Examples with EncryptedID com.sun.identity.saml2.assertion.EncryptedID used on opensource projects

Example 26 with EncryptedID

use of com.sun.identity.saml2.assertion.EncryptedID in project OpenAM by OpenRock.

the class NameIDMapping method getEncryptedID.

static EncryptedID getEncryptedID(NameID nameID, String realm, String entityID, String role) throws SAML2Exception {
    RoleDescriptorType roled = null;
    if (role.equals(SAML2Constants.SP_ROLE)) {
        roled = metaManager.getSPSSODescriptor(realm, entityID);
    } else {
        roled = metaManager.getIDPSSODescriptor(realm, entityID);
    }
    EncInfo encInfo = KeyUtil.getEncInfo(roled, entityID, role);
    if (encInfo == null) {
        throw new SAML2Exception(SAML2Utils.bundle.getString("UnableToFindEncryptKeyInfo"));
    }
    EncryptedID encryptedID = nameID.encrypt(encInfo.getWrappingKey(), encInfo.getDataEncAlgorithm(), encInfo.getDataEncStrength(), entityID);
    return encryptedID;
}

Example 27 with EncryptedID

use of com.sun.identity.saml2.assertion.EncryptedID in project OpenAM by OpenRock.

the class NameIDMapping method getNameID.

private static NameID getNameID(NameIDMappingRequest nimRequest, String realm, String idpEntityID) {
    NameID nameID = nimRequest.getNameID();
    if (nameID == null) {
        EncryptedID encryptedID = nimRequest.getEncryptedID();
        try {
            final IDPSSOConfigElement idpSsoConfig = metaManager.getIDPSSOConfig(realm, idpEntityID);
            nameID = encryptedID.decrypt(KeyUtil.getDecryptionKeys(idpSsoConfig));
        } catch (SAML2Exception ex) {
            if (SAML2Utils.debug.messageEnabled()) {
                SAML2Utils.debug.message("NameIDMapping.getNameID:", ex);
            }
            return null;
        }
    }
    if (!SAML2Utils.isPersistentNameID(nameID)) {
        return null;
    }
    return nameID;
}

Example 28 with EncryptedID

use of com.sun.identity.saml2.assertion.EncryptedID in project OpenAM by OpenRock.

the class LogoutUtil method getNameIDFromSLORequest.

static NameID getNameIDFromSLORequest(LogoutRequest request, String realm, String hostEntity, String hostEntityRole) throws SAML2Exception {
    String method = "getNameIDFromSLORequest: ";
    boolean needDecryptIt = SAML2Utils.getWantNameIDEncrypted(realm, hostEntity, hostEntityRole);
    if (needDecryptIt == false) {
        if (debug.messageEnabled()) {
            debug.message(method + "NamID doesn't need to be decrypted.");
        }
        return request.getNameID();
    }
    if (debug.messageEnabled()) {
        debug.message(method + "realm is : " + realm);
        debug.message(method + "hostEntity is : " + hostEntity);
        debug.message(method + "Host Entity role is : " + hostEntityRole);
    }
    EncryptedID encryptedID = request.getEncryptedID();
    return encryptedID.decrypt(KeyUtil.getDecryptionKeys(realm, hostEntity, hostEntityRole));
}

Example 29 with EncryptedID

use of com.sun.identity.saml2.assertion.EncryptedID in project OpenAM by OpenRock.

the class SAML2 method getNameId.

/**
     * Reads the authenticating user's SAML2 NameId from the stored map. Decrypts if necessary.
     */
private NameID getNameId() throws SAML2Exception, AuthLoginException {
    final EncryptedID encId = assertionSubject.getEncryptedID();
    final String spName = metaManager.getEntityByMetaAlias(metaAlias);
    final SPSSOConfigElement spssoconfig = metaManager.getSPSSOConfig(realm, spName);
    final Set<PrivateKey> decryptionKeys = KeyUtil.getDecryptionKeys(spssoconfig);
    NameID nameId = assertionSubject.getNameID();
    if (encId != null) {
        nameId = encId.decrypt(decryptionKeys);
    }
    return nameId;
}