Example 1 with STSInitializationException
use of org.forgerock.openam.sts.STSInitializationException in project OpenAM by OpenRock.
the class SoapSTSAgentCredentialsAccessImpl method decryptAgentPassword.
private String decryptAgentPassword(String encryptedAgentPassword, KeyStore soapSTSInternalKeystore) throws STSInitializationException {
try {
KeyStore.SecretKeyEntry entry = (KeyStore.SecretKeyEntry) soapSTSInternalKeystore.getEntry(SharedSTSConstants.AM_INTERNAL_PEK_ALIAS, new KeyStore.PasswordProtection(SharedSTSConstants.AM_INTERNAL_SOAP_STS_KEYSTORE_PW.toCharArray()));
JCEEncryption jceEncryption = new JCEEncryption();
final byte[] decodedPassword = Base64.decode(encryptedAgentPassword);
try {
jceEncryption.setPassword(new String(entry.getSecretKey().getEncoded(), StandardCharsets.UTF_8));
final byte[] decryptedPassword = jceEncryption.decrypt(decodedPassword);
return new String(decryptedPassword, StandardCharsets.UTF_8);
} catch (Exception e) {
throw new STSInitializationException(ResourceException.INTERNAL_ERROR, e.getMessage(), e);
}
} catch (NoSuchAlgorithmException | UnrecoverableEntryException | KeyStoreException e) {
throw new STSInitializationException(ResourceException.INTERNAL_ERROR, e.getMessage(), e);
}
}
Also used :
JCEEncryption(com.iplanet.services.util.JCEEncryption)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
KeyStoreException(java.security.KeyStoreException)
KeyStore(java.security.KeyStore)
STSInitializationException(org.forgerock.openam.sts.STSInitializationException)
KeyStoreException(java.security.KeyStoreException)
ResourceException(org.forgerock.json.resource.ResourceException)
NoSuchAlgorithmException(java.security.NoSuchAlgorithmException)
UnrecoverableEntryException(java.security.UnrecoverableEntryException)
STSInitializationException(org.forgerock.openam.sts.STSInitializationException)
UnrecoverableEntryException(java.security.UnrecoverableEntryException)
Example 2 with STSInitializationException
use of org.forgerock.openam.sts.STSInitializationException in project OpenAM by OpenRock.
the class TokenRenewOperationProvider method get.
public RenewOperation get() {
// TODO: migrate to ThrowingProviders
try {
TokenRenewOperation tokenRenewOperation = new TokenRenewOperation();
tokenRenewOperation.setStsProperties(stsPropertiesMBean);
tokenRenewOperation.setTokenStore(tokenStore);
tokenRenewOperation.setTokenValidators(getTokenValidators());
tokenRenewOperation.setTokenRenewers(getTokenRenewers());
return new TokenRenewOperationWrapper(tokenRenewOperation, threadLocalAMTokenCache);
} catch (STSInitializationException e) {
logger.error("Exception caught initializing a RenewOperation: " + e, e);
throw new RuntimeException(e);
}
}
Also used :
TokenRenewOperation(org.apache.cxf.sts.operation.TokenRenewOperation)
STSInitializationException(org.forgerock.openam.sts.STSInitializationException)
Example 3 with STSInitializationException
use of org.forgerock.openam.sts.STSInitializationException in project OpenAM by OpenRock.
the class TokenValidateOperationProvider method getFunctionalValidateOperation.
private ValidateOperation getFunctionalValidateOperation() {
TokenValidateOperation tokenValidateOperation = new TokenValidateOperation();
tokenValidateOperation.setStsProperties(stsPropertiesMBean);
tokenValidateOperation.setTokenStore(tokenStore);
try {
List<TokenValidator> tokenValidators = new ArrayList<>();
for (TokenType tokentype : validatedTokens) {
tokenValidators.add(operationFactory.getSimpleTokenValidator(tokentype));
}
tokenValidateOperation.setTokenValidators(tokenValidators);
} catch (STSInitializationException e) {
throw new RuntimeException(e);
}
return new TokenValidateOperationWrapper(tokenValidateOperation, threadLocalAMTokenCache);
}
Also used :
TokenValidator(org.apache.cxf.sts.token.validator.TokenValidator)
TokenType(org.forgerock.openam.sts.TokenType)
RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)
ArrayList(java.util.ArrayList)
TokenValidateOperation(org.apache.cxf.sts.operation.TokenValidateOperation)
STSInitializationException(org.forgerock.openam.sts.STSInitializationException)
Example 4 with STSInitializationException
use of org.forgerock.openam.sts.STSInitializationException in project OpenAM by OpenRock.
the class TokenIssueOperationProvider method get.
public IssueOperation get() {
//TODO: migrate to throwing providers
try {
TokenIssueOperation tokenIssueOperation = new TokenIssueOperation();
/*
The STS will not encrypt the issued tokens - the TokenGenerationService already offers functionality to
encrypt issued SAML assertions.
*/
tokenIssueOperation.setEncryptIssuedToken(false);
tokenIssueOperation.setStsProperties(stsPropertiesMBean);
tokenIssueOperation.setTokenStore(tokenStore);
/*
Set the tokenValidators which will be called to validate the tokens presented as ActAs or OnBehalfOf
elements
*/
tokenIssueOperation.setTokenValidators(getDelegationTokenValidators());
/*
Set the TokenDelegationHandlers (either empty if this sts instance will not process ActAs or OnBehalfOf elements,
or with the DefaultTokenDelegationHandler, or with user-specified custom handlers.
*/
tokenIssueOperation.setDelegationHandlers(tokenDelegationHandlers);
List<TokenProvider> tokenProviders = new ArrayList<TokenProvider>();
for (TokenType tokenType : issueTokenTypes) {
tokenProviders.add(operationFactory.getTokenProvider(tokenType));
}
tokenIssueOperation.setTokenProviders(tokenProviders);
return new TokenIssueOperationWrapper(tokenIssueOperation, threadLocalAMTokenCache);
} catch (STSInitializationException e) {
logger.error("Exception caught initializing a IssueOperation: " + e, e);
throw new RuntimeException(e);
}
}
Also used :
TokenProvider(org.apache.cxf.sts.token.provider.TokenProvider)
TokenType(org.forgerock.openam.sts.TokenType)
RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)
TokenIssueOperation(org.apache.cxf.sts.operation.TokenIssueOperation)
ArrayList(java.util.ArrayList)
STSInitializationException(org.forgerock.openam.sts.STSInitializationException)
Example 5 with STSInitializationException
use of org.forgerock.openam.sts.STSInitializationException in project OpenAM by OpenRock.
the class TokenCancelOperationProvider method getFunctionalCancelOperation.
private CancelOperation getFunctionalCancelOperation() {
TokenCancelOperation tokenCancelOperation = new TokenCancelOperation();
tokenCancelOperation.setStsProperties(stsPropertiesMBean);
tokenCancelOperation.setTokenStore(tokenStore);
try {
List<TokenCanceller> tokenCancellers = new ArrayList<>();
for (TokenType tokentype : validatedTokens) {
tokenCancellers.add(operationFactory.getTokenCanceller(tokentype));
}
tokenCancelOperation.setTokenCancellers(tokenCancellers);
} catch (STSInitializationException e) {
throw new RuntimeException(e);
}
return new TokenCancelOperationWrapper(tokenCancelOperation, threadLocalAMTokenCache);
}
Also used :
TokenType(org.forgerock.openam.sts.TokenType)
RequestSecurityTokenType(org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)
ArrayList(java.util.ArrayList)
TokenCancelOperation(org.apache.cxf.sts.operation.TokenCancelOperation)
STSInitializationException(org.forgerock.openam.sts.STSInitializationException)
TokenCanceller(org.apache.cxf.sts.token.canceller.TokenCanceller)
Aggregations
STSInitializationException (org.forgerock.openam.sts.STSInitializationException)5
ArrayList (java.util.ArrayList)3
RequestSecurityTokenType (org.apache.cxf.ws.security.sts.provider.model.RequestSecurityTokenType)3
TokenType (org.forgerock.openam.sts.TokenType)3
JCEEncryption (com.iplanet.services.util.JCEEncryption)1
KeyStore (java.security.KeyStore)1
KeyStoreException (java.security.KeyStoreException)1
NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1
UnrecoverableEntryException (java.security.UnrecoverableEntryException)1
TokenCancelOperation (org.apache.cxf.sts.operation.TokenCancelOperation)1
TokenIssueOperation (org.apache.cxf.sts.operation.TokenIssueOperation)1
TokenRenewOperation (org.apache.cxf.sts.operation.TokenRenewOperation)1
TokenValidateOperation (org.apache.cxf.sts.operation.TokenValidateOperation)1
TokenCanceller (org.apache.cxf.sts.token.canceller.TokenCanceller)1
TokenProvider (org.apache.cxf.sts.token.provider.TokenProvider)1
TokenValidator (org.apache.cxf.sts.token.validator.TokenValidator)1
ResourceException (org.forgerock.json.resource.ResourceException)1
