbstractReloadingMetadataProvider.refresh(AbstractReloadingMetadataProvider.java:255)
+	... 29 more
+Caused by: javax.net.ssl.SSLPeerUnverifiedException: SSL peer failed hostname validation for name: null
+         */
+        /*HTTPMetadataProvider httpMetadataProvider
+              = new HTTPMetadataProvider("https://medamerica.okta.com/app/k2gpb06TOMYOKAWUSXJM/sso/saml/metadata", 10000);
+        httpMetadataProvider.setParserPool(parserPool());
+        ExtendedMetadataDelegate extendedMetadataDelegate =
+              new ExtendedMetadataDelegate(httpMetadataProvider, extendedMetadata());*/
+        extendedMetadataDelegate.setMetadataTrustCheck(false);
+        extendedMetadataDelegate.setMetadataRequireSignature(false);
+        return extendedMetadataDelegate;
+    }
+
     // IDP Metadata configuration - paths to metadata of IDPs in circle of trust
     // is here
     // Do no forget to call iniitalize method on providers
@@ -292,6 +326,7 @@
     @Qualifier("metadata")
     public CachingMetadataManager metadata() throws MetadataProviderException {
         List<MetadataProvider> providers = new ArrayList<MetadataProvider>();
+        providers.add(ssoOktaExtendedMetadataProvider());
         providers.add(ssoCircleExtendedMetadataProvider());
         return new CachingMetadataManager(providers);
     }
@@ -522,4 +557,4 @@
             .authenticationProvider(samlAuthenticationProvider());
     }

-}
\ No newline at end of file
+}
	Index: src/main/java/com/vdenotaris/spring/boot/security/saml/web/config/WebSecurityConfig.java
	IDEA additional info:
	Subsystem: com.intellij.openapi.diff.impl.patch.CharsetEP
	<+>UTF-8
	===================================================================
	--- src/main/java/com/vdenotaris/spring/boot/security/saml/web/config/WebSecurityConfig.java (revision 588339818cd07dcec3a28e927ea23d2ce351cbfc)
	+++ src/main/java/com/vdenotaris/spring/boot/security/saml/web/config/WebSecurityConfig.java (revision )
	@@ -16,6 +16,7 @@

	package com.vdenotaris.spring.boot.security.saml.web.config;

	+import java.io.IOException;
	import java.util.ArrayList;
	import java.util.Collection;
	import java.util.HashMap;
	@@ -27,6 +28,7 @@
	import org.apache.commons.httpclient.protocol.Protocol;
	import org.apache.commons.httpclient.protocol.ProtocolSocketFactory;
	import org.apache.velocity.app.VelocityEngine;
	+import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
	import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
	import org.opensaml.saml2.metadata.provider.MetadataProvider;
	import org.opensaml.saml2.metadata.provider.MetadataProviderException;
	@@ -37,6 +39,7 @@
	import org.springframework.beans.factory.config.MethodInvokingFactoryBean;
	import org.springframework.context.annotation.Bean;
	import org.springframework.context.annotation.Configuration;
	+import org.springframework.core.io.ClassPathResource;
	import org.springframework.core.io.DefaultResourceLoader;
	import org.springframework.core.io.Resource;
	import org.springframework.security.authentication.AuthenticationManager;
	@@ -273,9 +276,9 @@
	@Bean
	@Qualifier("idp-ssocircle")
	public ExtendedMetadataDelegate ssoCircleExtendedMetadataProvider()
	- throws MetadataProviderException {
	+ throws MetadataProviderException {
	@SuppressWarnings({ "deprecation"})
	- HTTPMetadataProvider httpMetadataProvider
	+ HTTPMetadataProvider httpMetadataProvider
	= new HTTPMetadataProvider("https://idp.ssocircle.com/idp-meta.xml", 5000);
	httpMetadataProvider.setParserPool(parserPool());
	ExtendedMetadataDelegate extendedMetadataDelegate =
	@@ -284,7 +287,38 @@
	extendedMetadataDelegate.setMetadataRequireSignature(false);
	return extendedMetadataDelegate;
	}
	-
	+
	+ @Bean
	+ @Qualifier("idp-okta")
	+ public ExtendedMetadataDelegate ssoOktaExtendedMetadataProvider()
	+ throws MetadataProviderException {
	+ FilesystemMetadataProvider fileMetadataProvider;
	+ try {
	+ fileMetadataProvider = new FilesystemMetadataProvider(new ClassPathResource("/okta-idp.xml").getFile());
	+ } catch (IOException e) {
	+ e.printStackTrace();
	+ throw new MetadataProviderException(e.getMessage());
	+ }
	+ fileMetadataProvider.setParserPool(parserPool());
	+ ExtendedMetadataDelegate extendedMetadataDelegate =
	+ new ExtendedMetadataDelegate(fileMetadataProvider, extendedMetadata());
	+ /*
	+ Caused by: org.opensaml.saml2.metadata.provider.MetadataProviderException: Error retrieving metadata from https://medamerica.okta.com/app/k2gpb06TOMYOKAWUSXJM/sso/saml/metadata
	+ at org.opensaml.saml2.metadata.provider.HTTPMetadataProvider.fetchMetadata(HTTPMetadataProvider.java:274)
	+ at org.opensaml.saml2.metadata.provider.AbstractReloadingMetadataProvider.refresh(AbstractReloadingMetadataProvider.java:255)
	+ ... 29 more
	+Caused by: javax.net.ssl.SSLPeerUnverifiedException: SSL peer failed hostname validation for name: null
	+ */
	+ /*HTTPMetadataProvider httpMetadataProvider
	+ = new HTTPMetadataProvider("https://medamerica.okta.com/app/k2gpb06TOMYOKAWUSXJM/sso/saml/metadata", 10000);
	+ httpMetadataProvider.setParserPool(parserPool());
	+ ExtendedMetadataDelegate extendedMetadataDelegate =
	+ new ExtendedMetadataDelegate(httpMetadataProvider, extendedMetadata());*/
	+ extendedMetadataDelegate.setMetadataTrustCheck(false);
	+ extendedMetadataDelegate.setMetadataRequireSignature(false);
	+ return extendedMetadataDelegate;
	+ }
	+
	// IDP Metadata configuration - paths to metadata of IDPs in circle of trust
	// is here
	// Do no forget to call iniitalize method on providers
	@@ -292,6 +326,7 @@
	@Qualifier("metadata")
	public CachingMetadataManager metadata() throws MetadataProviderException {
	List<MetadataProvider> providers = new ArrayList<MetadataProvider>();
	+ providers.add(ssoOktaExtendedMetadataProvider());
	providers.add(ssoCircleExtendedMetadataProvider());
	return new CachingMetadataManager(providers);
	}
	@@ -522,4 +557,4 @@
	.authenticationProvider(samlAuthenticationProvider());
	}

	-}
	\ No newline at end of file
	+}