use of org.opensaml.common.binding.security.IssueInstantRule in project MaxKey by dromara.
the class Saml20AutoConfiguration method issueInstantRule.
/**
* IssueInstantRule.
* @return issueInstantRule
*/
@Bean(name = "issueInstantRule")
public IssueInstantRule issueInstantRule(@Value("${maxkey.saml.v20.issue.instant.check.clock.skew.in.seconds}") int newClockSkew, @Value("${maxkey.saml.v20.issue.instant.check.validity.time.in.seconds}") int newExpires) {
IssueInstantRule decoder = new IssueInstantRule(newClockSkew, newExpires);
decoder.setRequiredRule(true);
return decoder;
}
use of org.opensaml.common.binding.security.IssueInstantRule in project MaxKey by dromara.
the class MetadataGenerator method samlmtest.
@SuppressWarnings({ "unchecked", "rawtypes" })
public void samlmtest() {
try {
KeyStoreLoader keyStoreLoader = new KeyStoreLoader();
keyStoreLoader.setKeystorePassword("secret");
keyStoreLoader.setKeystoreFile(new FileSystemResource("D:/JavaIDE/cert/idp-keystore.jks"));
keyStoreLoader.afterPropertiesSet();
KeyStore trustKeyStore = keyStoreLoader.getKeyStore();
IssueInstantRule issueInstantRule = new IssueInstantRule(90, 300);
ReplayCache replayCache = new ReplayCache(new MapBasedStorageService(), 14400000);
MessageReplayRule messageReplayRule = new MessageReplayRule(replayCache);
TrustResolver trustResolver = new TrustResolver(trustKeyStore, "idp", keyStoreLoader.getKeystorePassword(), issueInstantRule, messageReplayRule, "POST");
CredentialResolver credentialResolver = (CredentialResolver) trustResolver.getKeyStoreCredentialResolver();
CriteriaSet criteriaSet = new CriteriaSet();
criteriaSet.add(new EntityIDCriteria("idp"));
criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
Credential signingCredential = null;
try {
signingCredential = credentialResolver.resolveSingle(criteriaSet);
} catch (SecurityException e) {
System.out.println("Credential resolve error : " + e);
throw new Exception(e);
}
IDPSSODescriptor descriptor = buildIDPSSODescriptor();
descriptor.getSingleSignOnServices().add(getSingleSignOnService("http://sso.maxkey.org/sso", null));
descriptor.getSingleSignOnServices().add(getSingleSignOnService("http://sso.maxkey.org/sso", SAMLConstants.SAML2_POST_SIMPLE_SIGN_BINDING_URI));
descriptor.getSingleLogoutServices().add(getSingleLogoutService("http://sso.maxkey.org/slo", null));
descriptor.getKeyDescriptors().add(generateEncryptionKeyDescriptor(signingCredential));
descriptor.getKeyDescriptors().add(generateSignKeyDescriptor(signingCredential));
descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.TRANSIENT));
descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.PERSISTENT));
descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.EMAIL));
descriptor.getNameIDFormats().add(generateNameIDFormat(NameIDType.ENTITY));
descriptor.getContactPersons().add(getContactPerson("maxkey", "shi", "ming", "shimingxy@163.com", "18724229876", null));
descriptor.setOrganization(getOrganization("maxkey", "maxkey", "http://sso.maxkey.org"));
String entityId = "http://www.test.com";
EntityDescriptor entityDescriptor = buildEntityDescriptor(entityId, descriptor);
String descriptorelementxml = XMLHelper.prettyPrintXML(marshallerMetadata(entityDescriptor));
System.out.println("descriptor elementxm:\\n");
System.out.println(descriptorelementxml);
logger.info(descriptorelementxml);
} catch (Exception e) {
e.printStackTrace();
}
}
Aggregations