Examples with BasicCredential org.opensaml.security.credential.BasicCredential used on opensource projects

Search in sources :

Example 1 with BasicCredential

use of org.opensaml.security.credential.BasicCredential in project cas by apereo.

the class SamlIdPObjectSigner method getResolvedSigningCredential.

private AbstractCredential getResolvedSigningCredential(final Credential c, final PrivateKey privateKey, final SamlRegisteredService service) {
    final SamlIdPProperties samlIdp = casProperties.getAuthn().getSamlIdp();
    try {
        final SamlIdPResponseProperties.SignatureCredentialTypes credType = SamlIdPResponseProperties.SignatureCredentialTypes.valueOf(StringUtils.defaultIfBlank(service.getSigningCredentialType(), samlIdp.getResponse().getCredentialType().name()).toUpperCase());
        LOGGER.debug("Requested credential type [{}] is found for service [{}]", credType, service);
        switch(credType) {
            case BASIC:
                LOGGER.debug("Building basic credential signing key [{}] based on requested credential type", credType);
                return new BasicCredential(c.getPublicKey(), privateKey);
            case X509:
            default:
                if (c instanceof BasicX509Credential) {
                    final X509Certificate certificate = BasicX509Credential.class.cast(c).getEntityCertificate();
                    LOGGER.debug("Locating signature signing certificate from credential [{}]", CertUtils.toString(certificate));
                    return new BasicX509Credential(certificate, privateKey);
                }
                final Resource signingCert = samlIdPMetadataLocator.getSigningCertificate();
                LOGGER.debug("Locating signature signing certificate file from [{}]", signingCert);
                final X509Certificate certificate = SamlUtils.readCertificate(signingCert);
                return new BasicX509Credential(certificate, privateKey);
        }
    } catch (final Exception e) {
        LOGGER.error(e.getMessage(), e);
    }
    return null;
}
Also used : SamlIdPResponseProperties(org.apereo.cas.configuration.model.support.saml.idp.SamlIdPResponseProperties) SamlIdPProperties(org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties) BasicX509Credential(org.opensaml.security.x509.BasicX509Credential) Resource(org.springframework.core.io.Resource) FileSystemResource(org.springframework.core.io.FileSystemResource) X509Certificate(java.security.cert.X509Certificate) SamlException(org.apereo.cas.support.saml.SamlException) SAMLException(org.opensaml.saml.common.SAMLException) BasicCredential(org.opensaml.security.credential.BasicCredential)

Example 2 with BasicCredential

use of org.opensaml.security.credential.BasicCredential in project spring-security by spring-projects.

the class TestOpenSamlObjects method getEncrypter.

private static Encrypter getEncrypter(X509Certificate certificate) {
    String dataAlgorithm = XMLCipherParameters.AES_256;
    String keyAlgorithm = XMLCipherParameters.RSA_1_5;
    BasicCredential dataCredential = new BasicCredential(SECRET_KEY);
    DataEncryptionParameters dataEncryptionParameters = new DataEncryptionParameters();
    dataEncryptionParameters.setEncryptionCredential(dataCredential);
    dataEncryptionParameters.setAlgorithm(dataAlgorithm);
    Credential credential = CredentialSupport.getSimpleCredential(certificate, null);
    KeyEncryptionParameters keyEncryptionParameters = new KeyEncryptionParameters();
    keyEncryptionParameters.setEncryptionCredential(credential);
    keyEncryptionParameters.setAlgorithm(keyAlgorithm);
    Encrypter encrypter = new Encrypter(dataEncryptionParameters, keyEncryptionParameters);
    Encrypter.KeyPlacement keyPlacement = Encrypter.KeyPlacement.valueOf("PEER");
    encrypter.setKeyPlacement(keyPlacement);
    return encrypter;
}
Also used : Encrypter(org.opensaml.saml.saml2.encryption.Encrypter) KeyEncryptionParameters(org.opensaml.xmlsec.encryption.support.KeyEncryptionParameters) BasicCredential(org.opensaml.security.credential.BasicCredential) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) Credential(org.opensaml.security.credential.Credential) XSString(org.opensaml.core.xml.schema.XSString) DataEncryptionParameters(org.opensaml.xmlsec.encryption.support.DataEncryptionParameters) BasicCredential(org.opensaml.security.credential.BasicCredential)

Example 3 with BasicCredential

use of org.opensaml.security.credential.BasicCredential in project spring-security by spring-projects.

the class TestOpenSamlObjects method getSigningCredential.

static Credential getSigningCredential(Saml2X509Credential credential, String entityId) {
    BasicCredential cred = getBasicCredential(credential);
    cred.setEntityId(entityId);
    cred.setUsageType(UsageType.SIGNING);
    return cred;
}
Also used : BasicCredential(org.opensaml.security.credential.BasicCredential)

Example 4 with BasicCredential

use of org.opensaml.security.credential.BasicCredential in project spring-security by spring-projects.

the class OpenSamlSigningUtils method resolveSigningCredentials.

private static List<Credential> resolveSigningCredentials(RelyingPartyRegistration relyingPartyRegistration) {
    List<Credential> credentials = new ArrayList<>();
    for (Saml2X509Credential x509Credential : relyingPartyRegistration.getSigningX509Credentials()) {
        X509Certificate certificate = x509Credential.getCertificate();
        PrivateKey privateKey = x509Credential.getPrivateKey();
        BasicCredential credential = CredentialSupport.getSimpleCredential(certificate, privateKey);
        credential.setEntityId(relyingPartyRegistration.getEntityId());
        credential.setUsageType(UsageType.SIGNING);
        credentials.add(credential);
    }
    return credentials;
}
Also used : BasicCredential(org.opensaml.security.credential.BasicCredential) Credential(org.opensaml.security.credential.Credential) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) PrivateKey(java.security.PrivateKey) ArrayList(java.util.ArrayList) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) X509Certificate(java.security.cert.X509Certificate) BasicCredential(org.opensaml.security.credential.BasicCredential)

Example 5 with BasicCredential

use of org.opensaml.security.credential.BasicCredential in project spring-security by spring-projects.

the class OpenSamlSigningUtils method resolveSigningCredentials.

private static List<Credential> resolveSigningCredentials(RelyingPartyRegistration relyingPartyRegistration) {
    List<Credential> credentials = new ArrayList<>();
    for (Saml2X509Credential x509Credential : relyingPartyRegistration.getSigningX509Credentials()) {
        X509Certificate certificate = x509Credential.getCertificate();
        PrivateKey privateKey = x509Credential.getPrivateKey();
        BasicCredential credential = CredentialSupport.getSimpleCredential(certificate, privateKey);
        credential.setEntityId(relyingPartyRegistration.getEntityId());
        credential.setUsageType(UsageType.SIGNING);
        credentials.add(credential);
    }
    return credentials;
}
Also used : BasicCredential(org.opensaml.security.credential.BasicCredential) Credential(org.opensaml.security.credential.Credential) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) PrivateKey(java.security.PrivateKey) ArrayList(java.util.ArrayList) Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential) X509Certificate(java.security.cert.X509Certificate) BasicCredential(org.opensaml.security.credential.BasicCredential)

Aggregations

BasicCredential (org.opensaml.security.credential.BasicCredential)19 Credential (org.opensaml.security.credential.Credential)6 PrivateKey (java.security.PrivateKey)5 X509Certificate (java.security.cert.X509Certificate)5 ArrayList (java.util.ArrayList)5 Saml2X509Credential (org.springframework.security.saml2.core.Saml2X509Credential)5 Response (javax.ws.rs.core.Response)4 Test (org.junit.jupiter.api.Test)4 lombok.val (lombok.val)3 BasicX509Credential (org.opensaml.security.x509.BasicX509Credential)3 SamlAuthnResponseTranslatorDto (uk.gov.ida.hub.samlengine.contracts.SamlAuthnResponseTranslatorDto)3 SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto (uk.gov.ida.integrationtest.hub.samlengine.builders.SamlAuthnResponseTranslatorDtoBuilder.aSamlAuthnResponseTranslatorDto)3 HardCodedKeyStore (uk.gov.ida.saml.core.test.HardCodedKeyStore)3 SamlException (org.apereo.cas.support.saml.SamlException)2 DecrypterFactory (uk.gov.ida.saml.security.DecrypterFactory)2 PublicKey (java.security.PublicKey)1 CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)1 WSSecurityException (org.apache.wss4j.common.ext.WSSecurityException)1 SamlIdPProperties (org.apereo.cas.configuration.model.support.saml.idp.SamlIdPProperties)1 SamlIdPResponseProperties (org.apereo.cas.configuration.model.support.saml.idp.SamlIdPResponseProperties)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial