attributes from external auth

[Jason Pyeron]

> From: Cantor, Scott
> Sent: Wednesday, January 13, 2021 6:47 PM
> 
> On 1/13/21, 6:39 PM, " Jason Pyeron" wrote:
> 
> > Would an update to "external interface example in JSP" be welcome?
> 
> Only as an alternative, not as a "fix", there's nothing broken about the defined way.

Thanks again, I was stuck for almost 2 days.

https://wiki.shibboleth.net/confluence/display/IDP4/ExternalAuthnConfiguration

External interface with attributes in JSP
=========================================

<%@ page pageEncoding="UTF-8" %>
<%@ taglib uri="http://www.springframework.org/tags" prefix="spring" %>
<%@ page import="net.shibboleth.idp.authn.*" %>
<%@ page import="net.shibboleth.idp.attribute.*"%>
<%@ page import="net.shibboleth.idp.authn.principal.*"%>
<%@ page import="java.util.*"%>
 
<%
try {
    final String key = ExternalAuthentication.startExternalAuthentication(request);
 
    HashSet<Principal> principals=new HashSet<Principal>();
 
    principals.add(new UsernamePrincipal("bbarker"));
 
    //<DataConnector xsi:type="Subject" exportAttributes="mail eduPersonNickname" id="myId" />
    //<AttributeDefinition ... <InputDataConnector ref="myId" ...
    IdPAttribute attr=new IdPAttribute("eduPersonNickname");
    attr.setValues(Collections.singleton(new StringAttributeValue("Bob Barker")));
    principals.add(new IdPAttributePrincipal(attr));
 
    attr=new IdPAttribute("mail");
    attr.setValues(Collections.singleton(new StringAttributeValue("bbarker at example.org")));
    principals.add(new IdPAttributePrincipal(attr));
 
    request.setAttribute(ExternalAuthentication.SUBJECT_KEY,new Subject(false, principals, Collections.EMPTY_SET, Collections.EMPTY_SET));
 
    ExternalAuthentication.finishExternalAuthentication(key, request, response);
 
} catch (final ExternalAuthenticationException e) {
    throw new ServletException("Error processing external authentication request", e);
}
%>