Examples with ResolverException net.shibboleth.utilities.java.support.resolver.ResolverException used on opensource projects

Search in sources :

Example 6 with ResolverException

use of net.shibboleth.utilities.java.support.resolver.ResolverException in project verify-hub by alphagov.

the class SigningCertFromMetadataExtractorTest method unableToResolveMetadata.

@Test
public void unableToResolveMetadata() {
    Assertions.assertThrows(SigningKeyExtractionException.class, () -> {
        signingCertFromMetadataExtractor = new SigningCertFromMetadataExtractor(metadataResolver, HUB_ENTITY_ID);
        when(metadataResolver.resolve(any())).thenThrow(new ResolverException());
        signingCertFromMetadataExtractor.getSigningCertForCurrentSigningKey(hubPrimarySigningCert.getPublicKey());
    });
}
Also used : ResolverException(net.shibboleth.utilities.java.support.resolver.ResolverException) Test(org.junit.jupiter.api.Test)

Example 7 with ResolverException

use of net.shibboleth.utilities.java.support.resolver.ResolverException in project verify-hub by alphagov.

the class IdpSingleSignOnServiceHelper method getSingleSignOn.

public URI getSingleSignOn(String entityId) {
    EntityDescriptor idpEntityDescriptor;
    try {
        CriteriaSet criteria = new CriteriaSet(new EntityIdCriterion(entityId));
        idpEntityDescriptor = metadataProvider.resolveSingle(criteria);
    } catch (ResolverException e) {
        LOG.log(Level.SEVERE, format("Exception when accessing metadata: {0}", e));
        throw new RuntimeException(e);
    }
    if (idpEntityDescriptor != null) {
        final IDPSSODescriptor idpssoDescriptor = idpEntityDescriptor.getIDPSSODescriptor(SAMLConstants.SAML20P_NS);
        final List<SingleSignOnService> singleSignOnServices = idpssoDescriptor.getSingleSignOnServices();
        if (singleSignOnServices.isEmpty()) {
            LOG.log(Level.SEVERE, format("No singleSignOnServices present for IDP entityId: {0}", entityId));
        } else {
            if (singleSignOnServices.size() > 1) {
                LOG.log(Level.WARNING, format("More than one singleSignOnService present: {0} for {1}", singleSignOnServices.size(), entityId));
            }
            return URI.create(singleSignOnServices.get(0).getLocation());
        }
    }
    throw ApplicationException.createUnauditedException(ExceptionType.NOT_FOUND, UUID.randomUUID(), new RuntimeException(format("no entity descriptor for IDP: {0}", entityId)));
}
Also used : EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) ResolverException(net.shibboleth.utilities.java.support.resolver.ResolverException) IDPSSODescriptor(org.opensaml.saml.saml2.metadata.IDPSSODescriptor) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) EntityIdCriterion(org.opensaml.core.criterion.EntityIdCriterion) SingleSignOnService(org.opensaml.saml.saml2.metadata.SingleSignOnService)

Example 8 with ResolverException

use of net.shibboleth.utilities.java.support.resolver.ResolverException in project verify-hub by alphagov.

the class HubAsIdpMetadataHandler method getMetadataAsAnIdentityProvider.

public HubIdentityProviderMetadataDto getMetadataAsAnIdentityProvider() {
    URI hubFrontend = samlProxyConfiguration.getFrontendExternalUri();
    SamlEndpointDto binding = new SamlEndpointDto(SamlEndpointDto.Binding.POST, URI.create(hubFrontend + SAML2_SSO_REQUEST_ENDPOINT));
    Iterable<EntityDescriptor> entityDescriptors;
    try {
        CriteriaSet criteria = new CriteriaSet(new EntitiesDescriptorNameCriterion(hubFederationId));
        entityDescriptors = metadataResolver.resolve(criteria);
        LOG.info("Retrieved metadata from " + samlProxyConfiguration.getMetadataConfiguration().getUri());
    } catch (ResolverException e) {
        throw ApplicationException.createUnauditedException(ExceptionType.METADATA_PROVIDER_EXCEPTION, e.getMessage(), e);
    }
    final Iterable<EntityDescriptor> idpEntityDescriptors = StreamSupport.stream(entityDescriptors.spliterator(), false).filter(input -> input.getIDPSSODescriptor(SAMLConstants.SAML20P_NS) != null).collect(Collectors.toList());
    final Iterable<EntityDescriptor> hubEntityDescriptors = StreamSupport.stream(entityDescriptors.spliterator(), false).filter(input -> input.getEntityID().equals(hubEntityId)).collect(Collectors.toList());
    final Iterable<List<Certificate>> idpSigningCertificates = StreamSupport.stream(idpEntityDescriptors.spliterator(), false).map(this::getIDPSigningCertificates).collect(Collectors.toList());
    final Iterable<Certificate> hubEncryptionCertificate = StreamSupport.stream(hubEntityDescriptors.spliterator(), false).map(this::getHubEncryptionCertificate).collect(Collectors.toList());
    final Iterable<List<Certificate>> hubSigningCertificates = StreamSupport.stream(hubEntityDescriptors.spliterator(), false).map(this::getHubSigningCertificates).collect(Collectors.toList());
    return new HubIdentityProviderMetadataDto(singletonList(binding), hubEntityId, organisationDto, Collections.emptySet(), ImmutableList.copyOf(Iterables.concat(idpSigningCertificates)), DateTime.now().plus(samlProxyConfiguration.getMetadataValidDuration().toMilliseconds()), ImmutableList.copyOf(Iterables.concat(hubSigningCertificates)), hubEncryptionCertificate.iterator().next());
}
Also used : Iterables(com.google.common.collect.Iterables) ExceptionType(uk.gov.ida.common.ExceptionType) KeyDescriptor(org.opensaml.saml.saml2.metadata.KeyDescriptor) Collections.singletonList(java.util.Collections.singletonList) Inject(javax.inject.Inject) HubIdentityProviderMetadataDto(uk.gov.ida.saml.metadata.domain.HubIdentityProviderMetadataDto) ImmutableList(com.google.common.collect.ImmutableList) StreamSupport(java.util.stream.StreamSupport) Named(javax.inject.Named) URI(java.net.URI) SamlEndpointDto(uk.gov.ida.saml.metadata.domain.SamlEndpointDto) SAMLConstants(org.opensaml.saml.common.xml.SAMLConstants) ApplicationException(uk.gov.ida.exceptions.ApplicationException) ResolverException(net.shibboleth.utilities.java.support.resolver.ResolverException) UsageType(org.opensaml.security.credential.UsageType) DateTime(org.joda.time.DateTime) MetadataResolver(org.opensaml.saml.metadata.resolver.MetadataResolver) OrganisationDto(uk.gov.ida.saml.metadata.domain.OrganisationDto) Logger(java.util.logging.Logger) Collectors(java.util.stream.Collectors) List(java.util.List) X509Certificate(org.opensaml.xmlsec.signature.X509Certificate) X509Data(org.opensaml.xmlsec.signature.X509Data) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) Collections(java.util.Collections) Certificate(uk.gov.ida.common.shared.security.Certificate) SamlProxyConfiguration(uk.gov.ida.hub.samlproxy.SamlProxyConfiguration) EntitiesDescriptorNameCriterion(uk.gov.ida.saml.metadata.EntitiesDescriptorNameCriterion) SAML2_SSO_REQUEST_ENDPOINT(uk.gov.ida.hub.samlproxy.Urls.FrontendUrls.SAML2_SSO_REQUEST_ENDPOINT) SamlEndpointDto(uk.gov.ida.saml.metadata.domain.SamlEndpointDto) ResolverException(net.shibboleth.utilities.java.support.resolver.ResolverException) EntitiesDescriptorNameCriterion(uk.gov.ida.saml.metadata.EntitiesDescriptorNameCriterion) URI(java.net.URI) EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) HubIdentityProviderMetadataDto(uk.gov.ida.saml.metadata.domain.HubIdentityProviderMetadataDto) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) Collections.singletonList(java.util.Collections.singletonList) ImmutableList(com.google.common.collect.ImmutableList) List(java.util.List) X509Certificate(org.opensaml.xmlsec.signature.X509Certificate) Certificate(uk.gov.ida.common.shared.security.Certificate)

Aggregations

ResolverException (net.shibboleth.utilities.java.support.resolver.ResolverException)8 CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)6 EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)4 EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)4 MetadataResolver (org.opensaml.saml.metadata.resolver.MetadataResolver)3 Test (org.junit.jupiter.api.Test)2 IDPSSODescriptor (org.opensaml.saml.saml2.metadata.IDPSSODescriptor)2 SingleSignOnService (org.opensaml.saml.saml2.metadata.SingleSignOnService)2 SAMLException (org.pac4j.saml.exceptions.SAMLException)2 ImmutableList (com.google.common.collect.ImmutableList)1 Iterables (com.google.common.collect.Iterables)1 URI (java.net.URI)1 ArrayList (java.util.ArrayList)1 Collections (java.util.Collections)1 Collections.singletonList (java.util.Collections.singletonList)1 List (java.util.List)1 Timer (java.util.Timer)1 Logger (java.util.logging.Logger)1 Collectors (java.util.stream.Collectors)1 StreamSupport (java.util.stream.StreamSupport)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial