Search in sources :

Example 1 with KeyStoreLoader

use of org.maxkey.crypto.keystore.KeyStoreLoader in project MaxKey by dromara.

the class ApplicationAutoConfiguration method spKeyStoreLoader.

/**
 * spKeyStoreLoader .
 * @return
 */
@Bean(name = "spKeyStoreLoader")
public KeyStoreLoader spKeyStoreLoader(@Value("${maxkey.saml.v20.sp.issuing.entity.id}") String entityName, @Value("${maxkey.saml.v20.sp.keystore.password}") String keystorePassword, @Value("${maxkey.saml.v20.sp.keystore}") Resource keystoreFile) {
    KeyStoreLoader keyStoreLoader = new KeyStoreLoader();
    keyStoreLoader.setEntityName(entityName);
    keyStoreLoader.setKeystorePassword(keystorePassword);
    keyStoreLoader.setKeystoreFile(keystoreFile);
    return keyStoreLoader;
}
Also used : KeyStoreLoader(org.maxkey.crypto.keystore.KeyStoreLoader) InitializingBean(org.springframework.beans.factory.InitializingBean) Bean(org.springframework.context.annotation.Bean)

Example 2 with KeyStoreLoader

use of org.maxkey.crypto.keystore.KeyStoreLoader in project MaxKey by dromara.

the class ApplicationAutoConfiguration method keyStoreLoader.

/**
 * keyStoreLoader .
 * @return
 */
@Bean(name = "keyStoreLoader")
public KeyStoreLoader keyStoreLoader(@Value("${maxkey.saml.v20.idp.issuing.entity.id}") String entityName, @Value("${maxkey.saml.v20.idp.keystore.password}") String keystorePassword, @Value("${maxkey.saml.v20.idp.keystore}") Resource keystoreFile) {
    KeyStoreLoader keyStoreLoader = new KeyStoreLoader();
    keyStoreLoader.setEntityName(entityName);
    keyStoreLoader.setKeystorePassword(keystorePassword);
    keyStoreLoader.setKeystoreFile(keystoreFile);
    return keyStoreLoader;
}
Also used : KeyStoreLoader(org.maxkey.crypto.keystore.KeyStoreLoader) InitializingBean(org.springframework.beans.factory.InitializingBean) Bean(org.springframework.context.annotation.Bean)

Example 3 with KeyStoreLoader

use of org.maxkey.crypto.keystore.KeyStoreLoader in project MaxKey by dromara.

the class AbstractAuthorizeAdapter method sign.

public Object sign(Object data, String signatureKey, String signature) {
    if (ConstsBoolean.isTrue(app.getIsSignature())) {
        KeyStoreLoader keyStoreLoader = WebContext.getBean("keyStoreLoader", KeyStoreLoader.class);
        try {
            byte[] signData = CertSigner.sign(data.toString().getBytes(), keyStoreLoader.getKeyStore(), keyStoreLoader.getEntityName(), keyStoreLoader.getKeystorePassword());
            _logger.debug("signed Token : " + data);
            _logger.debug("signature : " + signData.toString());
            return Base64Utils.base64UrlEncode(data.toString().getBytes("UTF-8")) + "." + Base64Utils.base64UrlEncode(signData);
        } catch (UnsupportedEncodingException e) {
            _logger.error("UnsupportedEncodingException ", e);
        } catch (Exception e) {
            _logger.error("Exception ", e);
        }
        _logger.debug("Token {}", data);
    } else {
        _logger.debug("data not need sign .");
        return data;
    }
    return null;
}
Also used : KeyStoreLoader(org.maxkey.crypto.keystore.KeyStoreLoader) UnsupportedEncodingException(java.io.UnsupportedEncodingException) UnsupportedEncodingException(java.io.UnsupportedEncodingException)

Example 4 with KeyStoreLoader

use of org.maxkey.crypto.keystore.KeyStoreLoader in project MaxKey by dromara.

the class MetadataGenerator method samlmtest.

@SuppressWarnings({ "unchecked", "rawtypes" })
public void samlmtest() {
    try {
        KeyStoreLoader keyStoreLoader = new KeyStoreLoader();
        keyStoreLoader.setKeystorePassword("secret");
        keyStoreLoader.setKeystoreFile(new FileSystemResource("D:/JavaIDE/cert/idp-keystore.jks"));
        keyStoreLoader.afterPropertiesSet();
        KeyStore trustKeyStore = keyStoreLoader.getKeyStore();
        IssueInstantRule issueInstantRule = new IssueInstantRule(90, 300);
        ReplayCache replayCache = new ReplayCache(new MapBasedStorageService(), 14400000);
        MessageReplayRule messageReplayRule = new MessageReplayRule(replayCache);
        TrustResolver trustResolver = new TrustResolver(trustKeyStore, "idp", keyStoreLoader.getKeystorePassword(), issueInstantRule, messageReplayRule, "POST");
        CredentialResolver credentialResolver = (CredentialResolver) trustResolver.getKeyStoreCredentialResolver();
        CriteriaSet criteriaSet = new CriteriaSet();
        criteriaSet.add(new EntityIDCriteria("idp"));
        criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
        Credential signingCredential = null;
        try {
            signingCredential = credentialResolver.resolveSingle(criteriaSet);
        } catch (SecurityException e) {
            System.out.println("Credential resolve error : " + e);
            throw new Exception(e);
        }
        IDPSSODescriptor descriptor = buildIDPSSODescriptor();
        descriptor.getSingleSignOnServices().add(getSingleSignOnService("http://sso.maxkey.org/sso", null));
        descriptor.getSingleSignOnServices().add(getSingleSignOnService("http://sso.maxkey.org/sso", SAMLConstants.SAML2_POST_SIMPLE_SIGN_BINDING_URI));
        descriptor.getSingleLogoutServices().add(getSingleLogoutService("http://sso.maxkey.org/slo", null));
        descriptor.getKeyDescriptors().add(generateEncryptionKeyDescriptor(signingCredential));
        descriptor.getKeyDescriptors().add(generateSignKeyDescriptor(signingCredential));
        descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.TRANSIENT));
        descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.PERSISTENT));
        descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.EMAIL));
        descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.ENTITY));
        descriptor.getContactPersons().add(getContactPerson("maxkey", "shi", "ming", "shimingxy@163.com", "18724229876", null));
        descriptor.setOrganization(getOrganization("maxkey", "maxkey", "http://sso.maxkey.org"));
        String entityId = "http://www.test.com";
        EntityDescriptor entityDescriptor = buildEntityDescriptor(entityId, descriptor);
        String descriptorelementxml = XMLHelper.prettyPrintXML(marshallerMetadata(entityDescriptor));
        System.out.println("descriptor elementxm:\\n");
        System.out.println(descriptorelementxml);
        logger.info(descriptorelementxml);
    } catch (Exception e) {
        e.printStackTrace();
    }
}
Also used : EntityIDCriteria(org.opensaml.xml.security.criteria.EntityIDCriteria) Credential(org.opensaml.xml.security.credential.Credential) KeyStoreLoader(org.maxkey.crypto.keystore.KeyStoreLoader) MapBasedStorageService(org.opensaml.util.storage.MapBasedStorageService) IDPSSODescriptor(org.opensaml.saml2.metadata.IDPSSODescriptor) ReplayCache(org.opensaml.util.storage.ReplayCache) SecurityException(org.opensaml.xml.security.SecurityException) FileSystemResource(org.springframework.core.io.FileSystemResource) LocalizedString(org.opensaml.saml2.metadata.LocalizedString) KeyStore(java.security.KeyStore) IssueInstantRule(org.opensaml.common.binding.security.IssueInstantRule) SecurityException(org.opensaml.xml.security.SecurityException) UnmarshallingException(org.opensaml.xml.io.UnmarshallingException) ConfigurationException(org.opensaml.xml.ConfigurationException) EntityDescriptor(org.opensaml.saml2.metadata.EntityDescriptor) UsageCriteria(org.opensaml.xml.security.criteria.UsageCriteria) CriteriaSet(org.opensaml.xml.security.CriteriaSet) MessageReplayRule(org.opensaml.common.binding.security.MessageReplayRule) CredentialResolver(org.opensaml.xml.security.credential.CredentialResolver) TrustResolver(org.maxkey.authz.saml.common.TrustResolver)

Aggregations

KeyStoreLoader (org.maxkey.crypto.keystore.KeyStoreLoader)4 InitializingBean (org.springframework.beans.factory.InitializingBean)2 Bean (org.springframework.context.annotation.Bean)2 UnsupportedEncodingException (java.io.UnsupportedEncodingException)1 KeyStore (java.security.KeyStore)1 TrustResolver (org.maxkey.authz.saml.common.TrustResolver)1 IssueInstantRule (org.opensaml.common.binding.security.IssueInstantRule)1 MessageReplayRule (org.opensaml.common.binding.security.MessageReplayRule)1 EntityDescriptor (org.opensaml.saml2.metadata.EntityDescriptor)1 IDPSSODescriptor (org.opensaml.saml2.metadata.IDPSSODescriptor)1 LocalizedString (org.opensaml.saml2.metadata.LocalizedString)1 MapBasedStorageService (org.opensaml.util.storage.MapBasedStorageService)1 ReplayCache (org.opensaml.util.storage.ReplayCache)1 ConfigurationException (org.opensaml.xml.ConfigurationException)1 UnmarshallingException (org.opensaml.xml.io.UnmarshallingException)1 CriteriaSet (org.opensaml.xml.security.CriteriaSet)1 SecurityException (org.opensaml.xml.security.SecurityException)1 Credential (org.opensaml.xml.security.credential.Credential)1 CredentialResolver (org.opensaml.xml.security.credential.CredentialResolver)1 EntityIDCriteria (org.opensaml.xml.security.criteria.EntityIDCriteria)1