Search in sources :

Example 1 with AuthnResponseGenerator

use of org.maxkey.authz.saml20.provider.xml.AuthnResponseGenerator in project MaxKey by dromara.

the class ConsumerEndpoint method initCredential.

/**
 * 初始化sp证书
 *
 * @throws Exception
 */
private void initCredential(String spId) throws Exception {
    // 1. 获取 sp keyStore
    AppsSAML20Details saml20Details = saml20DetailsService.get(spId);
    if (saml20Details == null) {
        logger.error("spid[" + spId + "] not exists");
        throw new Exception();
    }
    byte[] keyStoreBytes = saml20Details.getKeyStore();
    InputStream keyStoreStream = new ByteArrayInputStream(keyStoreBytes);
    try {
        KeyStore keyStore = KeyStore.getInstance(keyStoreLoader.getKeystoreType());
        keyStore.load(keyStoreStream, keyStoreLoader.getKeystorePassword().toCharArray());
        Map<String, String> passwords = new HashMap<String, String>();
        for (Enumeration<String> en = keyStore.aliases(); en.hasMoreElements(); ) {
            String aliase = en.nextElement();
            if (aliase.equalsIgnoreCase(keyStoreLoader.getEntityName())) {
                passwords.put(aliase, keyStoreLoader.getKeystorePassword());
            }
        }
        // TrustResolver trustResolver = new
        // TrustResolver(keyStore,keyStoreLoader.getIdpIssuingEntityName(),keyStoreLoader.getKeystorePassword());
        AuthnResponseGenerator authnResponseGenerator = new AuthnResponseGenerator(keyStoreLoader.getEntityName(), timeService, idService);
        // endpointGenerator = new EndpointGenerator();
        CriteriaSet criteriaSet = new CriteriaSet();
        criteriaSet.add(new EntityIDCriteria(keyStoreLoader.getEntityName()));
        criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
        KeyStoreCredentialResolver credentialResolver = new KeyStoreCredentialResolver(keyStore, passwords);
        signingCredential = credentialResolver.resolveSingle(criteriaSet);
        Validate.notNull(signingCredential);
        // adapter set resolver
        TrustResolver trustResolver = new TrustResolver(keyStore, keyStoreLoader.getEntityName(), keyStoreLoader.getKeystorePassword(), issueInstantRule, messageReplayRule, "POST");
        extractBindingAdapter.setSecurityPolicyResolver(trustResolver.getStaticSecurityPolicyResolver());
    } catch (Exception e) {
        logger.error("初始化sp证书出错");
        throw new Exception(e);
    }
}
Also used : AppsSAML20Details(org.maxkey.entity.apps.AppsSAML20Details) AuthnResponseGenerator(org.maxkey.authz.saml20.provider.xml.AuthnResponseGenerator) EntityIDCriteria(org.opensaml.xml.security.criteria.EntityIDCriteria) HashMap(java.util.HashMap) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) KeyStore(java.security.KeyStore) MessageDecodingException(org.opensaml.ws.message.decoder.MessageDecodingException) IdentityProviderAuthenticationException(org.maxkey.authz.saml20.consumer.spring.IdentityProviderAuthenticationException) ValidationException(org.opensaml.xml.validation.ValidationException) SecurityException(org.opensaml.xml.security.SecurityException) ServiceProviderAuthenticationException(org.maxkey.authz.saml20.consumer.spring.ServiceProviderAuthenticationException) ByteArrayInputStream(java.io.ByteArrayInputStream) UsageCriteria(org.opensaml.xml.security.criteria.UsageCriteria) CriteriaSet(org.opensaml.xml.security.CriteriaSet) KeyStoreCredentialResolver(org.opensaml.xml.security.credential.KeyStoreCredentialResolver) TrustResolver(org.maxkey.authz.saml.common.TrustResolver)

Example 2 with AuthnResponseGenerator

use of org.maxkey.authz.saml20.provider.xml.AuthnResponseGenerator in project MaxKey by dromara.

the class Saml20AutoConfiguration method authnResponseGenerator.

/**
 * AuthnResponseGenerator.
 * @return authnResponseGenerator
 */
@Bean(name = "authnResponseGenerator")
public AuthnResponseGenerator authnResponseGenerator(TimeService timeService, IDService idService, @Value("${maxkey.saml.v20.idp.issuer}") String issuerEntityName) {
    _logger.debug("issuerEntityName " + issuerEntityName);
    AuthnResponseGenerator generator = new AuthnResponseGenerator(issuerEntityName, timeService, idService);
    return generator;
}
Also used : AuthnResponseGenerator(org.maxkey.authz.saml20.provider.xml.AuthnResponseGenerator) InitializingBean(org.springframework.beans.factory.InitializingBean) VelocityEngineFactoryBean(org.springframework.ui.velocity.VelocityEngineFactoryBean) Bean(org.springframework.context.annotation.Bean)

Aggregations

AuthnResponseGenerator (org.maxkey.authz.saml20.provider.xml.AuthnResponseGenerator)2 ByteArrayInputStream (java.io.ByteArrayInputStream)1 InputStream (java.io.InputStream)1 KeyStore (java.security.KeyStore)1 HashMap (java.util.HashMap)1 TrustResolver (org.maxkey.authz.saml.common.TrustResolver)1 IdentityProviderAuthenticationException (org.maxkey.authz.saml20.consumer.spring.IdentityProviderAuthenticationException)1 ServiceProviderAuthenticationException (org.maxkey.authz.saml20.consumer.spring.ServiceProviderAuthenticationException)1 AppsSAML20Details (org.maxkey.entity.apps.AppsSAML20Details)1 MessageDecodingException (org.opensaml.ws.message.decoder.MessageDecodingException)1 CriteriaSet (org.opensaml.xml.security.CriteriaSet)1 SecurityException (org.opensaml.xml.security.SecurityException)1 KeyStoreCredentialResolver (org.opensaml.xml.security.credential.KeyStoreCredentialResolver)1 EntityIDCriteria (org.opensaml.xml.security.criteria.EntityIDCriteria)1 UsageCriteria (org.opensaml.xml.security.criteria.UsageCriteria)1 ValidationException (org.opensaml.xml.validation.ValidationException)1 InitializingBean (org.springframework.beans.factory.InitializingBean)1 Bean (org.springframework.context.annotation.Bean)1 VelocityEngineFactoryBean (org.springframework.ui.velocity.VelocityEngineFactoryBean)1