Search in sources :

Example 6 with SPSSODescriptor

use of org.opensaml.saml.saml2.metadata.SPSSODescriptor in project ddf by codice.

the class SamlProtocol method createSpMetadata.

public static EntityDescriptor createSpMetadata(String entityId, String signingCert, String encryptionCert, String singleLogOutLocation, String assertionConsumerServiceLocationRedirect, String assertionConsumerServiceLocationPost) {
    EntityDescriptor entityDescriptor = entityDescriptorBuilder.buildObject();
    entityDescriptor.setEntityID(entityId);
    SPSSODescriptor spSsoDescriptor = spSsoDescriptorBuilder.buildObject();
    //signing
    KeyDescriptor signingKeyDescriptor = keyDescriptorBuilder.buildObject();
    signingKeyDescriptor.setUse(UsageType.SIGNING);
    KeyInfo signingKeyInfo = keyInfoBuilder.buildObject(KeyInfo.DEFAULT_ELEMENT_NAME);
    X509Data signingX509Data = x509DataBuilder.buildObject(X509Data.DEFAULT_ELEMENT_NAME);
    X509Certificate signingX509Certificate = x509CertificateBuilder.buildObject(X509Certificate.DEFAULT_ELEMENT_NAME);
    signingX509Certificate.setValue(signingCert);
    signingX509Data.getX509Certificates().add(signingX509Certificate);
    signingKeyInfo.getX509Datas().add(signingX509Data);
    signingKeyDescriptor.setKeyInfo(signingKeyInfo);
    spSsoDescriptor.getKeyDescriptors().add(signingKeyDescriptor);
    //encryption
    KeyDescriptor encKeyDescriptor = keyDescriptorBuilder.buildObject();
    encKeyDescriptor.setUse(UsageType.ENCRYPTION);
    KeyInfo encKeyInfo = keyInfoBuilder.buildObject(KeyInfo.DEFAULT_ELEMENT_NAME);
    X509Data encX509Data = x509DataBuilder.buildObject(X509Data.DEFAULT_ELEMENT_NAME);
    X509Certificate encX509Certificate = x509CertificateBuilder.buildObject(X509Certificate.DEFAULT_ELEMENT_NAME);
    encX509Certificate.setValue(encryptionCert);
    encX509Data.getX509Certificates().add(encX509Certificate);
    encKeyInfo.getX509Datas().add(encX509Data);
    encKeyDescriptor.setKeyInfo(encKeyInfo);
    spSsoDescriptor.getKeyDescriptors().add(encKeyDescriptor);
    if (StringUtils.isNotBlank(singleLogOutLocation)) {
        SingleLogoutService singleLogoutServiceRedirect = singleLogOutServiceBuilder.buildObject();
        singleLogoutServiceRedirect.setBinding(REDIRECT_BINDING);
        singleLogoutServiceRedirect.setLocation(singleLogOutLocation);
        spSsoDescriptor.getSingleLogoutServices().add(singleLogoutServiceRedirect);
        SingleLogoutService singleLogoutServicePost = singleLogOutServiceBuilder.buildObject();
        singleLogoutServicePost.setBinding(POST_BINDING);
        singleLogoutServicePost.setLocation(singleLogOutLocation);
        spSsoDescriptor.getSingleLogoutServices().add(singleLogoutServicePost);
    }
    int acsIndex = 0;
    if (StringUtils.isNotBlank(assertionConsumerServiceLocationRedirect)) {
        AssertionConsumerService assertionConsumerService = assertionConsumerServiceBuilder.buildObject();
        assertionConsumerService.setBinding(REDIRECT_BINDING);
        assertionConsumerService.setIndex(acsIndex++);
        assertionConsumerService.setLocation(assertionConsumerServiceLocationRedirect);
        spSsoDescriptor.getAssertionConsumerServices().add(assertionConsumerService);
    }
    if (StringUtils.isNotBlank(assertionConsumerServiceLocationPost)) {
        AssertionConsumerService assertionConsumerService = assertionConsumerServiceBuilder.buildObject();
        assertionConsumerService.setBinding(POST_BINDING);
        assertionConsumerService.setIndex(acsIndex++);
        assertionConsumerService.setLocation(assertionConsumerServiceLocationPost);
        spSsoDescriptor.getAssertionConsumerServices().add(assertionConsumerService);
    }
    spSsoDescriptor.addSupportedProtocol(SUPPORTED_PROTOCOL);
    entityDescriptor.getRoleDescriptors().add(spSsoDescriptor);
    return entityDescriptor;
}
Also used : EntityDescriptor(org.opensaml.saml.saml2.metadata.EntityDescriptor) SPSSODescriptor(org.opensaml.saml.saml2.metadata.SPSSODescriptor) KeyInfo(org.opensaml.xmlsec.signature.KeyInfo) SingleLogoutService(org.opensaml.saml.saml2.metadata.SingleLogoutService) KeyDescriptor(org.opensaml.saml.saml2.metadata.KeyDescriptor) AssertionConsumerService(org.opensaml.saml.saml2.metadata.AssertionConsumerService) X509Data(org.opensaml.xmlsec.signature.X509Data) X509Certificate(org.opensaml.xmlsec.signature.X509Certificate)

Aggregations

SPSSODescriptor (org.opensaml.saml.saml2.metadata.SPSSODescriptor)5 EntityDescriptor (org.opensaml.saml.saml2.metadata.EntityDescriptor)3 EntityIdCriterion (org.opensaml.core.criterion.EntityIdCriterion)2 BindingCriterion (org.opensaml.saml.criterion.BindingCriterion)2 ChainingMetadataResolver (org.opensaml.saml.metadata.resolver.ChainingMetadataResolver)2 AssertionConsumerService (org.opensaml.saml.saml2.metadata.AssertionConsumerService)2 IOException (java.io.IOException)1 StringWriter (java.io.StringWriter)1 DocumentBuilder (javax.xml.parsers.DocumentBuilder)1 DocumentBuilderFactory (javax.xml.parsers.DocumentBuilderFactory)1 ParserConfigurationException (javax.xml.parsers.ParserConfigurationException)1 FactoryConfigurationError (javax.xml.stream.FactoryConfigurationError)1 Transformer (javax.xml.transform.Transformer)1 TransformerException (javax.xml.transform.TransformerException)1 DOMSource (javax.xml.transform.dom.DOMSource)1 StreamResult (javax.xml.transform.stream.StreamResult)1 CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)1 ServerApiException (org.apache.cloudstack.api.ServerApiException)1 SAMLMetaDataResponse (org.apache.cloudstack.api.response.SAMLMetaDataResponse)1 SAMLProviderMetadata (org.apache.cloudstack.saml.SAMLProviderMetadata)1