Search in sources :

Example 1 with SAMLObjectContentReference

use of org.opensaml.common.impl.SAMLObjectContentReference in project product-is by wso2.

the class SAML2SSOTestBase method setSignature.

/**
 * Add Signature to SAML POST request
 *
 * @param request SAML authentication request.
 * @param signatureAlgorithm Signature Algorithm.
 * @param digestAlgorithm Digest algorithm to be used while digesting message.
 * @param includeCert Whether to include certificate in request or not.
 * @throws Exception
 */
protected void setSignature(RequestAbstractType request, String signatureAlgorithm, String digestAlgorithm, boolean includeCert, X509Credential x509Credential) throws Exception {
    doBootstrap();
    if (StringUtils.isEmpty(signatureAlgorithm)) {
        signatureAlgorithm = XMLSignature.ALGO_ID_SIGNATURE_RSA;
    }
    if (StringUtils.isEmpty(digestAlgorithm)) {
        digestAlgorithm = XML_DIGEST_ALGORITHM_SHA1;
    }
    Signature signature = (Signature) buildXMLObject(Signature.DEFAULT_ELEMENT_NAME);
    signature.setSigningCredential(x509Credential);
    signature.setSignatureAlgorithm(signatureAlgorithm);
    signature.setCanonicalizationAlgorithm(Canonicalizer.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
    if (includeCert) {
        KeyInfo keyInfo = (KeyInfo) buildXMLObject(KeyInfo.DEFAULT_ELEMENT_NAME);
        X509Data data = (X509Data) buildXMLObject(X509Data.DEFAULT_ELEMENT_NAME);
        org.opensaml.xml.signature.X509Certificate cert = (org.opensaml.xml.signature.X509Certificate) buildXMLObject(org.opensaml.xml.signature.X509Certificate.DEFAULT_ELEMENT_NAME);
        String value = null;
        value = org.apache.xml.security.utils.Base64.encode(x509Credential.getEntityCertificate().getEncoded());
        cert.setValue(value);
        data.getX509Certificates().add(cert);
        keyInfo.getX509Datas().add(data);
        signature.setKeyInfo(keyInfo);
    }
    request.setSignature(signature);
    ((SAMLObjectContentReference) signature.getContentReferences().get(0)).setDigestAlgorithm(digestAlgorithm);
    List<Signature> signatureList = new ArrayList<Signature>();
    signatureList.add(signature);
    // Marshall and Sign
    MarshallerFactory marshallerFactory = org.opensaml.xml.Configuration.getMarshallerFactory();
    Marshaller marshaller = marshallerFactory.getMarshaller(request);
    marshaller.marshall(request);
    org.apache.xml.security.Init.init();
    Signer.signObjects(signatureList);
}
Also used : Marshaller(org.opensaml.xml.io.Marshaller) ArrayList(java.util.ArrayList) X509Data(org.opensaml.xml.signature.X509Data) MarshallerFactory(org.opensaml.xml.io.MarshallerFactory) KeyInfo(org.opensaml.xml.signature.KeyInfo) XMLSignature(org.apache.xml.security.signature.XMLSignature) Signature(org.opensaml.xml.signature.Signature) SAMLObjectContentReference(org.opensaml.common.impl.SAMLObjectContentReference)

Aggregations

ArrayList (java.util.ArrayList)1 XMLSignature (org.apache.xml.security.signature.XMLSignature)1 SAMLObjectContentReference (org.opensaml.common.impl.SAMLObjectContentReference)1 Marshaller (org.opensaml.xml.io.Marshaller)1 MarshallerFactory (org.opensaml.xml.io.MarshallerFactory)1 KeyInfo (org.opensaml.xml.signature.KeyInfo)1 Signature (org.opensaml.xml.signature.Signature)1 X509Data (org.opensaml.xml.signature.X509Data)1