Search in sources :

Example 31 with Extension

use of org.openecard.bouncycastle.asn1.x509.Extension in project felix by apache.

the class CertificateUtil method createSelfSignedCert.

private static X509Certificate createSelfSignedCert(String commonName, KeyPair keypair) throws Exception {
    PublicKey publicKey = keypair.getPublic();
    String keyAlg = DPSigner.getSignatureAlgorithm(publicKey);
    X500Name issuer = new X500Name(commonName);
    BigInteger serial = BigInteger.probablePrime(16, new Random());
    Date notBefore = new Date(System.currentTimeMillis() - 1000);
    Date notAfter = new Date(notBefore.getTime() + 6000);
    SubjectPublicKeyInfo pubKeyInfo;
    try (ASN1InputStream is = new ASN1InputStream(publicKey.getEncoded())) {
        pubKeyInfo = SubjectPublicKeyInfo.getInstance(is.readObject());
    }
    X509v3CertificateBuilder builder = new X509v3CertificateBuilder(issuer, serial, notBefore, notAfter, issuer, pubKeyInfo);
    builder.addExtension(new Extension(Extension.basicConstraints, true, new DEROctetString(new BasicConstraints(false))));
    X509CertificateHolder certHolder = builder.build(new JcaContentSignerBuilder(keyAlg).build(keypair.getPrivate()));
    return new JcaX509CertificateConverter().getCertificate(certHolder);
}
Also used : ASN1InputStream(org.bouncycastle.asn1.ASN1InputStream) PublicKey(java.security.PublicKey) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) DEROctetString(org.bouncycastle.asn1.DEROctetString) X500Name(org.bouncycastle.asn1.x500.X500Name) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) Date(java.util.Date) DEROctetString(org.bouncycastle.asn1.DEROctetString) Extension(org.bouncycastle.asn1.x509.Extension) Random(java.util.Random) X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) BigInteger(java.math.BigInteger) BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints)

Example 32 with Extension

use of org.openecard.bouncycastle.asn1.x509.Extension in project nifi by apache.

the class CertificateUtils method generateSelfSignedX509Certificate.

/**
 * Generates a self-signed {@link X509Certificate} suitable for use as a Certificate Authority.
 *
 * @param keyPair                 the {@link KeyPair} to generate the {@link X509Certificate} for
 * @param dn                      the distinguished name to user for the {@link X509Certificate}
 * @param signingAlgorithm        the signing algorithm to use for the {@link X509Certificate}
 * @param certificateDurationDays the duration in days for which the {@link X509Certificate} should be valid
 * @return a self-signed {@link X509Certificate} suitable for use as a Certificate Authority
 * @throws CertificateException      if there is an generating the new certificate
 */
public static X509Certificate generateSelfSignedX509Certificate(KeyPair keyPair, String dn, String signingAlgorithm, int certificateDurationDays) throws CertificateException {
    try {
        ContentSigner sigGen = new JcaContentSignerBuilder(signingAlgorithm).setProvider(BouncyCastleProvider.PROVIDER_NAME).build(keyPair.getPrivate());
        SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
        Date startDate = new Date();
        Date endDate = new Date(startDate.getTime() + TimeUnit.DAYS.toMillis(certificateDurationDays));
        X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(reverseX500Name(new X500Name(dn)), getUniqueSerialNumber(), startDate, endDate, reverseX500Name(new X500Name(dn)), subPubKeyInfo);
        // Set certificate extensions
        // (1) digitalSignature extension
        certBuilder.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment | KeyUsage.keyAgreement | KeyUsage.nonRepudiation | KeyUsage.cRLSign | KeyUsage.keyCertSign));
        certBuilder.addExtension(Extension.basicConstraints, false, new BasicConstraints(true));
        certBuilder.addExtension(Extension.subjectKeyIdentifier, false, new JcaX509ExtensionUtils().createSubjectKeyIdentifier(keyPair.getPublic()));
        certBuilder.addExtension(Extension.authorityKeyIdentifier, false, new JcaX509ExtensionUtils().createAuthorityKeyIdentifier(keyPair.getPublic()));
        // (2) extendedKeyUsage extension
        certBuilder.addExtension(Extension.extendedKeyUsage, false, new ExtendedKeyUsage(new KeyPurposeId[] { KeyPurposeId.id_kp_clientAuth, KeyPurposeId.id_kp_serverAuth }));
        // Sign the certificate
        X509CertificateHolder certificateHolder = certBuilder.build(sigGen);
        return new JcaX509CertificateConverter().setProvider(BouncyCastleProvider.PROVIDER_NAME).getCertificate(certificateHolder);
    } catch (CertIOException | NoSuchAlgorithmException | OperatorCreationException e) {
        throw new CertificateException(e);
    }
}
Also used : JcaX509ExtensionUtils(org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils) KeyPurposeId(org.bouncycastle.asn1.x509.KeyPurposeId) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) KeyUsage(org.bouncycastle.asn1.x509.KeyUsage) ExtendedKeyUsage(org.bouncycastle.asn1.x509.ExtendedKeyUsage) CertificateException(java.security.cert.CertificateException) X500Name(org.bouncycastle.asn1.x500.X500Name) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) CertIOException(org.bouncycastle.cert.CertIOException) Date(java.util.Date) X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) OperatorCreationException(org.bouncycastle.operator.OperatorCreationException) BasicConstraints(org.bouncycastle.asn1.x509.BasicConstraints) ExtendedKeyUsage(org.bouncycastle.asn1.x509.ExtendedKeyUsage)

Example 33 with Extension

use of org.openecard.bouncycastle.asn1.x509.Extension in project nifi by apache.

the class OcspCertificateValidatorTest method generateCertificate.

/**
 * Generates a signed certificate with a specific keypair.
 *
 * @param dn      the DN
 * @param keyPair the public key will be included in the certificate and the the private key is used to sign the certificate
 * @return the certificate
 * @throws IOException               if an exception occurs
 * @throws NoSuchAlgorithmException  if an exception occurs
 * @throws CertificateException      if an exception occurs
 * @throws NoSuchProviderException   if an exception occurs
 * @throws SignatureException        if an exception occurs
 * @throws InvalidKeyException       if an exception occurs
 * @throws OperatorCreationException if an exception occurs
 */
private static X509Certificate generateCertificate(String dn, KeyPair keyPair) throws IOException, NoSuchAlgorithmException, CertificateException, NoSuchProviderException, SignatureException, InvalidKeyException, OperatorCreationException {
    PrivateKey privateKey = keyPair.getPrivate();
    ContentSigner sigGen = new JcaContentSignerBuilder(SIGNATURE_ALGORITHM).setProvider(PROVIDER).build(privateKey);
    SubjectPublicKeyInfo subPubKeyInfo = SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded());
    Date startDate = new Date(YESTERDAY);
    Date endDate = new Date(ONE_YEAR_FROM_NOW);
    X509v3CertificateBuilder certBuilder = new X509v3CertificateBuilder(new X500Name(dn), BigInteger.valueOf(System.currentTimeMillis()), startDate, endDate, new X500Name(dn), subPubKeyInfo);
    // Set certificate extensions
    // (1) digitalSignature extension
    certBuilder.addExtension(X509Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyEncipherment | KeyUsage.dataEncipherment | KeyUsage.keyAgreement));
    // (2) extendedKeyUsage extension
    Vector<KeyPurposeId> ekUsages = new Vector<>();
    ekUsages.add(KeyPurposeId.id_kp_clientAuth);
    ekUsages.add(KeyPurposeId.id_kp_serverAuth);
    certBuilder.addExtension(X509Extension.extendedKeyUsage, false, new ExtendedKeyUsage(ekUsages));
    // Sign the certificate
    X509CertificateHolder certificateHolder = certBuilder.build(sigGen);
    return new JcaX509CertificateConverter().setProvider(PROVIDER).getCertificate(certificateHolder);
}
Also used : PrivateKey(java.security.PrivateKey) KeyPurposeId(org.bouncycastle.asn1.x509.KeyPurposeId) JcaContentSignerBuilder(org.bouncycastle.operator.jcajce.JcaContentSignerBuilder) ContentSigner(org.bouncycastle.operator.ContentSigner) ExtendedKeyUsage(org.bouncycastle.asn1.x509.ExtendedKeyUsage) KeyUsage(org.bouncycastle.asn1.x509.KeyUsage) X500Name(org.bouncycastle.asn1.x500.X500Name) SubjectPublicKeyInfo(org.bouncycastle.asn1.x509.SubjectPublicKeyInfo) Date(java.util.Date) X509v3CertificateBuilder(org.bouncycastle.cert.X509v3CertificateBuilder) JcaX509CertificateConverter(org.bouncycastle.cert.jcajce.JcaX509CertificateConverter) X509CertificateHolder(org.bouncycastle.cert.X509CertificateHolder) Vector(java.util.Vector) ExtendedKeyUsage(org.bouncycastle.asn1.x509.ExtendedKeyUsage)

Example 34 with Extension

use of org.openecard.bouncycastle.asn1.x509.Extension in project oxTrust by GluuFederation.

the class CopyUtils2 method copy.

/**
	 * Copy data from GluuCustomPerson object to ScimPerson object "Reda"
	 * 
	 * @param source
	 * @param destination
	 * @return
	 * @throws Exception
	 */
public User copy(GluuCustomPerson source, User destination) throws Exception {
    if (source == null) {
        return null;
    }
    if (destination == null) {
        log.trace(" creating a new GluuCustomPerson instant ");
        destination = new User();
    }
    log.trace(" setting ID ");
    if (source.getInum() != null) {
        destination.setId(source.getInum());
    }
    log.trace(" setting userName ");
    if (source.getUid() != null) {
        destination.setUserName(source.getUid());
    }
    log.trace(" setting ExternalID ");
    if (source.getAttribute("oxTrustExternalId") != null) {
        destination.setExternalId(source.getAttribute("oxTrustExternalId"));
    }
    log.trace(" setting givenname ");
    if (source.getGivenName() != null) {
        org.gluu.oxtrust.model.scim2.Name name = new org.gluu.oxtrust.model.scim2.Name();
        name.setGivenName(source.getGivenName());
        if (source.getSurname() != null)
            name.setFamilyName(source.getSurname());
        if (source.getAttribute("middleName") != null)
            name.setMiddleName(source.getAttribute("middleName"));
        /*
			if (source.getAttribute("oxTrustMiddleName") != null)
				name.setMiddleName(source.getAttribute("oxTrustMiddleName"));
			*/
        if (source.getAttribute("oxTrusthonorificPrefix") != null)
            name.setHonorificPrefix(source.getAttribute("oxTrusthonorificPrefix"));
        if (source.getAttribute("oxTrusthonorificSuffix") != null)
            name.setHonorificSuffix(source.getAttribute("oxTrusthonorificSuffix"));
        name.setFormatted(name.getFormatted());
        destination.setName(name);
    }
    log.trace(" getting displayname ");
    if (source.getDisplayName() != null) {
        destination.setDisplayName(source.getDisplayName());
    }
    log.trace(" getting nickname ");
    /*
		if (source.getAttribute("oxTrustNickName") != null) {
			destination.setNickName(source.getAttribute("oxTrustNickName"));
		}
		*/
    if (source.getAttribute("nickname") != null) {
        destination.setNickName(source.getAttribute("nickname"));
    }
    log.trace(" getting profileURL ");
    if (source.getAttribute("oxTrustProfileURL") != null) {
        destination.setProfileUrl(source.getAttribute("oxTrustProfileURL"));
    }
    log.trace(" getting emails ");
    // source = Utils.syncEmailReverse(source, true);
    if (source.getAttributeArray("oxTrustEmail") != null) {
        /*
			String[] emailArray = source.getAttributeArray("oxTrustEmail");
			List<Email> emails = new ArrayList<Email>();

			for (String emailStr : emailArray) {
				Email email = mapper.readValue(emailStr, Email.class);
				emails.add(email);
			}

			// List<Email> listOfEmails = mapper.readValue(source.getAttribute("oxTrustEmail"), new TypeReference<List<Email>>(){});
			// destination.setEmails(listOfEmails);
			*/
        List<Email> emails = getAttributeListValue(source, Email.class, "oxTrustEmail");
        destination.setEmails(emails);
    }
    log.trace(" getting addresses ");
    // getting addresses
    if (source.getAttribute("oxTrustAddresses") != null) {
        List<Address> addresses = getAttributeListValue(source, Address.class, "oxTrustAddresses");
        destination.setAddresses(addresses);
    }
    log.trace(" setting phoneNumber ");
    // getting user's PhoneNumber
    if (source.getAttribute("oxTrustPhoneValue") != null) {
        List<PhoneNumber> phoneNumbers = getAttributeListValue(source, PhoneNumber.class, "oxTrustPhoneValue");
        destination.setPhoneNumbers(phoneNumbers);
    }
    if ((source.getOxPPID()) != null) {
        destination.setPairwiseIdentitifers(source.getOxPPID());
    }
    log.trace(" getting ims ");
    // getting ims
    if (source.getAttribute("oxTrustImsValue") != null) {
        List<Im> ims = getAttributeListValue(source, Im.class, "oxTrustImsValue");
        destination.setIms(ims);
    }
    log.trace(" setting photos ");
    // getting photos
    if (source.getAttribute("oxTrustPhotos") != null) {
        List<Photo> photos = getAttributeListValue(source, Photo.class, "oxTrustPhotos");
        destination.setPhotos(photos);
    }
    log.trace(" setting userType ");
    if (source.getAttribute("oxTrustUserType") != null) {
        destination.setUserType(source.getAttribute("oxTrustUserType"));
    }
    log.trace(" setting title ");
    if (source.getAttribute("oxTrustTitle") != null) {
        destination.setTitle(source.getAttribute("oxTrustTitle"));
    }
    log.trace(" setting Locale ");
    /*
		if (source.getAttribute("oxTrustLocale") != null) {
			destination.setLocale(source.getAttribute("oxTrustLocale"));
		}
		*/
    if (source.getAttribute("locale") != null) {
        destination.setLocale(source.getAttribute("locale"));
    }
    log.trace(" setting preferredLanguage ");
    if (source.getPreferredLanguage() != null) {
        destination.setPreferredLanguage(source.getPreferredLanguage());
    }
    log.trace(" setting timeZone ");
    if (source.getTimezone() != null) {
        destination.setTimezone(source.getTimezone());
    }
    log.trace(" setting active ");
    if (source.getAttribute("oxTrustActive") != null) {
        destination.setActive(Boolean.parseBoolean(source.getAttribute("oxTrustActive")));
    }
    log.trace(" setting password ");
    destination.setPassword("Hidden for Privacy Reasons");
    // getting user groups
    log.trace(" setting  groups ");
    if (source.getMemberOf() != null) {
        List<String> listOfGroups = source.getMemberOf();
        List<GroupRef> groupRefList = new ArrayList<GroupRef>();
        for (String groupDN : listOfGroups) {
            GluuGroup gluuGroup = groupService.getGroupByDn(groupDN);
            GroupRef groupRef = new GroupRef();
            groupRef.setDisplay(gluuGroup.getDisplayName());
            groupRef.setValue(gluuGroup.getInum());
            String reference = appConfiguration.getBaseEndpoint() + "/scim/v2/Groups/" + gluuGroup.getInum();
            groupRef.setReference(reference);
            groupRefList.add(groupRef);
        }
        destination.setGroups(groupRefList);
    }
    // getting roles
    if (source.getAttribute("oxTrustRole") != null) {
        List<Role> roles = getAttributeListValue(source, Role.class, "oxTrustRole");
        destination.setRoles(roles);
    }
    log.trace(" getting entitlements ");
    // getting entitlements
    if (source.getAttribute("oxTrustEntitlements") != null) {
        List<Entitlement> entitlements = getAttributeListValue(source, Entitlement.class, "oxTrustEntitlements");
        destination.setEntitlements(entitlements);
    }
    // getting x509Certificates
    log.trace(" setting certs ");
    if (source.getAttribute("oxTrustx509Certificate") != null) {
        List<X509Certificate> x509Certificates = getAttributeListValue(source, X509Certificate.class, "oxTrustx509Certificate");
        destination.setX509Certificates(x509Certificates);
    }
    log.trace(" setting extensions ");
    // List<GluuAttribute> scimCustomAttributes = attributeService.getSCIMRelatedAttributesImpl(attributeService.getCustomAttributes());
    List<GluuAttribute> scimCustomAttributes = attributeService.getSCIMRelatedAttributes();
    if (scimCustomAttributes != null && !scimCustomAttributes.isEmpty()) {
        Map<String, Extension> extensionMap = new HashMap<String, Extension>();
        Extension.Builder extensionBuilder = new Extension.Builder(Constants.USER_EXT_SCHEMA_ID);
        boolean hasExtension = false;
        outer: for (GluuCustomAttribute customAttribute : source.getCustomAttributes()) {
            for (GluuAttribute scimCustomAttribute : scimCustomAttributes) {
                if (customAttribute.getName().equals(scimCustomAttribute.getName())) {
                    hasExtension = true;
                    GluuAttributeDataType scimCustomAttributeDataType = scimCustomAttribute.getDataType();
                    if ((scimCustomAttribute.getOxMultivaluedAttribute() != null) && scimCustomAttribute.getOxMultivaluedAttribute().equals(OxMultivalued.TRUE)) {
                        extensionBuilder.setFieldAsList(customAttribute.getName(), Arrays.asList(customAttribute.getValues()));
                    } else {
                        if (scimCustomAttributeDataType.equals(GluuAttributeDataType.STRING) || scimCustomAttributeDataType.equals(GluuAttributeDataType.PHOTO)) {
                            String value = ExtensionFieldType.STRING.fromString(customAttribute.getValue());
                            extensionBuilder.setField(customAttribute.getName(), value);
                        } else if (scimCustomAttributeDataType.equals(GluuAttributeDataType.DATE)) {
                            Date value = ExtensionFieldType.DATE_TIME.fromString(customAttribute.getValue());
                            extensionBuilder.setField(customAttribute.getName(), value);
                        } else if (scimCustomAttributeDataType.equals(GluuAttributeDataType.NUMERIC)) {
                            BigDecimal value = ExtensionFieldType.DECIMAL.fromString(customAttribute.getValue());
                            extensionBuilder.setField(customAttribute.getName(), value);
                        }
                    }
                    continue outer;
                }
            }
        }
        if (hasExtension) {
            extensionMap.put(Constants.USER_EXT_SCHEMA_ID, extensionBuilder.build());
            destination.getSchemas().add(Constants.USER_EXT_SCHEMA_ID);
            destination.setExtensions(extensionMap);
        }
    }
    log.trace(" getting meta ");
    Meta meta = (destination.getMeta() != null) ? destination.getMeta() : new Meta();
    if (source.getAttribute("oxTrustMetaVersion") != null) {
        meta.setVersion(source.getAttribute("oxTrustMetaVersion"));
    }
    String location = source.getAttribute("oxTrustMetaLocation");
    if (location != null && !location.isEmpty()) {
        if (!location.startsWith("https://") && !location.startsWith("http://")) {
            location = appConfiguration.getBaseEndpoint() + location;
        }
    } else {
        location = appConfiguration.getBaseEndpoint() + "/scim/v2/Users/" + source.getInum();
    }
    meta.setLocation(location);
    if (source.getAttribute("oxTrustMetaCreated") != null && !source.getAttribute("oxTrustMetaCreated").isEmpty()) {
        try {
            DateTime dateTimeUtc = new DateTime(source.getAttribute("oxTrustMetaCreated"), DateTimeZone.UTC);
            meta.setCreated(dateTimeUtc.toDate());
        } catch (Exception e) {
            log.error(" Date parse exception (NEW format), continuing...", e);
            // For backward compatibility
            try {
                meta.setCreated(new SimpleDateFormat("EEE MMM dd HH:mm:ss zzz yyyy").parse(source.getAttribute("oxTrustMetaCreated")));
            } catch (Exception ex) {
                log.error(" Date parse exception (OLD format)", ex);
            }
        }
    }
    if (source.getAttribute("oxTrustMetaLastModified") != null && !source.getAttribute("oxTrustMetaLastModified").isEmpty()) {
        try {
            DateTime dateTimeUtc = new DateTime(source.getAttribute("oxTrustMetaLastModified"), DateTimeZone.UTC);
            meta.setLastModified(dateTimeUtc.toDate());
        } catch (Exception e) {
            log.error(" Date parse exception (NEW format), continuing...", e);
            // For backward compatibility
            try {
                meta.setLastModified(new SimpleDateFormat("EEE MMM dd HH:mm:ss zzz yyyy").parse(source.getAttribute("oxTrustMetaLastModified")));
            } catch (Exception ex) {
                log.error(" Date parse exception (OLD format)", ex);
            }
        }
    }
    destination.setMeta(meta);
    return destination;
}
Also used : Meta(org.gluu.oxtrust.model.scim2.Meta) User(org.gluu.oxtrust.model.scim2.User) Email(org.gluu.oxtrust.model.scim2.Email) Address(org.gluu.oxtrust.model.scim2.Address) Im(org.gluu.oxtrust.model.scim2.Im) HashMap(java.util.HashMap) ArrayList(java.util.ArrayList) Photo(org.gluu.oxtrust.model.scim2.Photo) DateTime(org.joda.time.DateTime) GluuCustomAttribute(org.gluu.oxtrust.model.GluuCustomAttribute) GluuAttributeDataType(org.xdi.model.GluuAttributeDataType) GluuGroup(org.gluu.oxtrust.model.GluuGroup) X509Certificate(org.gluu.oxtrust.model.scim2.X509Certificate) Date(java.util.Date) BigDecimal(java.math.BigDecimal) JsonGenerationException(org.codehaus.jackson.JsonGenerationException) PersonRequiredFieldsException(org.gluu.oxtrust.exception.PersonRequiredFieldsException) JsonMappingException(org.codehaus.jackson.map.JsonMappingException) IOException(java.io.IOException) DuplicateEntryException(org.gluu.site.ldap.exception.DuplicateEntryException) GluuAttribute(org.xdi.model.GluuAttribute) GluuUserRole(org.xdi.model.GluuUserRole) Role(org.gluu.oxtrust.model.scim2.Role) Extension(org.gluu.oxtrust.model.scim2.Extension) PhoneNumber(org.gluu.oxtrust.model.scim2.PhoneNumber) GroupRef(org.gluu.oxtrust.model.scim2.GroupRef) Entitlement(org.gluu.oxtrust.model.scim2.Entitlement) SimpleDateFormat(java.text.SimpleDateFormat)

Example 35 with Extension

use of org.openecard.bouncycastle.asn1.x509.Extension in project oxTrust by GluuFederation.

the class PatchUtil method addPatch.

public GluuCustomPerson addPatch(User source, GluuCustomPerson destination) throws Exception {
    if (source == null) {
        return null;
    }
    if (destination == null) {
        log.trace(" creating a new GluuCustomPerson instant ");
        destination = new GluuCustomPerson();
    }
    log.trace(" setting schemas ");
    destination.setSchemas(source.getSchemas());
    personService.addCustomObjectClass(destination);
    // getting emails
    log.trace(" setting emails ");
    if (source.getEmails() != null && source.getEmails().size() > 0) {
        List<Email> emails = copyUtils2.getAttributeListValue(destination, Email.class, "oxTrustEmail");
        if (emails == null) {
            emails = new ArrayList<Email>();
        }
        emails.addAll(source.getEmails());
        copyUtils2.setAttributeListValue(destination, emails, "oxTrustEmail");
    }
    // getting addresses
    log.trace(" setting addresses ");
    if (source.getAddresses() != null && source.getAddresses().size() > 0) {
        List<Address> addresses = copyUtils2.getAttributeListValue(destination, Address.class, "oxTrustAddresses");
        if (addresses == null) {
            addresses = new ArrayList<Address>();
        }
        addresses.addAll(source.getAddresses());
        copyUtils2.setAttributeListValue(destination, addresses, "oxTrustAddresses");
    }
    // getting phone numbers;
    log.trace(" setting phoneNumbers ");
    if (source.getPhoneNumbers() != null && source.getPhoneNumbers().size() > 0) {
        List<PhoneNumber> phoneNumbers = copyUtils2.getAttributeListValue(destination, PhoneNumber.class, "oxTrustPhoneValue");
        if (phoneNumbers == null) {
            phoneNumbers = new ArrayList<PhoneNumber>();
        }
        phoneNumbers.addAll(source.getPhoneNumbers());
        copyUtils2.setAttributeListValue(destination, phoneNumbers, "oxTrustPhoneValue");
    }
    // getting ims
    log.trace(" setting ims ");
    if (source.getIms() != null && source.getIms().size() > 0) {
        List<Im> ims = copyUtils2.getAttributeListValue(destination, Im.class, "oxTrustImsValue");
        if (ims == null) {
            ims = new ArrayList<Im>();
        }
        ims.addAll(source.getIms());
        copyUtils2.setAttributeListValue(destination, ims, "oxTrustImsValue");
    }
    // getting Photos
    log.trace(" setting photos ");
    if (source.getPhotos() != null && source.getPhotos().size() > 0) {
        List<Photo> photos = copyUtils2.getAttributeListValue(destination, Photo.class, "oxTrustPhotos");
        if (photos == null) {
            photos = new ArrayList<Photo>();
        }
        photos.addAll(source.getPhotos());
        copyUtils2.setAttributeListValue(destination, photos, "oxTrustPhotos");
    }
    // getting user groups
    log.trace(" setting groups ");
    if (source.getGroups() != null && source.getGroups().size() > 0) {
        List<String> groupsList = destination.getMemberOf();
        List<GroupRef> listGroups = source.getGroups();
        for (GroupRef group : listGroups) {
            String groupToAdd = groupService.getDnForGroup(group.getValue());
            if (groupToAdd != null || !groupToAdd.trim().equalsIgnoreCase("")) {
                groupsList.add(groupToAdd);
            }
        }
        destination.setMemberOf(groupsList);
    }
    // getting roles
    log.trace(" setting roles ");
    if (source.getRoles() != null && source.getRoles().size() > 0) {
        List<Role> roles = copyUtils2.getAttributeListValue(destination, Role.class, "oxTrustRole");
        if (roles == null) {
            roles = new ArrayList<Role>();
        }
        roles.addAll(source.getRoles());
        copyUtils2.setAttributeListValue(destination, roles, "oxTrustRole");
    }
    // getting entitlements
    log.trace(" setting entitlements ");
    if (source.getEntitlements() != null && source.getEntitlements().size() > 0) {
        List<Entitlement> entitlements = copyUtils2.getAttributeListValue(destination, Entitlement.class, "oxTrustEntitlements");
        if (entitlements == null) {
            entitlements = new ArrayList<Entitlement>();
        }
        entitlements.addAll(source.getEntitlements());
        copyUtils2.setAttributeListValue(destination, entitlements, "oxTrustEntitlements");
    }
    // getting x509Certificates
    log.trace(" setting certs ");
    if (source.getX509Certificates() != null && source.getX509Certificates().size() > 0) {
        List<X509Certificate> X509Certificates = copyUtils2.getAttributeListValue(destination, X509Certificate.class, "oxTrustx509Certificate");
        if (X509Certificates == null) {
            X509Certificates = new ArrayList<X509Certificate>();
        }
        X509Certificates.addAll(source.getX509Certificates());
        copyUtils2.setAttributeListValue(destination, X509Certificates, "oxTrustx509Certificate");
    }
    log.trace(" setting extensions ");
    if (source.getExtensions() != null && (source.getExtensions().size() > 0)) {
        Map<String, Extension> destMap = destination.fetchExtensions();
        if (destMap == null) {
            destMap = new HashMap<String, Extension>();
        }
        destMap.putAll(source.getExtensions());
        destination.setExtensions(destMap);
    }
    if (source.isActive() != null) {
        copyUtils2.setGluuStatus(source, destination);
    }
    return destination;
}
Also used : Email(org.gluu.oxtrust.model.scim2.Email) Address(org.gluu.oxtrust.model.scim2.Address) Im(org.gluu.oxtrust.model.scim2.Im) Photo(org.gluu.oxtrust.model.scim2.Photo) GluuCustomPerson(org.gluu.oxtrust.model.GluuCustomPerson) X509Certificate(org.gluu.oxtrust.model.scim2.X509Certificate) Role(org.gluu.oxtrust.model.scim2.Role) Extension(org.gluu.oxtrust.model.scim2.Extension) PhoneNumber(org.gluu.oxtrust.model.scim2.PhoneNumber) GroupRef(org.gluu.oxtrust.model.scim2.GroupRef) Entitlement(org.gluu.oxtrust.model.scim2.Entitlement)

Aggregations

Extension (org.bouncycastle.asn1.x509.Extension)70 IOException (java.io.IOException)57 CRLDistPoint (org.bouncycastle.asn1.x509.CRLDistPoint)48 DistributionPoint (org.bouncycastle.asn1.x509.DistributionPoint)42 ASN1ObjectIdentifier (org.bouncycastle.asn1.ASN1ObjectIdentifier)40 X509Certificate (java.security.cert.X509Certificate)39 ArrayList (java.util.ArrayList)39 Extensions (org.bouncycastle.asn1.x509.Extensions)38 ASN1Sequence (org.bouncycastle.asn1.ASN1Sequence)36 Enumeration (java.util.Enumeration)35 DEROctetString (org.bouncycastle.asn1.DEROctetString)35 IssuingDistributionPoint (org.bouncycastle.asn1.x509.IssuingDistributionPoint)34 HashSet (java.util.HashSet)31 CertPathValidatorException (java.security.cert.CertPathValidatorException)29 List (java.util.List)29 ExtCertPathValidatorException (org.bouncycastle.jce.exception.ExtCertPathValidatorException)29 GeneralSecurityException (java.security.GeneralSecurityException)28 CertificateExpiredException (java.security.cert.CertificateExpiredException)28 CertificateNotYetValidException (java.security.cert.CertificateNotYetValidException)28 CertPathBuilderException (java.security.cert.CertPathBuilderException)26