Example 26 with ProcessingException
use of org.keycloak.saml.common.exceptions.ProcessingException in project keycloak by keycloak.
the class DSAKeyValueType method convertToPublicKey.
/**
* Convert to the JDK representation of a DSA Public Key
*
* @return
*
* @throws org.keycloak.saml.common.exceptions.ProcessingException
*/
public DSAPublicKey convertToPublicKey() throws ProcessingException {
try {
BigInteger BigY = new BigInteger(1, massage(Base64.decode(new String(y))));
BigInteger BigP = new BigInteger(1, massage(Base64.decode(new String(p))));
BigInteger BigQ = new BigInteger(1, massage(Base64.decode(new String(q))));
BigInteger BigG = new BigInteger(1, massage(Base64.decode(new String(g))));
KeyFactory dsaKeyFactory = KeyFactory.getInstance("dsa");
DSAPublicKeySpec kspec = new DSAPublicKeySpec(BigY, BigP, BigQ, BigG);
return (DSAPublicKey) dsaKeyFactory.generatePublic(kspec);
} catch (Exception e) {
throw new ProcessingException(e);
}
}
Also used :
BigInteger(java.math.BigInteger)
KeyFactory(java.security.KeyFactory)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
DSAPublicKeySpec(java.security.spec.DSAPublicKeySpec)
DSAPublicKey(java.security.interfaces.DSAPublicKey)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
Example 27 with ProcessingException
use of org.keycloak.saml.common.exceptions.ProcessingException in project keycloak by keycloak.
the class DSAKeyValueType method convertToPrivateKey.
/**
* Convert to the JDK representation of a DSA Private Key
*
* @return
*
* @throws ProcessingException
*/
public DSAPrivateKey convertToPrivateKey() throws ProcessingException {
try {
BigInteger BigY = new BigInteger(1, massage(Base64.decode(new String(y))));
BigInteger BigP = new BigInteger(1, massage(Base64.decode(new String(p))));
BigInteger BigQ = new BigInteger(1, massage(Base64.decode(new String(q))));
BigInteger BigG = new BigInteger(1, massage(Base64.decode(new String(g))));
KeyFactory dsaKeyFactory = KeyFactory.getInstance("dsa");
DSAPrivateKeySpec kspec = new DSAPrivateKeySpec(BigY, BigP, BigQ, BigG);
return (DSAPrivateKey) dsaKeyFactory.generatePrivate(kspec);
} catch (Exception e) {
throw new ProcessingException(e);
}
}
Also used :
DSAPrivateKeySpec(java.security.spec.DSAPrivateKeySpec)
BigInteger(java.math.BigInteger)
DSAPrivateKey(java.security.interfaces.DSAPrivateKey)
KeyFactory(java.security.KeyFactory)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
Example 28 with ProcessingException
use of org.keycloak.saml.common.exceptions.ProcessingException in project keycloak by keycloak.
the class RSAKeyValueType method convertToPublicKey.
/**
* Convert to the JDK representation of a RSA Public Key
*
* @return
*
* @throws org.keycloak.saml.common.exceptions.ProcessingException
*/
public RSAPublicKey convertToPublicKey() throws ProcessingException {
try {
BigInteger bigModulus = new BigInteger(1, massage(Base64.decode(new String(modulus))));
BigInteger bigEx = new BigInteger(1, massage(Base64.decode(new String(exponent))));
KeyFactory rsaKeyFactory = KeyFactory.getInstance("rsa");
RSAPublicKeySpec kspec = new RSAPublicKeySpec(bigModulus, bigEx);
return (RSAPublicKey) rsaKeyFactory.generatePublic(kspec);
} catch (Exception e) {
throw new ProcessingException(e);
}
}
Also used :
RSAPublicKey(java.security.interfaces.RSAPublicKey)
BigInteger(java.math.BigInteger)
RSAPublicKeySpec(java.security.spec.RSAPublicKeySpec)
KeyFactory(java.security.KeyFactory)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
Example 29 with ProcessingException
use of org.keycloak.saml.common.exceptions.ProcessingException in project keycloak by keycloak.
the class SamlProtocol method buildArtifactAuthenticatedResponse.
/**
* This method, instead of sending the actual response with the token sends
* the artifact message via post or redirect.
*
* @param clientSession the current authenticated client session
* @param redirectUri the redirect uri to the client
* @param samlDocument a Document containing the saml Response
* @param bindingBuilder the current JaxrsSAML2BindingBuilder configured with information for signing and encryption
* @return A response (POSTed form or redirect) with a newly generated artifact
* @throws ConfigurationException
* @throws ProcessingException
* @throws IOException
*/
protected Response buildArtifactAuthenticatedResponse(AuthenticatedClientSessionModel clientSession, String redirectUri, SAML2Object samlDocument, JaxrsSAML2BindingBuilder bindingBuilder) throws ProcessingException, ConfigurationException {
try {
String artifact = buildArtifactAndStoreResponse(samlDocument, clientSession);
String relayState = clientSession.getNote(GeneralConstants.RELAY_STATE);
logger.debugf("Sending artifact %s to client %s", artifact, clientSession.getClient().getClientId());
if (isPostBinding(clientSession)) {
return artifactPost(redirectUri, artifact, relayState, bindingBuilder);
} else {
return artifactRedirect(redirectUri, artifact, relayState);
}
} catch (ArtifactResolverProcessingException e) {
throw new ProcessingException(e);
}
}
Also used :
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
Example 30 with ProcessingException
use of org.keycloak.saml.common.exceptions.ProcessingException in project keycloak by keycloak.
the class SamlService method artifactResponseMessage.
private Response artifactResponseMessage(ArtifactResolveType artifactResolveMessage, Document artifactResponseDocument, ClientModel clientModel) throws ProcessingException, ConfigurationException {
// Add "inResponseTo" to artifactResponse
if (artifactResolveMessage.getID() != null && !artifactResolveMessage.getID().trim().isEmpty()) {
Element artifactResponseElement = artifactResponseDocument.getDocumentElement();
artifactResponseElement.setAttribute("InResponseTo", artifactResolveMessage.getID());
}
JaxrsSAML2BindingBuilder bindingBuilder = new JaxrsSAML2BindingBuilder(session);
if (clientModel != null) {
SamlClient samlClient = new SamlClient(clientModel);
// Sign document/assertion if necessary, necessary to do this here, as the "inResponseTo" can only be set at this point
if (samlClient.requiresRealmSignature() || samlClient.requiresAssertionSignature()) {
KeyManager keyManager = session.keys();
KeyManager.ActiveRsaKey keys = keyManager.getActiveRsaKey(realm);
String keyName = samlClient.getXmlSigKeyInfoKeyNameTransformer().getKeyName(keys.getKid(), keys.getCertificate());
String canonicalization = samlClient.getCanonicalizationMethod();
if (canonicalization != null) {
bindingBuilder.canonicalizationMethod(canonicalization);
}
bindingBuilder.signatureAlgorithm(samlClient.getSignatureAlgorithm()).signWith(keyName, keys.getPrivateKey(), keys.getPublicKey(), keys.getCertificate());
if (samlClient.requiresRealmSignature())
bindingBuilder.signDocument();
if (samlClient.requiresAssertionSignature())
bindingBuilder.signAssertions();
}
// Encrypt assertion if client requires it
if (samlClient.requiresEncryption()) {
PublicKey publicKey = null;
try {
publicKey = SamlProtocolUtils.getEncryptionKey(clientModel);
} catch (Exception e) {
logger.error("Failed to obtain encryption key for client", e);
return emptyArtifactResponseMessage(artifactResolveMessage, null);
}
bindingBuilder.encrypt(publicKey);
}
}
bindingBuilder.postBinding(artifactResponseDocument);
Soap.SoapMessageBuilder messageBuilder = Soap.createMessage();
messageBuilder.addToBody(artifactResponseDocument);
if (logger.isDebugEnabled()) {
String artifactResponse = DocumentUtil.asString(artifactResponseDocument);
logger.debugf("Sending artifactResponse message for artifact %s. Message: \n %s", artifactResolveMessage.getArtifact(), artifactResponse);
}
return messageBuilder.build();
}
Also used :
PublicKey(java.security.PublicKey)
Element(org.w3c.dom.Element)
Soap(org.keycloak.protocol.saml.profile.util.Soap)
KeyManager(org.keycloak.models.KeyManager)
ParsingException(org.keycloak.saml.common.exceptions.ParsingException)
IOException(java.io.IOException)
URISyntaxException(java.net.URISyntaxException)
VerificationException(org.keycloak.common.VerificationException)
NotFoundException(javax.ws.rs.NotFoundException)
ProcessingException(org.keycloak.saml.common.exceptions.ProcessingException)
ConfigurationException(org.keycloak.saml.common.exceptions.ConfigurationException)
ParserConfigurationException(javax.xml.parsers.ParserConfigurationException)
Aggregations
ProcessingException (org.keycloak.saml.common.exceptions.ProcessingException)40
ConfigurationException (org.keycloak.saml.common.exceptions.ConfigurationException)25
Document (org.w3c.dom.Document)16
ParsingException (org.keycloak.saml.common.exceptions.ParsingException)15
Element (org.w3c.dom.Element)12
IOException (java.io.IOException)8
AuthnRequestType (org.keycloak.dom.saml.v2.protocol.AuthnRequestType)8
ResponseType (org.keycloak.dom.saml.v2.protocol.ResponseType)8
QName (javax.xml.namespace.QName)7
SAMLDocumentHolder (org.keycloak.saml.processing.core.saml.v2.common.SAMLDocumentHolder)5
ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)4
StatusResponseType (org.keycloak.dom.saml.v2.protocol.StatusResponseType)4
SAML2Request (org.keycloak.saml.processing.api.saml.v2.request.SAML2Request)4
BigInteger (java.math.BigInteger)3
KeyFactory (java.security.KeyFactory)3
Response (javax.ws.rs.core.Response)3
EncryptedKey (org.apache.xml.security.encryption.EncryptedKey)3
XMLCipher (org.apache.xml.security.encryption.XMLCipher)3
XMLEncryptionException (org.apache.xml.security.encryption.XMLEncryptionException)3
AttributeType (org.keycloak.dom.saml.v2.assertion.AttributeType)3
