Examples with EntityDescriptorImpl org.opensaml.saml2.metadata.impl.EntityDescriptorImpl used on opensource projects

Search in sources :

Example 1 with EntityDescriptorImpl

use of org.opensaml.saml2.metadata.impl.EntityDescriptorImpl in project OpenUnison by TremoloSecurity.

the class OpenUnisonUtils method exportSPMetaData.

private static void exportSPMetaData(Options options, CommandLine cmd, TremoloType tt, KeyStore ks) throws Exception, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateEncodingException, MarshallingException {
    logger.info("Finding mechanism...");
    String mechanismName = loadOption(cmd, "mechanismName", options);
    MechanismType saml2Mech = loadMechanismType(mechanismName, tt);
    logger.info("...found");
    logger.info("Finding chain...");
    String chainName = loadOption(cmd, "chainName", options);
    AuthChainType act = loadChainType(chainName, tt);
    logger.info("Looking for correct mechanism on the chain...");
    AuthMechType currentMechanism = null;
    for (AuthMechType amt : act.getAuthMech()) {
        if (amt.getName().equalsIgnoreCase(mechanismName)) {
            currentMechanism = amt;
            break;
        }
    }
    if (currentMechanism == null) {
        System.err.println("Unknown chain on mechanism");
        System.exit(1);
    }
    InitializationService.initialize();
    logger.info("loading url base");
    String urlBase = loadOption(cmd, "urlBase", options);
    String url = urlBase + saml2Mech.getUri();
    SecureRandom random = new SecureRandom();
    byte[] idBytes = new byte[20];
    random.nextBytes(idBytes);
    String id = "f" + Hex.encodeHexString(idBytes);
    EntityDescriptorBuilder edb = new EntityDescriptorBuilder();
    EntityDescriptorImpl ed = (EntityDescriptorImpl) edb.buildObject();
    ed.setID(id);
    ed.setEntityID(url);
    SPSSODescriptorBuilder spb = new SPSSODescriptorBuilder();
    SPSSODescriptorImpl sp = (SPSSODescriptorImpl) spb.buildObject();
    ed.getRoleDescriptors().add(sp);
    HashMap<String, ParamWithValueType> params = new HashMap<String, ParamWithValueType>();
    for (ParamWithValueType pt : currentMechanism.getParams().getParam()) {
        params.put(pt.getName(), pt);
    }
    boolean assertionsSigned = params.get("assertionsSigned") != null && params.get("assertionsSigned").getValue().equalsIgnoreCase("true");
    sp.setWantAssertionsSigned(assertionsSigned);
    sp.addSupportedProtocol("urn:oasis:names:tc:SAML:2.0:protocol");
    SingleLogoutServiceBuilder slsb = new SingleLogoutServiceBuilder();
    SingleLogoutService sls = slsb.buildObject();
    sls.setLocation(url);
    sls.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect");
    sp.getSingleLogoutServices().add(sls);
    sls = slsb.buildObject();
    sls.setLocation(url);
    sls.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
    sp.getSingleLogoutServices().add(sls);
    AssertionConsumerServiceBuilder acsb = new AssertionConsumerServiceBuilder();
    AssertionConsumerService acs = acsb.buildObject();
    acs.setLocation(url);
    acs.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
    acs.setIndex(0);
    acs.setIsDefault(true);
    sp.getAssertionConsumerServices().add(acs);
    acs = acsb.buildObject();
    acs.setLocation(url);
    acs.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect");
    acs.setIndex(1);
    sp.getAssertionConsumerServices().add(acs);
    if (params.get("spSigKey") != null && !params.get("spSigKey").getValue().isEmpty()) {
        String alias = params.get("spSigKey").getValue();
        X509Certificate certFromKS = (X509Certificate) ks.getCertificate(alias);
        if (certFromKS == null) {
            throw new Exception("Certificate '" + params.get("spSigKey").getValue() + "' not found");
        }
        PrivateKey keyFromKS = (PrivateKey) ks.getKey(alias, tt.getKeyStorePassword().toCharArray());
        KeyDescriptorBuilder kdb = new KeyDescriptorBuilder();
        KeyDescriptor kd = kdb.buildObject();
        kd.setUse(UsageType.SIGNING);
        KeyInfoBuilder kib = new KeyInfoBuilder();
        KeyInfo ki = kib.buildObject();
        X509DataBuilder x509b = new X509DataBuilder();
        X509Data x509 = x509b.buildObject();
        X509CertificateBuilder certb = new X509CertificateBuilder();
        org.opensaml.xmlsec.signature.X509Certificate cert = certb.buildObject();
        cert.setValue(new String(Base64.encode(certFromKS.getEncoded())));
        x509.getX509Certificates().add(cert);
        ki.getX509Datas().add(x509);
        kd.setKeyInfo(ki);
        sp.getKeyDescriptors().add(kd);
    }
    if (params.get("spEncKey") != null && !params.get("spEncKey").getValue().isEmpty()) {
        String alias = params.get("spEncKey").getValue();
        X509Certificate certFromKS = (X509Certificate) ks.getCertificate(alias);
        if (certFromKS == null) {
            throw new Exception("Certificate '" + params.get("spEncKey").getValue() + "' not found");
        }
        PrivateKey keyFromKS = (PrivateKey) ks.getKey(alias, tt.getKeyStorePassword().toCharArray());
        KeyDescriptorBuilder kdb = new KeyDescriptorBuilder();
        KeyDescriptor kd = kdb.buildObject();
        kd.setUse(UsageType.ENCRYPTION);
        KeyInfoBuilder kib = new KeyInfoBuilder();
        KeyInfo ki = kib.buildObject();
        X509DataBuilder x509b = new X509DataBuilder();
        X509Data x509 = x509b.buildObject();
        X509CertificateBuilder certb = new X509CertificateBuilder();
        org.opensaml.xmlsec.signature.X509Certificate cert = certb.buildObject();
        cert.setValue(new String(Base64.encode(certFromKS.getEncoded())));
        x509.getX509Certificates().add(cert);
        ki.getX509Datas().add(x509);
        kd.setKeyInfo(ki);
        sp.getKeyDescriptors().add(kd);
    }
    EntityDescriptorMarshaller marshaller = new EntityDescriptorMarshaller();
    // Marshall the Subject
    Element assertionElement = marshaller.marshall(ed);
    String xml = net.shibboleth.utilities.java.support.xml.SerializeSupport.prettyPrintXML(assertionElement);
    logger.info(xml);
}
Also used : PrivateKey(java.security.PrivateKey) SPSSODescriptorBuilder(org.opensaml.saml.saml2.metadata.impl.SPSSODescriptorBuilder) HashMap(java.util.HashMap) KeyInfoBuilder(org.opensaml.xmlsec.signature.impl.KeyInfoBuilder) KeyDescriptor(org.opensaml.saml.saml2.metadata.KeyDescriptor) JAXBElement(javax.xml.bind.JAXBElement) Element(org.w3c.dom.Element) EntityDescriptorMarshaller(org.opensaml.saml.saml2.metadata.impl.EntityDescriptorMarshaller) X509Data(org.opensaml.xmlsec.signature.X509Data) EntityDescriptorBuilder(org.opensaml.saml.saml2.metadata.impl.EntityDescriptorBuilder) X509DataBuilder(org.opensaml.xmlsec.signature.impl.X509DataBuilder) KeyInfo(org.opensaml.xmlsec.signature.KeyInfo) SingleLogoutServiceBuilder(org.opensaml.saml.saml2.metadata.impl.SingleLogoutServiceBuilder) MechanismType(com.tremolosecurity.config.xml.MechanismType) AssertionConsumerService(org.opensaml.saml.saml2.metadata.AssertionConsumerService) ParamWithValueType(com.tremolosecurity.config.xml.ParamWithValueType) AuthChainType(com.tremolosecurity.config.xml.AuthChainType) EntityDescriptorImpl(org.opensaml.saml.saml2.metadata.impl.EntityDescriptorImpl) SingleLogoutService(org.opensaml.saml.saml2.metadata.SingleLogoutService) AssertionConsumerServiceBuilder(org.opensaml.saml.saml2.metadata.impl.AssertionConsumerServiceBuilder) X509CertificateBuilder(org.opensaml.xmlsec.signature.impl.X509CertificateBuilder) AuthMechType(com.tremolosecurity.config.xml.AuthMechType) SecureRandom(java.security.SecureRandom) X509Certificate(java.security.cert.X509Certificate) KeyStoreException(java.security.KeyStoreException) SignatureException(org.opensaml.xmlsec.signature.support.SignatureException) SecurityException(org.opensaml.security.SecurityException) UnmarshallingException(org.opensaml.core.xml.io.UnmarshallingException) NoSuchAlgorithmException(java.security.NoSuchAlgorithmException) CertificateEncodingException(java.security.cert.CertificateEncodingException) MarshallingException(org.opensaml.core.xml.io.MarshallingException) IOException(java.io.IOException) Base64DecodingException(org.apache.xml.security.exceptions.Base64DecodingException) ServletException(javax.servlet.ServletException) PropertyException(javax.xml.bind.PropertyException) JAXBException(javax.xml.bind.JAXBException) FileNotFoundException(java.io.FileNotFoundException) SAXException(org.xml.sax.SAXException) UnrecoverableKeyException(java.security.UnrecoverableKeyException) CertificateException(java.security.cert.CertificateException) ParserConfigurationException(javax.xml.parsers.ParserConfigurationException) SPSSODescriptorImpl(org.opensaml.saml.saml2.metadata.impl.SPSSODescriptorImpl) KeyDescriptorBuilder(org.opensaml.saml.saml2.metadata.impl.KeyDescriptorBuilder)

Example 2 with EntityDescriptorImpl

use of org.opensaml.saml2.metadata.impl.EntityDescriptorImpl in project MaxKey by dromara.

the class MetadataDescriptorUtil method getEntityDescriptor.

// public void bootstrap() throws ConfigurationException {
// // DefaultBootstrap.bootstrap();
// }
public EntityDescriptor getEntityDescriptor(File file) throws Exception {
    try {
        FilesystemMetadataProvider filesystemMetadataProvider = new FilesystemMetadataProvider(file);
        // Enable
        filesystemMetadataProvider.setRequireValidMetadata(true);
        // validation
        filesystemMetadataProvider.setParserPool(new BasicParserPool());
        filesystemMetadataProvider.initialize();
        EntityDescriptor entityDescriptor = (EntityDescriptorImpl) filesystemMetadataProvider.getMetadata();
        return entityDescriptor;
    } catch (MetadataProviderException e) {
        logger.error("元数据解析出错", e);
        throw new Exception("元数据文件解析出错", e);
    }
}
Also used : EntityDescriptorImpl(org.opensaml.saml2.metadata.impl.EntityDescriptorImpl) EntityDescriptor(org.opensaml.saml2.metadata.EntityDescriptor) BasicParserPool(org.opensaml.xml.parse.BasicParserPool) FilesystemMetadataProvider(org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider) MetadataProviderException(org.opensaml.saml2.metadata.provider.MetadataProviderException) FileNotFoundException(java.io.FileNotFoundException) XMLParserException(org.opensaml.xml.parse.XMLParserException) UnmarshallingException(org.opensaml.xml.io.UnmarshallingException) MetadataProviderException(org.opensaml.saml2.metadata.provider.MetadataProviderException) ConfigurationException(org.opensaml.xml.ConfigurationException)

Example 3 with EntityDescriptorImpl

use of org.opensaml.saml2.metadata.impl.EntityDescriptorImpl in project MaxKey by dromara.

the class MetadataDescriptorUtil method getEntityDescriptor.

public EntityDescriptor getEntityDescriptor(InputStream inputStream) throws Exception {
    BasicParserPool basicParserPool = new BasicParserPool();
    basicParserPool.setNamespaceAware(true);
    try {
        Document inMetadataDoc = basicParserPool.parse(inputStream);
        Element metadataRoot = inMetadataDoc.getDocumentElement();
        UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
        Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(metadataRoot);
        // unmarshaller.unmarshall(arg0)
        // Unmarshall using the document root element, an EntitiesDescriptor
        // in this case
        XMLObject xMLObject = unmarshaller.unmarshall(metadataRoot);
        EntityDescriptor entityDescriptor = (EntityDescriptorImpl) xMLObject;
        return entityDescriptor;
    } catch (XMLParserException e) {
        logger.error("元数据解析出错", e);
        throw new Exception("元数据文件解析出错", e);
    } catch (UnmarshallingException e) {
        logger.error("元数据解析出错", e);
        throw new Exception("元数据文件解析出错", e);
    }
}
Also used : EntityDescriptorImpl(org.opensaml.saml2.metadata.impl.EntityDescriptorImpl) EntityDescriptor(org.opensaml.saml2.metadata.EntityDescriptor) XMLParserException(org.opensaml.xml.parse.XMLParserException) BasicParserPool(org.opensaml.xml.parse.BasicParserPool) Element(org.w3c.dom.Element) XMLObject(org.opensaml.xml.XMLObject) UnmarshallerFactory(org.opensaml.xml.io.UnmarshallerFactory) Document(org.w3c.dom.Document) Unmarshaller(org.opensaml.xml.io.Unmarshaller) FileNotFoundException(java.io.FileNotFoundException) XMLParserException(org.opensaml.xml.parse.XMLParserException) UnmarshallingException(org.opensaml.xml.io.UnmarshallingException) MetadataProviderException(org.opensaml.saml2.metadata.provider.MetadataProviderException) ConfigurationException(org.opensaml.xml.ConfigurationException) UnmarshallingException(org.opensaml.xml.io.UnmarshallingException)

Example 4 with EntityDescriptorImpl

use of org.opensaml.saml2.metadata.impl.EntityDescriptorImpl in project MaxKey by dromara.

the class MetadataDescriptorUtil method getEntityDescriptor.

// from dom
public EntityDescriptor getEntityDescriptor(Element elementMetadata) throws Exception {
    try {
        DOMMetadataProvider dOMMetadataProvider = new DOMMetadataProvider(elementMetadata);
        // Enable
        dOMMetadataProvider.setRequireValidMetadata(true);
        // validation
        dOMMetadataProvider.setParserPool(new BasicParserPool());
        dOMMetadataProvider.initialize();
        EntityDescriptor entityDescriptor = (EntityDescriptorImpl) dOMMetadataProvider.getMetadata();
        return entityDescriptor;
    } catch (MetadataProviderException e) {
        logger.error("元数据解析出错", e);
        throw new Exception("元数据解析出错", e);
    }
}
Also used : EntityDescriptorImpl(org.opensaml.saml2.metadata.impl.EntityDescriptorImpl) EntityDescriptor(org.opensaml.saml2.metadata.EntityDescriptor) DOMMetadataProvider(org.opensaml.saml2.metadata.provider.DOMMetadataProvider) BasicParserPool(org.opensaml.xml.parse.BasicParserPool) MetadataProviderException(org.opensaml.saml2.metadata.provider.MetadataProviderException) FileNotFoundException(java.io.FileNotFoundException) XMLParserException(org.opensaml.xml.parse.XMLParserException) UnmarshallingException(org.opensaml.xml.io.UnmarshallingException) MetadataProviderException(org.opensaml.saml2.metadata.provider.MetadataProviderException) ConfigurationException(org.opensaml.xml.ConfigurationException)

Aggregations

FileNotFoundException (java.io.FileNotFoundException)4 EntityDescriptor (org.opensaml.saml2.metadata.EntityDescriptor)3 EntityDescriptorImpl (org.opensaml.saml2.metadata.impl.EntityDescriptorImpl)3 MetadataProviderException (org.opensaml.saml2.metadata.provider.MetadataProviderException)3 ConfigurationException (org.opensaml.xml.ConfigurationException)3 UnmarshallingException (org.opensaml.xml.io.UnmarshallingException)3 BasicParserPool (org.opensaml.xml.parse.BasicParserPool)3 XMLParserException (org.opensaml.xml.parse.XMLParserException)3 AuthChainType (com.tremolosecurity.config.xml.AuthChainType)1 AuthMechType (com.tremolosecurity.config.xml.AuthMechType)1 MechanismType (com.tremolosecurity.config.xml.MechanismType)1 ParamWithValueType (com.tremolosecurity.config.xml.ParamWithValueType)1 IOException (java.io.IOException)1 KeyStoreException (java.security.KeyStoreException)1 NoSuchAlgorithmException (java.security.NoSuchAlgorithmException)1 PrivateKey (java.security.PrivateKey)1 SecureRandom (java.security.SecureRandom)1 UnrecoverableKeyException (java.security.UnrecoverableKeyException)1 CertificateEncodingException (java.security.cert.CertificateEncodingException)1 CertificateException (java.security.cert.CertificateException)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial