Search in sources :

Example 1 with SignatureValidationConfigurationCriterion

use of org.opensaml.xmlsec.criterion.SignatureValidationConfigurationCriterion in project cas by apereo.

the class SamlObjectSignatureValidator method getSigningCredential.

private Credential getSigningCredential(final RoleDescriptorResolver resolver, final RequestAbstractType profileRequest) {
    try {
        final MetadataCredentialResolver kekCredentialResolver = new MetadataCredentialResolver();
        final SignatureValidationConfiguration config = getSignatureValidationConfiguration();
        kekCredentialResolver.setRoleDescriptorResolver(resolver);
        kekCredentialResolver.setKeyInfoCredentialResolver(DefaultSecurityConfigurationBootstrap.buildBasicInlineKeyInfoCredentialResolver());
        kekCredentialResolver.initialize();
        final CriteriaSet criteriaSet = new CriteriaSet();
        criteriaSet.add(new SignatureValidationConfigurationCriterion(config));
        criteriaSet.add(new UsageCriterion(UsageType.SIGNING));
        buildEntityCriteriaForSigningCredential(profileRequest, criteriaSet);
        return kekCredentialResolver.resolveSingle(criteriaSet);
    } catch (final Exception e) {
        throw Throwables.propagate(e);
    }
}
Also used : UsageCriterion(org.opensaml.security.criteria.UsageCriterion) CriteriaSet(net.shibboleth.utilities.java.support.resolver.CriteriaSet) MetadataCredentialResolver(org.opensaml.saml.security.impl.MetadataCredentialResolver) BasicSignatureValidationConfiguration(org.opensaml.xmlsec.impl.BasicSignatureValidationConfiguration) SignatureValidationConfiguration(org.opensaml.xmlsec.SignatureValidationConfiguration) SignatureValidationConfigurationCriterion(org.opensaml.xmlsec.criterion.SignatureValidationConfigurationCriterion) SamlException(org.apereo.cas.support.saml.SamlException)

Aggregations

CriteriaSet (net.shibboleth.utilities.java.support.resolver.CriteriaSet)1 SamlException (org.apereo.cas.support.saml.SamlException)1 MetadataCredentialResolver (org.opensaml.saml.security.impl.MetadataCredentialResolver)1 UsageCriterion (org.opensaml.security.criteria.UsageCriterion)1 SignatureValidationConfiguration (org.opensaml.xmlsec.SignatureValidationConfiguration)1 SignatureValidationConfigurationCriterion (org.opensaml.xmlsec.criterion.SignatureValidationConfigurationCriterion)1 BasicSignatureValidationConfiguration (org.opensaml.xmlsec.impl.BasicSignatureValidationConfiguration)1