Search in sources :

Example 1 with EncInfo

use of com.sun.identity.federation.key.EncInfo in project OpenAM by OpenRock.

the class IDFFModelImpl method getEntityIDPDescriptor.

/**
     * Returns a map of IDP key/value pairs.
     *
     * @param realm where the entity exists.
     * @param entityName of entity descriptor.
     * @return map of IDP key/value pairs
     */
public Map getEntityIDPDescriptor(String realm, String entityName) throws AMConsoleException {
    String[] params = { realm, entityName, "IDFF", "IDP-Standard Metadata" };
    logEvent("ATTEMPT_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    Map map = new HashMap();
    try {
        IDFFMetaManager manager = getIDFFMetaManager();
        IDPDescriptorType pDesc = manager.getIDPDescriptor(realm, entityName);
        // common attributes
        map.put(ATTR_PROTOCOL_SUPPORT_ENUMERATION, convertListToSet(pDesc.getProtocolSupportEnumeration()));
        //communication URLs
        map.put(ATTR_SOAP_END_POINT, returnEmptySetIfValueIsNull(pDesc.getSoapEndpoint()));
        map.put(ATTR_SINGLE_SIGN_ON_SERVICE_URL, returnEmptySetIfValueIsNull(pDesc.getSingleSignOnServiceURL()));
        map.put(ATTR_SINGLE_LOGOUT_SERVICE_URL, returnEmptySetIfValueIsNull(pDesc.getSingleLogoutServiceURL()));
        map.put(ATTR_SINGLE_LOGOUT_SERVICE_RETURN_URL, returnEmptySetIfValueIsNull(pDesc.getSingleLogoutServiceReturnURL()));
        map.put(ATTR_FEDERATION_TERMINATION_SERVICES_URL, returnEmptySetIfValueIsNull(pDesc.getFederationTerminationServiceURL()));
        map.put(ATTR_FEDERATION_TERMINATION_SERVICE_RETURN_URL, returnEmptySetIfValueIsNull(pDesc.getFederationTerminationServiceReturnURL()));
        map.put(ATTR_REGISTRATION_NAME_IDENTIFIER_SERVICE_URL, returnEmptySetIfValueIsNull(pDesc.getRegisterNameIdentifierServiceURL()));
        map.put(ATTR_REGISTRATION_NAME_IDENTIFIER_SERVICE_RETURN_URL, returnEmptySetIfValueIsNull(pDesc.getRegisterNameIdentifierServiceReturnURL()));
        // communication profiles
        map.put(ATTR_FEDERATION_TERMINATION_NOTIFICATION_PROTOCOL_PROFILE, returnEmptySetIfValueIsNull((String) pDesc.getFederationTerminationNotificationProtocolProfile().get(0)));
        map.put(ATTR_SINGLE_LOGOUT_PROTOCOL_PROFILE, returnEmptySetIfValueIsNull((String) pDesc.getSingleLogoutProtocolProfile().get(0)));
        map.put(ATTR_REGISTRATION_NAME_IDENTIFIER_PROFILE_PROFILE, returnEmptySetIfValueIsNull((String) pDesc.getRegisterNameIdentifierProtocolProfile().get(0)));
        map.put(ATTR_SINGLE_SIGN_ON_PROTOCOL_PROFILE, returnEmptySetIfValueIsNull((String) pDesc.getSingleSignOnProtocolProfile().get(0)));
        // get signing key size and algorithm               
        EncInfo encinfo = KeyUtil.getEncInfo((ProviderDescriptorType) pDesc, entityName, //isIDP
        true);
        if (encinfo == null) {
            map.put(ATTR_ENCRYPTION_KEY_SIZE, Collections.EMPTY_SET);
            map.put(ATTR_ENCRYPTION_ALGORITHM, Collections.EMPTY_SET);
        } else {
            int size = encinfo.getDataEncStrength();
            String alg = encinfo.getDataEncAlgorithm();
            map.put(ATTR_ENCRYPTION_KEY_SIZE, returnEmptySetIfValueIsNull(Integer.toString(size)));
            map.put(ATTR_ENCRYPTION_ALGORITHM, returnEmptySetIfValueIsNull(alg));
        }
        logEvent("SUCCEED_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    } catch (IDFFMetaException e) {
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "IDFF", "IDP-Standard Metadata", strError };
        logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    }
    return map;
}
Also used : IDPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType) EncInfo(com.sun.identity.federation.key.EncInfo) HashMap(java.util.HashMap) IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) HashMap(java.util.HashMap) Map(java.util.Map)

Example 2 with EncInfo

use of com.sun.identity.federation.key.EncInfo in project OpenAM by OpenRock.

the class IDFFModelImpl method getEntitySPDescriptor.

/**
     * Returns a map of an SP entity descriptors key/value pairs.
     *
     * @param realm where the entity exists.
     * @param entityName name of entity descriptor.
     * @return map of SP key/value pairs
     */
public Map getEntitySPDescriptor(String realm, String entityName) throws AMConsoleException {
    String[] params = { realm, entityName, "IDFF", "SP-Standard Metadata" };
    logEvent("ATTEMPT_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    Map map = new HashMap();
    SPDescriptorType pDesc = null;
    try {
        IDFFMetaManager manager = getIDFFMetaManager();
        pDesc = manager.getSPDescriptor(realm, entityName);
        // common attributes
        map.put(ATTR_PROTOCOL_SUPPORT_ENUMERATION, convertListToSet(pDesc.getProtocolSupportEnumeration()));
        //communication URLs
        map.put(ATTR_SOAP_END_POINT, returnEmptySetIfValueIsNull(pDesc.getSoapEndpoint()));
        map.put(ATTR_SINGLE_LOGOUT_SERVICE_URL, returnEmptySetIfValueIsNull(pDesc.getSingleLogoutServiceURL()));
        map.put(ATTR_SINGLE_LOGOUT_SERVICE_RETURN_URL, returnEmptySetIfValueIsNull(pDesc.getSingleLogoutServiceReturnURL()));
        map.put(ATTR_FEDERATION_TERMINATION_SERVICES_URL, returnEmptySetIfValueIsNull(pDesc.getFederationTerminationServiceURL()));
        map.put(ATTR_FEDERATION_TERMINATION_SERVICE_RETURN_URL, returnEmptySetIfValueIsNull(pDesc.getFederationTerminationServiceReturnURL()));
        map.put(ATTR_REGISTRATION_NAME_IDENTIFIER_SERVICE_URL, returnEmptySetIfValueIsNull(pDesc.getRegisterNameIdentifierServiceURL()));
        map.put(ATTR_REGISTRATION_NAME_IDENTIFIER_SERVICE_RETURN_URL, returnEmptySetIfValueIsNull(pDesc.getRegisterNameIdentifierServiceReturnURL()));
        // communication profiles
        map.put(ATTR_FEDERATION_TERMINATION_NOTIFICATION_PROTOCOL_PROFILE, returnEmptySetIfValueIsNull((String) pDesc.getFederationTerminationNotificationProtocolProfile().get(0)));
        map.put(ATTR_SINGLE_LOGOUT_PROTOCOL_PROFILE, returnEmptySetIfValueIsNull((String) pDesc.getSingleLogoutProtocolProfile().get(0)));
        map.put(ATTR_REGISTRATION_NAME_IDENTIFIER_PROFILE_PROFILE, returnEmptySetIfValueIsNull((String) pDesc.getRegisterNameIdentifierProtocolProfile().get(0)));
        // only for Service Provider
        com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType.AssertionConsumerServiceURLType assertionType = (com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType.AssertionConsumerServiceURLType) ((List) pDesc.getAssertionConsumerServiceURL()).get(0);
        if (assertionType != null) {
            map.put(ATTR_ASSERTION_CUSTOMER_SERVICE_URIID, returnEmptySetIfValueIsNull(assertionType.getId()));
            map.put(ATTR_ASSERTION_CUSTOMER_SERVICE_URL, returnEmptySetIfValueIsNull(assertionType.getValue()));
            map.put(ATTR_ASSERTION_CUSTOMER_SERVICE_URL_AS_DEFAULT, returnEmptySetIfValueIsNull(assertionType.isIsDefault()));
        } else {
            map.put(ATTR_ASSERTION_CUSTOMER_SERVICE_URIID, Collections.EMPTY_SET);
            map.put(ATTR_ASSERTION_CUSTOMER_SERVICE_URL, Collections.EMPTY_SET);
            map.put(ATTR_ASSERTION_CUSTOMER_SERVICE_URL_AS_DEFAULT, Collections.EMPTY_SET);
        }
        map.put(ATTR_AUTHN_REQUESTS_SIGNED, returnEmptySetIfValueIsNull(pDesc.isAuthnRequestsSigned()));
        // get signing key size and algorithm                           
        EncInfo encinfo = KeyUtil.getEncInfo((ProviderDescriptorType) pDesc, entityName, //isIDP
        false);
        if (encinfo == null) {
            map.put(ATTR_ENCRYPTION_KEY_SIZE, Collections.EMPTY_SET);
            map.put(ATTR_ENCRYPTION_ALGORITHM, Collections.EMPTY_SET);
        } else {
            int size = encinfo.getDataEncStrength();
            String alg = encinfo.getDataEncAlgorithm();
            map.put(ATTR_ENCRYPTION_KEY_SIZE, returnEmptySetIfValueIsNull(Integer.toString(size)));
            map.put(ATTR_ENCRYPTION_ALGORITHM, returnEmptySetIfValueIsNull(alg));
        }
        logEvent("SUCCEED_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", params);
    } catch (IDFFMetaException e) {
        String strError = getErrorString(e);
        String[] paramsEx = { realm, entityName, "IDFF", "SP-Standard Metadata", strError };
        logEvent("FEDERATION_EXCEPTION_GET_ENTITY_DESCRIPTOR_ATTR_VALUES", paramsEx);
        throw new AMConsoleException(strError);
    }
    return map;
}
Also used : HashMap(java.util.HashMap) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) SPDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType) EncInfo(com.sun.identity.federation.key.EncInfo) IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager) AMConsoleException(com.sun.identity.console.base.model.AMConsoleException) HashMap(java.util.HashMap) Map(java.util.Map)

Example 3 with EncInfo

use of com.sun.identity.federation.key.EncInfo in project OpenAM by OpenRock.

the class EncryptedNameIdentifier method getEncryptedNameIdentifier.

/**
     * Returns the <code>EncryptedNameIdentifier</code> for a given name
     * identifier and the provider ID.
     *
     * @param ni the <code>NameIdentifier</code> object.
     * @param realm The realm under which the entity resides.
     * @param providerID the remote provider identifier.
     * @return the <code>NameIdentifier</code> object.
     * @throws FSException on error.
     */
public static NameIdentifier getEncryptedNameIdentifier(NameIdentifier ni, String realm, String providerID) throws FSException {
    if (ni == null || providerID == null) {
        FSUtils.debug.error("EncryptedNameIdentifier.construct: " + "nullInputParameter");
        throw new FSException("nullInputParameter", null);
    }
    ProviderDescriptorType providerDesc = null;
    try {
        IDFFMetaManager metaManager = FSUtils.getIDFFMetaManager();
        if (metaManager != null) {
            providerDesc = metaManager.getSPDescriptor(realm, providerID);
            if (providerDesc == null) {
                providerDesc = metaManager.getIDPDescriptor(realm, providerID);
            }
        }
        if (providerDesc == null) {
            throw new IDFFMetaException((String) null);
        }
    } catch (IDFFMetaException ae) {
        FSUtils.debug.error("EncryptedNameIdentifier.construct: Could" + "not retrieve the meta for provider" + providerID);
        throw new FSException(ae);
    }
    EncInfo encInfo = KeyUtil.getEncInfo(providerDesc, providerID, false);
    return getEncryptedNameIdentifier(ni, providerID, encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength());
}
Also used : EncInfo(com.sun.identity.federation.key.EncInfo) IDFFMetaManager(com.sun.identity.federation.meta.IDFFMetaManager) IDFFMetaException(com.sun.identity.federation.meta.IDFFMetaException) ProviderDescriptorType(com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType) FSException(com.sun.identity.federation.common.FSException)

Aggregations

EncInfo (com.sun.identity.federation.key.EncInfo)3 IDFFMetaException (com.sun.identity.federation.meta.IDFFMetaException)3 IDFFMetaManager (com.sun.identity.federation.meta.IDFFMetaManager)3 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)2 HashMap (java.util.HashMap)2 Map (java.util.Map)2 FSException (com.sun.identity.federation.common.FSException)1 IDPDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.IDPDescriptorType)1 ProviderDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.ProviderDescriptorType)1 SPDescriptorType (com.sun.identity.liberty.ws.meta.jaxb.SPDescriptorType)1