use of org.opensaml.saml.saml2.metadata.SPSSODescriptor in project ddf by codice.
the class SamlProtocol method createSpMetadata.
public static EntityDescriptor createSpMetadata(String entityId, String signingCert, String encryptionCert, String singleLogOutLocation, String assertionConsumerServiceLocationRedirect, String assertionConsumerServiceLocationPost) {
EntityDescriptor entityDescriptor = entityDescriptorBuilder.buildObject();
entityDescriptor.setEntityID(entityId);
SPSSODescriptor spSsoDescriptor = spSsoDescriptorBuilder.buildObject();
//signing
KeyDescriptor signingKeyDescriptor = keyDescriptorBuilder.buildObject();
signingKeyDescriptor.setUse(UsageType.SIGNING);
KeyInfo signingKeyInfo = keyInfoBuilder.buildObject(KeyInfo.DEFAULT_ELEMENT_NAME);
X509Data signingX509Data = x509DataBuilder.buildObject(X509Data.DEFAULT_ELEMENT_NAME);
X509Certificate signingX509Certificate = x509CertificateBuilder.buildObject(X509Certificate.DEFAULT_ELEMENT_NAME);
signingX509Certificate.setValue(signingCert);
signingX509Data.getX509Certificates().add(signingX509Certificate);
signingKeyInfo.getX509Datas().add(signingX509Data);
signingKeyDescriptor.setKeyInfo(signingKeyInfo);
spSsoDescriptor.getKeyDescriptors().add(signingKeyDescriptor);
//encryption
KeyDescriptor encKeyDescriptor = keyDescriptorBuilder.buildObject();
encKeyDescriptor.setUse(UsageType.ENCRYPTION);
KeyInfo encKeyInfo = keyInfoBuilder.buildObject(KeyInfo.DEFAULT_ELEMENT_NAME);
X509Data encX509Data = x509DataBuilder.buildObject(X509Data.DEFAULT_ELEMENT_NAME);
X509Certificate encX509Certificate = x509CertificateBuilder.buildObject(X509Certificate.DEFAULT_ELEMENT_NAME);
encX509Certificate.setValue(encryptionCert);
encX509Data.getX509Certificates().add(encX509Certificate);
encKeyInfo.getX509Datas().add(encX509Data);
encKeyDescriptor.setKeyInfo(encKeyInfo);
spSsoDescriptor.getKeyDescriptors().add(encKeyDescriptor);
if (StringUtils.isNotBlank(singleLogOutLocation)) {
SingleLogoutService singleLogoutServiceRedirect = singleLogOutServiceBuilder.buildObject();
singleLogoutServiceRedirect.setBinding(REDIRECT_BINDING);
singleLogoutServiceRedirect.setLocation(singleLogOutLocation);
spSsoDescriptor.getSingleLogoutServices().add(singleLogoutServiceRedirect);
SingleLogoutService singleLogoutServicePost = singleLogOutServiceBuilder.buildObject();
singleLogoutServicePost.setBinding(POST_BINDING);
singleLogoutServicePost.setLocation(singleLogOutLocation);
spSsoDescriptor.getSingleLogoutServices().add(singleLogoutServicePost);
}
int acsIndex = 0;
if (StringUtils.isNotBlank(assertionConsumerServiceLocationRedirect)) {
AssertionConsumerService assertionConsumerService = assertionConsumerServiceBuilder.buildObject();
assertionConsumerService.setBinding(REDIRECT_BINDING);
assertionConsumerService.setIndex(acsIndex++);
assertionConsumerService.setLocation(assertionConsumerServiceLocationRedirect);
spSsoDescriptor.getAssertionConsumerServices().add(assertionConsumerService);
}
if (StringUtils.isNotBlank(assertionConsumerServiceLocationPost)) {
AssertionConsumerService assertionConsumerService = assertionConsumerServiceBuilder.buildObject();
assertionConsumerService.setBinding(POST_BINDING);
assertionConsumerService.setIndex(acsIndex++);
assertionConsumerService.setLocation(assertionConsumerServiceLocationPost);
spSsoDescriptor.getAssertionConsumerServices().add(assertionConsumerService);
}
spSsoDescriptor.addSupportedProtocol(SUPPORTED_PROTOCOL);
entityDescriptor.getRoleDescriptors().add(spSsoDescriptor);
return entityDescriptor;
}
Aggregations