Skip to content

Commit

Permalink
Implement the Shibboleth login changes that are needed for DataverseNL (
Browse files Browse the repository at this point in the history
#175)

* Implement ShibIdpSelectEnabled and thus allow disabling it

* Add Shib attribute characterset conversion to getValueFromAssertion
  • Loading branch information
PaulBoon committed Nov 23, 2023
1 parent 2b7e43d commit 1b0d57b
Show file tree
Hide file tree
Showing 5 changed files with 57 additions and 3 deletions.
14 changes: 12 additions & 2 deletions src/main/java/edu/harvard/iq/dataverse/SettingsWrapper.java
Original file line number Diff line number Diff line change
Expand Up @@ -82,7 +82,10 @@ public class SettingsWrapper implements java.io.Serializable {
private String appVersionWithBuildNumber = null;

private Boolean shibPassiveLoginEnabled = null;


// DANS Shib login without discofeed
private Boolean shibIdpSelectEnabled = null;

private String footerCopyrightAndYear = null;

//External Vocabulary support
Expand Down Expand Up @@ -666,7 +669,14 @@ public boolean isShibPassiveLoginEnabled() {
}
return shibPassiveLoginEnabled;
}

// DANS Shib login without discofeed
public boolean isShibIdpSelectEnabled() {
if (shibIdpSelectEnabled == null) {
shibIdpSelectEnabled = systemConfig.isShibIdpSelectEnabled();
}
return shibIdpSelectEnabled;
}

// Caching this result may not be saving much, *currently* (since the value is
// stored in the bundle). -- L.A. 5.8
public String getFooterCopyrightAndYear() {
Expand Down
8 changes: 8 additions & 0 deletions src/main/java/edu/harvard/iq/dataverse/Shib.java
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
import org.apache.commons.lang3.StringUtils;

import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.sql.Timestamp;
import java.util.ArrayList;
import java.util.Arrays;
Expand Down Expand Up @@ -416,6 +417,13 @@ private String getValueFromAssertion(String key) {
Object attribute = request.getAttribute(key);
if (attribute != null) {
String attributeValue = attribute.toString();
if(systemConfig.isShibAttributeCharacterSetConversionEnabled()) {
try {
attributeValue = new String(attributeValue.getBytes("ISO-8859-1"), "UTF-8");
} catch (UnsupportedEncodingException e) {
logger.warning("Character conversion failed for Shib attribute (key, value) = (" + key + ", " + attributeValue + ") ; ignoring it");
}
}
String trimmedValue = attributeValue.trim();
if (!trimmedValue.isEmpty()) {
logger.fine("The SAML assertion for \"" + key + "\" (optional) was \"" + attributeValue + "\" and was trimmed to \"" + trimmedValue + "\".");
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -439,6 +439,10 @@ Whether Harvesting (OAI) service is enabled
*Split the affiliation array on given string, default ";"
*/
ShibAffiliationSeparator,
/**
* Get list of providers from discofeed and provide selection for login within Dataverse, default true
*/
ShibIdpSelectEnabled,
/**
* Validate physical files for all the datafiles in the dataset when publishing
*/
Expand Down
5 changes: 5 additions & 0 deletions src/main/java/edu/harvard/iq/dataverse/util/SystemConfig.java
Original file line number Diff line number Diff line change
Expand Up @@ -614,6 +614,11 @@ public boolean isShibAttributeCharacterSetConversionEnabled() {
boolean defaultResponse = true;
return settingsService.isTrueForKey(SettingsServiceBean.Key.ShibAttributeCharacterSetConversionEnabled, defaultResponse);
}
// DANS Shib login without discofeed
public boolean isShibIdpSelectEnabled() {
boolean defaultResponse = true;
return settingsService.isTrueForKey(SettingsServiceBean.Key.ShibIdpSelectEnabled, defaultResponse);
}

/**
* getPVDictionaries
Expand Down
29 changes: 28 additions & 1 deletion src/main/webapp/loginpage.xhtml
Original file line number Diff line number Diff line change
Expand Up @@ -120,8 +120,34 @@
</h:outputFormat>
</p>
</h:form>

<!-- DANS Shib login without discofeed; idpselect is not done here! - Start -->
<div jsf:rendered="#{!settingsWrapper.shibIdpSelectEnabled}">
<div class="form-horizontal">
<div class="form-group text-left">
<div class="col-sm-12" >
<form action="/Shibboleth.sso/Login" method="POST" autocomplete="OFF" class="form-inline">
<input type="hidden" name="SAMLDS" value="1"/>
<input name="target" value="#{systemConfig.dataverseSiteUrl}/shib.xhtml" type="hidden"/>
<!-- <div class="IdPSelectTextDiv help-block"></div> -->
<div class="form-group">
<div class="col-sm-9 button-block">
<button id="login" name="login" class="ui-button ui-widget ui-state-default ui-corner-all ui-button-text-only btn btn-default" onclick="return true;" type="submit" role="button" aria-disabled="false">
<!-- <span class="ui-button-text ui-c text-nowrap">#{bundle['login.institution']}</span> -->
<!-- #{bundle['login.institution']} used to be 'Institutional Login' -->
<span class="ui-button-text ui-c text-nowrap">
<h:outputText value="#{LoginPage.getLoginButtonText()}"/>
</span>
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
<!-- DANS Shib login without discofeed - End -->
<div jsf:rendered="#{settingsWrapper.shibIdpSelectEnabled}">
<div class="form-horizontal" >
<div class="form-group text-left">
<label class="col-sm-4 control-label">
#{bundle['auth.providers.title.shib']}
Expand Down Expand Up @@ -162,6 +188,7 @@
<script src="/resources/js/shib/idpselect.js"></script>
<script src="/resources/js/shib/idpselect_style.js"></script>
</div>
</div>

<!--ONLY RENDER BUTTON FOR OAUTH PROVIDERS (ORCID, Google, GitHub)-->
<div class="form-horizontal" jsf:rendered="#{LoginPage.authProvider.OAuthProvider}">
Expand Down

0 comments on commit 1b0d57b

Please sign in to comment.